x86/rfds: Mitigate Register File Data Sampling (RFDS)
JIRA: https://issues.redhat.com/browse/RHEL-31226
MR: !3961 (merged)
RFDS (Register File Data Sampling - CVE-2023-28746) is a CPU vulnerability that may allow userspace to infer kernel stale data previously used in floating point registers, vector registers and integer registers. RFDS only affects certain Intel Atom processors.
Intel released a microcode update that uses VERW instruction to clear the affected CPU buffers. Unlike MDS, none of the affected cores support SMT.
This MR backports the upstream kernel mitigation to RHEL. New microcode is also needed to complete the mitigation.
Signed-off-by: Waiman Long longman@redhat.com
Edited by Waiman Long