www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
	Tue, 6 Nov 2018 04:55:04 +0000 (23:55 -0500)
committer	Brian Maly <brian.maly@oracle.com>
	Wed, 2 Jan 2019 18:09:07 +0000 (13:09 -0500)
commit	1595b274da51609255e6d5c0a735a3796b103c6e
tree	ec1963d63f1dd44a5d291b0a28d3ebfc14aa6c8b	tree
parent	547420519556bbe71c8e16af0c668c0aadf818eb	commit \| diff

x86/speculation: Make enhanced IBRS the default spectre v2 mitigation

Currently we use retpoline as the default spectre v2 mitigation.
On future processors that support the capability, enhanced IBRS
will be the default, and otherwise retpoline will be used.

From the upstream patch at:
https://lore.kernel.org/lkml/1533148945-24095-1-git-send-email-sai.praneeth.prakhya@intel.com/

"The reason why Enhanced IBRS is the recommended mitigation on
processors which support it is that these processors also support
CET which provides a defense against ROP attacks. Retpoline is
very similar to ROP techniques and might trigger false positives
in the CET defense."

Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
Co-developed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
(cherry picked from commit 79bb6288902479281622b4ba0d6723d45732a2cc from UEK5)

Orabug: 28474851

Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Conflicts:
arch/x86/kernel/cpu/bugs.c
(In UEK4, the relevant code is in arch/x86/kernel/cpu/bugs_64.c)

Signed-off-by: Brian Maly <brian.maly@oracle.com>