www.infradead.org Git - users/hch/misc.git/commit

author	Linus Torvalds <torvalds@linux-foundation.org>
	Mon, 12 May 2025 00:45:00 +0000 (17:45 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Mon, 12 May 2025 00:45:00 +0000 (17:45 -0700)
commit	627277ba7c2398dc4f95cc9be8222bb2d9477800
tree	b8d35d751139d512520fd9e5a17b9a9db3c4b928	tree
parent	6f5bf947bab06f37ff931c359fd5770c4d9cbf87	commit \| diff
parent	efe676a1a7554219eae0b0dcfe1e0cdcc9ef9aef	commit \| diff

Merge tag 'arm64_cbpf_mitigation_2025_05_08' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull arm64 cBPF BHB mitigation from James Morse:
"This adds the BHB mitigation into the code JITted for cBPF programs as
  these can be loaded by unprivileged users via features like seccomp.

  The existing mechanisms to disable the BHB mitigation will also
  prevent the mitigation being JITted. In addition, cBPF programs loaded
  by processes with the SYS_ADMIN capability are not mitigated as these
  could equally load an eBPF program that does the same thing.

  For good measure, the list of 'k' values for CPU's local mitigations
  is updated from the version on arm's website"

* tag 'arm64_cbpf_mitigation_2025_05_08' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: proton-pack: Add new CPUs 'k' values for branch mitigation
  arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users
  arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
  arm64: proton-pack: Expose whether the branchy loop k value
  arm64: proton-pack: Expose whether the platform is mitigated by firmware
  arm64: insn: Add support for encoding DSB