Commit f9c6aec2 authored Nov 11, 2024 by Borislav Petkov (AMD) Committed by Greg Kroah-Hartman Sep 25, 2025

x86/bugs: Add SRSO_USER_KERNEL_NO support



commit 87781880 upstream.

If the machine has:

  CPUID Fn8000_0021_EAX[30] (SRSO_USER_KERNEL_NO) -- If this bit is 1,
  it indicates the CPU is not subject to the SRSO vulnerability across
  user/kernel boundaries.

have it fall back to IBPB on VMEXIT only, in the case it is going to run
VMs:

  Speculative Return Stack Overflow: Mitigation: IBPB on VMEXIT only

Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
Link: https://lore.kernel.org/r/20241202120416.6054-2-bp@kernel.org


[ Harshit: Conflicts resolved as this commit: 7c62c442 ("x86/vmscape:
  Enumerate VMSCAPE bug") has been applied already to 6.12.y ]
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 0a3ac13d

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit a34fd739
· Nov 05, 2025

mentioned in commit a34fd739

mentioned in commit a34fd73937bb6e8b14551acc04bec53239d354f7

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit bdc81b76
· Nov 05, 2025

mentioned in commit bdc81b76

mentioned in commit bdc81b76cc3e91b2a805bff546c72244ef2504fd

Toggle commit list

Please to comment