Avoid an ABI change for SRBDS

Adding the x86_cpu_id::steppings field is an ABI change.  It doesn't
seem worth the trouble of another ABI bump just to be able to report
some potential future CPU steppings as invulnerable.  Until we have
other change that require an ABI bump, we'll match the affected models
regardless of stepping.

Keep the reverted patch in the queue so that the reverting patch will
continue to be applied when we rebase onto a new stable update.

debian/changelog

@@ -2,12 +2,12 @@ linux (4.19.118-2+deb10u1) UNRELEASED; urgency=medium
 
   * [x86] Add support for mitigation of Special Register Buffer Data Sampling
     (SRBDS) (CVE-2020-0543):
-    - x86/cpu: Add a steppings field to struct x86_cpu_id
     - x86/cpu: Add 'table' argument to cpu_matches()
     - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
       mitigation
     - x86/speculation: Add SRBDS vulnerability and mitigation documentation
     - x86/speculation: Add Ivy Bridge to affected list
+  * [x86] speculation: Do not match steppings, to avoid an ABI change
 
  -- Ben Hutchings <benh@debian.org>  Tue, 05 May 2020 02:03:59 +0100
 

debian/patches/debian/abi/revert-x86-cpu-add-a-steppings-field-to-struct-x86_cpu_id.patch

@@ -0,0 +1,99 @@
+From: Ben Hutchings <benh@debian.org>
+Date: Tue, 05 May 2020 02:19:23 +0100
+Subject: Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
+Forwarded: not-needed
+
+Adding the x86_cpu_id::steppings field is an ABI change.  It doesn't
+seem worth the trouble of another ABI bump just to be able to report
+some potential future CPU steppings as invulnerable.  Until we have
+other change that require an ABI bump, we'll match the affected models
+regardless of stepping.
+
+---
+--- a/arch/x86/include/asm/cpu_device_id.h
++++ b/arch/x86/include/asm/cpu_device_id.h
+@@ -9,33 +9,6 @@
+ 
+ #include <linux/mod_devicetable.h>
+ 
+-#define X86_STEPPINGS(mins, maxs)    GENMASK(maxs, mins)
+-
+-/**
+- * X86_MATCH_VENDOR_FAM_MODEL_STEPPINGS_FEATURE - Base macro for CPU matching
+- * @_vendor:	The vendor name, e.g. INTEL, AMD, HYGON, ..., ANY
+- *		The name is expanded to X86_VENDOR_@_vendor
+- * @_family:	The family number or X86_FAMILY_ANY
+- * @_model:	The model number, model constant or X86_MODEL_ANY
+- * @_steppings:	Bitmask for steppings, stepping constant or X86_STEPPING_ANY
+- * @_feature:	A X86_FEATURE bit or X86_FEATURE_ANY
+- * @_data:	Driver specific data or NULL. The internal storage
+- *		format is unsigned long. The supplied value, pointer
+- *		etc. is casted to unsigned long internally.
+- *
+- * Backport version to keep the SRBDS pile consistant. No shorter variants
+- * required for this.
+- */
+-#define X86_MATCH_VENDOR_FAM_MODEL_STEPPINGS_FEATURE(_vendor, _family, _model, \
+-						    _steppings, _feature, _data) { \
+-	.vendor		= X86_VENDOR_##_vendor,				\
+-	.family		= _family,					\
+-	.model		= _model,					\
+-	.steppings	= _steppings,					\
+-	.feature	= _feature,					\
+-	.driver_data	= (unsigned long) _data				\
+-}
+-
+ extern const struct x86_cpu_id *x86_match_cpu(const struct x86_cpu_id *match);
+ 
+ #endif
+--- a/arch/x86/kernel/cpu/match.c
++++ b/arch/x86/kernel/cpu/match.c
+@@ -34,18 +34,13 @@ const struct x86_cpu_id *x86_match_cpu(c
+ 	const struct x86_cpu_id *m;
+ 	struct cpuinfo_x86 *c = &boot_cpu_data;
+ 
+-	for (m = match;
+-	     m->vendor | m->family | m->model | m->steppings | m->feature;
+-	     m++) {
++	for (m = match; m->vendor | m->family | m->model | m->feature; m++) {
+ 		if (m->vendor != X86_VENDOR_ANY && c->x86_vendor != m->vendor)
+ 			continue;
+ 		if (m->family != X86_FAMILY_ANY && c->x86 != m->family)
+ 			continue;
+ 		if (m->model != X86_MODEL_ANY && c->x86_model != m->model)
+ 			continue;
+-		if (m->steppings != X86_STEPPING_ANY &&
+-		    !(BIT(c->x86_stepping) & m->steppings))
+-			continue;
+ 		if (m->feature != X86_FEATURE_ANY && !cpu_has(c, m->feature))
+ 			continue;
+ 		return m;
+--- a/include/linux/mod_devicetable.h
++++ b/include/linux/mod_devicetable.h
+@@ -621,10 +621,6 @@ struct mips_cdmm_device_id {
+ /*
+  * MODULE_DEVICE_TABLE expects this struct to be called x86cpu_device_id.
+  * Although gcc seems to ignore this error, clang fails without this define.
+- *
+- * Note: The ordering of the struct is different from upstream because the
+- * static initializers in kernels < 5.7 still use C89 style while upstream
+- * has been converted to proper C99 initializers.
+  */
+ #define x86cpu_device_id x86_cpu_id
+ struct x86_cpu_id {
+@@ -633,7 +629,6 @@ struct x86_cpu_id {
+ 	__u16 model;
+ 	__u16 feature;	/* bit index */
+ 	kernel_ulong_t driver_data;
+-	__u16 steppings;
+ };
+ 
+ #define X86_FEATURE_MATCH(x) \
+@@ -642,7 +637,6 @@ struct x86_cpu_id {
+ #define X86_VENDOR_ANY 0xffff
+ #define X86_FAMILY_ANY 0
+ #define X86_MODEL_ANY  0
+-#define X86_STEPPING_ANY 0
+ #define X86_FEATURE_ANY 0	/* Same as FPU, you can't test for that */
+ 
+ /*

debian/patches/debian/abi/x86-speculation-do-not-match-steppings.patch

@@ -0,0 +1,27 @@
+From: Ben Hutchings <benh@debian.org>
+Date: Tue, 05 May 2020 02:09:56 +0100
+Subject: x86/speculation: Do not match steppings
+Forwarded: not-needed
+
+Adding the x86_cpu_id::steppings field is an ABI change.  It doesn't
+seem worth the trouble of another ABI bump just to be able to report
+some potential future CPU steppings as invulnerable.  Until we have
+other change that require an ABI bump, match the affected models
+regardless of stepping.
+
+---
+--- a/arch/x86/kernel/cpu/common.c
++++ b/arch/x86/kernel/cpu/common.c
+@@ -1013,10 +1013,8 @@ static const __initconst struct x86_cpu_
+ 	{}
+ };
+ 
+-#define VULNBL_INTEL_STEPPINGS(model, steppings, issues)		   \
+-	X86_MATCH_VENDOR_FAM_MODEL_STEPPINGS_FEATURE(INTEL, 6,		   \
+-					    INTEL_FAM6_##model, steppings, \
+-					    X86_FEATURE_ANY, issues)
++#define VULNBL_INTEL_STEPPINGS(model, steppings, issues)     \
++	VULNWL_INTEL(model, issues)
+ 
+ #define SRBDS		BIT(0)
+ 

debian/patches/series

@@ -307,3 +307,5 @@ bugfix/x86/srbds/0004-x86-speculation-Add-SRBDS-vulnerability-and-mitigati.patch
 bugfix/x86/srbds/0005-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch
 
 # ABI maintenance
+debian/abi/x86-speculation-do-not-match-steppings.patch
+debian/abi/revert-x86-cpu-add-a-steppings-field-to-struct-x86_cpu_id.patch