Bug 22580

Summary: retpoline Flag is gone
Product: Mageia Reporter: Dieter Schütze <dieter>
Component: RPM PackagesAssignee: Kernel and Drivers maintainers <kernel>
Status: RESOLVED INVALID QA Contact:
Severity: major    
Priority: Normal CC: marja11, tmb
Version: 6   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: kernel-4.14.18-1.mga6 CVE:
Status comment:

Description Dieter Schütze 2018-02-12 08:09:36 CET
after update to kernel-4.14.18-1.mga6 the retpoline flag is gone.
feature (gcc) or bug ?

uname -a:
Linux ........ 4.14.18-server-1.mga6 #1 SMP Thu Feb 8 00:24:26 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

cat /proc/cpuinfo:

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 63
model name      : Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz
stepping        : 2
microcode       : 0x3b
cpu MHz         : 1200.055
cache size      : 15360 KB
physical id     : 0
siblings        : 12
core id         : 0
cpu cores       : 6
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 15
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm cpuid_fault epb invpcid_single pti intel_ppin tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid cqm xsaveopt cqm_llc cqm_occup_llc dtherm ida arat pln pts
bugs            : cpu_meltdown spectre_v1 spectre_v2
bogomips        : 4799.55
clflush size    : 64
cache_alignment : 64
address sizes   : 46 bits physical, 48 bits virtual
power management:

processor       : 1
vendor_id       : GenuineIntel
cpu family      : 6
model           : 63
model name      : Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz
stepping        : 2
microcode       : 0x3b
cpu MHz         : 1200.075
cache size      : 15360 KB
cache size      : 15360 KB
physical id     : 0
siblings        : 12
core id         : 1
cpu cores       : 6
apicid          : 2
initial apicid  : 2
fpu             : yes
fpu_exception   : yes
cpuid level     : 15
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm cpuid_fault epb invpcid_single pti intel_ppin tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid cqm xsaveopt cqm_llc cqm_occup_llc dtherm ida arat pln pts
bugs            : cpu_meltdown spectre_v1 spectre_v2
bogomips        : 4799.55
clflush size    : 64
cache_alignment : 64
address sizes   : 46 bits physical, 48 bits virtual
power management:
.......................... and so on for all other kernels

Regards
Dieter
Comment 1 Thomas Backlund 2018-02-12 09:00:22 CET
iirc its intended...

you can check the status with:

dmesg |grep -i retpoline

or on all vulns:

grep . /sys/devices/system/cpu/vulnerabilities/*

CC: (none) => tmb

Comment 2 Marja Van Waes 2018-02-12 12:09:58 CET
(In reply to Thomas Backlund from comment #1)
> iirc its intended...
> 
There's a lot of "retpoline" in https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.18 which I fail to understand

There is this thread: https://patchwork.kernel.org/patch/10194215/ 
> Patchwork [RFC] x86/vdso: Remove retpoline flags
But I do not understand what vdso is, can't see the thread reached agreement, etc.

Assignee: bugsquad => kernel
CC: (none) => marja11

Comment 3 Dieter Schütze 2018-02-12 12:38:43 CET
on the server of teh first post
dmesg |grep -i retpoline
[    0.072316] Spectre V2 : Mitigation: Full generic retpoline

grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline


but on another server:
uname -a
Linux ........ 4.14.18-server-1.mga6 #1 SMP Thu Feb 8 00:24:26 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 26
model name      : Intel(R) Xeon(R) CPU           L5520  @ 2.27GHz
stepping        : 5
microcode       : 0x19
cpu MHz         : 2038.813
cache size      : 8192 KB
physical id     : 0
siblings        : 8
core id         : 0
cpu cores       : 4
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 11
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmo
n pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt lahf_lm pti tpr_shadow vnmi flexpri
ority ept vpid dtherm ida
bugs            : cpu_meltdown spectre_v1 spectre_v2
bogomips        : 4533.49
clflush size    : 64
cache_alignment : 64
address sizes   : 40 bits physical, 48 bits virtual
power management:
...... same for all other cores

dmesg |grep -i retpoline
empty   ( why ? )
 
grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline
Comment 4 Thomas Backlund 2018-02-12 12:56:03 CET
(In reply to Marja van Waes from comment #2)
> (In reply to Thomas Backlund from comment #1)
> > iirc its intended...
> > 
> There's a lot of "retpoline" in
> https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.18 which I fail
> to understand

Yeah, sorry, I wasn't clear enough... there is ongoing cleanups for /proc/cpuinfo to not flood cpu flags with various mitigation names as that would soon make it huge and useless... 

hence the new line:
bugs            : cpu_meltdown spectre_v1 spectre_v2 

and:
/sys/devices/system/cpu/vulnerabilities/*

to store the info about the issues and their possible fixes
Comment 5 Thomas Backlund 2018-02-12 12:58:58 CET
(In reply to Dieter Schütze from comment #3)

> 
> but on another server:
> uname -a
> Linux ........ 4.14.18-server-1.mga6 #1 SMP Thu Feb 8 00:24:26 UTC 2018
> x86_64 x86_64 x86_64 GNU/Linux

[...]

> 
> dmesg |grep -i retpoline
> empty   ( why ? )

Interesting... possibly the dmesg buffer has been filled up so not all info is there anymore (its a FIFO buffer)

but this is the valid way to confirm what mitigations are in place:
  
> grep . /sys/devices/system/cpu/vulnerabilities/*
> /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> pointer sanitization
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
> retpoline

So you are all good... :)
Comment 6 Dieter Schütze 2018-02-12 13:02:55 CET
Ok, thank you for the explanation

You can close this

Regards
Dieter
Comment 7 David Walser 2018-02-13 02:53:50 CET
Closing then.

Status: NEW => RESOLVED
Resolution: (none) => INVALID