1 files changed, 0 insertions, 140 deletions
diff --git a/debian/patches/bugfix/x86/Documentation-hw-vuln-Add-documentation-for-RFDS.patch b/debian/patches/bugfix/x86/Documentation-hw-vuln-Add-documentation-for-RFDS.patch
deleted file mode 100644
index 781be9709..000000000
--- a/debian/patches/bugfix/x86/Documentation-hw-vuln-Add-documentation-for-RFDS.patch
+++ /dev/null
@@ -1,140 +0,0 @@
-From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
-Date: Mon, 11 Mar 2024 12:29:43 -0700
-Subject: Documentation/hw-vuln: Add documentation for RFDS
-Origin: https://git.kernel.org/linus/4e42765d1be01111df0c0275bbaf1db1acef346e
-
-Add the documentation for transient execution vulnerability Register
-File Data Sampling (RFDS) that affects Intel Atom CPUs.
-
-Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
-Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
-Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
-Acked-by: Josh Poimboeuf <jpoimboe@kernel.org>
----
- Documentation/admin-guide/hw-vuln/index.rst   |   1 +
- .../hw-vuln/reg-file-data-sampling.rst        | 104 ++++++++++++++++++
- 2 files changed, 105 insertions(+)
- create mode 100644 Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst
-
-diff --git a/Documentation/admin-guide/hw-vuln/index.rst b/Documentation/admin-guide/hw-vuln/index.rst
-index de99caabf65a..ff0b440ef2dc 100644
---- a/Documentation/admin-guide/hw-vuln/index.rst
-+++ b/Documentation/admin-guide/hw-vuln/index.rst
-@@ -21,3 +21,4 @@ are configurable at compile, boot or run time.
-    cross-thread-rsb
-    srso
-    gather_data_sampling
-+   reg-file-data-sampling
-diff --git a/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst b/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst
-new file mode 100644
-index 000000000000..0585d02b9a6c
---- /dev/null
-+++ b/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst
-@@ -0,0 +1,104 @@
-+==================================
-+Register File Data Sampling (RFDS)
-+==================================
-+
-+Register File Data Sampling (RFDS) is a microarchitectural vulnerability that
-+only affects Intel Atom parts(also branded as E-cores). RFDS may allow
-+a malicious actor to infer data values previously used in floating point
-+registers, vector registers, or integer registers. RFDS does not provide the
-+ability to choose which data is inferred. CVE-2023-28746 is assigned to RFDS.
-+
-+Affected Processors
-+===================
-+Below is the list of affected Intel processors [#f1]_:
-+
-+   ===================  ============
-+   Common name          Family_Model
-+   ===================  ============
-+   ATOM_GOLDMONT           06_5CH
-+   ATOM_GOLDMONT_D         06_5FH
-+   ATOM_GOLDMONT_PLUS      06_7AH
-+   ATOM_TREMONT_D          06_86H
-+   ATOM_TREMONT            06_96H
-+   ALDERLAKE               06_97H
-+   ALDERLAKE_L             06_9AH
-+   ATOM_TREMONT_L          06_9CH
-+   RAPTORLAKE              06_B7H
-+   RAPTORLAKE_P            06_BAH
-+   ATOM_GRACEMONT          06_BEH
-+   RAPTORLAKE_S            06_BFH
-+   ===================  ============
-+
-+As an exception to this table, Intel Xeon E family parts ALDERLAKE(06_97H) and
-+RAPTORLAKE(06_B7H) codenamed Catlow are not affected. They are reported as
-+vulnerable in Linux because they share the same family/model with an affected
-+part. Unlike their affected counterparts, they do not enumerate RFDS_CLEAR or
-+CPUID.HYBRID. This information could be used to distinguish between the
-+affected and unaffected parts, but it is deemed not worth adding complexity as
-+the reporting is fixed automatically when these parts enumerate RFDS_NO.
-+
-+Mitigation
-+==========
-+Intel released a microcode update that enables software to clear sensitive
-+information using the VERW instruction. Like MDS, RFDS deploys the same
-+mitigation strategy to force the CPU to clear the affected buffers before an
-+attacker can extract the secrets. This is achieved by using the otherwise
-+unused and obsolete VERW instruction in combination with a microcode update.
-+The microcode clears the affected CPU buffers when the VERW instruction is
-+executed.
-+
-+Mitigation points
-+-----------------
-+VERW is executed by the kernel before returning to user space, and by KVM
-+before VMentry. None of the affected cores support SMT, so VERW is not required
-+at C-state transitions.
-+
-+New bits in IA32_ARCH_CAPABILITIES
-+----------------------------------
-+Newer processors and microcode update on existing affected processors added new
-+bits to IA32_ARCH_CAPABILITIES MSR. These bits can be used to enumerate
-+vulnerability and mitigation capability:
-+
-+- Bit 27 - RFDS_NO - When set, processor is not affected by RFDS.
-+- Bit 28 - RFDS_CLEAR - When set, processor is affected by RFDS, and has the
-+  microcode that clears the affected buffers on VERW execution.
-+
-+Mitigation control on the kernel command line
-+---------------------------------------------
-+The kernel command line allows to control RFDS mitigation at boot time with the
-+parameter "reg_file_data_sampling=". The valid arguments are:
-+
-+  ==========  =================================================================
-+  on          If the CPU is vulnerable, enable mitigation; CPU buffer clearing
-+              on exit to userspace and before entering a VM.
-+  off         Disables mitigation.
-+  ==========  =================================================================
-+
-+Mitigation default is selected by CONFIG_MITIGATION_RFDS.
-+
-+Mitigation status information
-+-----------------------------
-+The Linux kernel provides a sysfs interface to enumerate the current
-+vulnerability status of the system: whether the system is vulnerable, and
-+which mitigations are active. The relevant sysfs file is:
-+
-+	/sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling
-+
-+The possible values in this file are:
-+
-+  .. list-table::
-+
-+     * - 'Not affected'
-+       - The processor is not vulnerable
-+     * - 'Vulnerable'
-+       - The processor is vulnerable, but no mitigation enabled
-+     * - 'Vulnerable: No microcode'
-+       - The processor is vulnerable but microcode is not updated.
-+     * - 'Mitigation: Clear Register File'
-+       - The processor is vulnerable and the CPU buffer clearing mitigation is
-+	 enabled.
-+
-+References
-+----------
-+.. [#f1] Affected Processors
-+   https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
--- 
-2.43.0
-