[GLK/CLX] Enhanced IBRS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
intel |
Fix Released
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Fix Released
|
Medium
|
Tyler Hicks | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Tyler Hicks | ||
Bionic |
Fix Released
|
Medium
|
Tyler Hicks | ||
Cosmic |
Fix Released
|
Medium
|
Tyler Hicks | ||
Disco |
Fix Released
|
Medium
|
Tyler Hicks |
Bug Description
Description:
[Impact]
Future Intel CPU's like Cascade Lake and GLK+ support Enhanced IBRS. Enhanced IBRS is a H/W mitigation technique for Spectre V2 bug. So, it's important for us to make sure that all the OSV's are using this feature.
The patch that enables kernel support for this feature has been taken by Thomas and it's in TIP tree. So, please back port it to all the OSV's. Please find the patch here: https:/
[Test Case]
For processors that don't support Enhanced IBRS, the test is to ensure that /sys/devices/
"Mitigation: Full generic retpoline, IBPB, IBRS_FW"
New Intel processors that do support Enhanced IBRS will display "Enhanced IBRS" in place of "Full generic retpoline"
[Regression Potential]
Pretty low. The patches are fairly simple and they should only affect new processors. The main concern is around the possibility of regressing IBRS support on processors that don't support Enhanced IBRS
Target Kernel:TBD
Target Release: 19.04
CVE References
summary: |
- [SKL/CLX] Enhanced IBRS + GLK/CLX] Enhanced IBRS |
summary: |
- GLK/CLX] Enhanced IBRS + [GLK/CLX] Enhanced IBRS |
information type: | Private → Public |
description: | updated |
tags: |
added: intel-kernel-19.04 removed: intel-kernel-18.10 |
description: | updated |
Changed in linux (Ubuntu Cosmic): | |
status: | In Progress → Fix Committed |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Bionic): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Xenial): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in intel: | |
status: | Triaged → Fix Released |
since 18.10 will use 4.17. this feature need backporting
git describe 706d51681d636a0 c4a5ef53395ec3b 803e45ed4d 220-g706d51681d 63
v4.18-rc4-