Linux 6.9-rc5 Picking Up Fixes For Intel FRED, BHI & GFNI/VAES Checks
Ahead of the Linux 6.9-rc5 test kernel being released later today, this week's batch of "x86/urgent" fixes were sent out this morning.
Intel FRED was merged for Linux 6.9 as the Flexible Return and Event Delivery (FRED) mechanism coming with future Intel processors. FRED overhauls the process of CPU ring (privilege level) transitions. For Linux 6.9-rc5 there are two FRED fixes: fixing INT80 emulation handling and fixing an incorrect error code printout.
Today's x86/urgent update also has a fix for feature checking around the GFNI, VAES, and VPCLMULQDQ instructions. In particular, they were guarded by having AVX-512 support first albeit not an actual requirement. As explained by Google's Eric Biggers:
These x86 urgent fixes also for the Retpolines code enables the default thunk warning only on relevant configurations. There is also a fix for the BHI Retpoline checks.
These x86/urgent fixes are on their way to the mainline Linux Git codebase ahead of today's Linux 6.9-rc5 release. Linux 6.9 stable is expected to be out by mid-May.
Intel FRED was merged for Linux 6.9 as the Flexible Return and Event Delivery (FRED) mechanism coming with future Intel processors. FRED overhauls the process of CPU ring (privilege level) transitions. For Linux 6.9-rc5 there are two FRED fixes: fixing INT80 emulation handling and fixing an incorrect error code printout.
Today's x86/urgent update also has a fix for feature checking around the GFNI, VAES, and VPCLMULQDQ instructions. In particular, they were guarded by having AVX-512 support first albeit not an actual requirement. As explained by Google's Eric Biggers:
"Fix cpuid_deps[] to list the correct dependencies for GFNI, VAES, and VPCLMULQDQ. These features don't depend on AVX512, and there exist CPUs that support these features but not AVX512. GFNI actually doesn't even depend on AVX.
This prevents GFNI from being unnecessarily disabled if AVX is disabled to mitigate the GDS vulnerability.
This also prevents all three features from being unnecessarily disabled if AVX512VL (or its dependency AVX512F) were to be disabled, but it looks like there isn't any case where this happens anyway."
These x86 urgent fixes also for the Retpolines code enables the default thunk warning only on relevant configurations. There is also a fix for the BHI Retpoline checks.
These x86/urgent fixes are on their way to the mainline Linux Git codebase ahead of today's Linux 6.9-rc5 release. Linux 6.9 stable is expected to be out by mid-May.
Add A Comment