www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Andrea Arcangeli <aarcange@redhat.com>
	Fri, 15 Dec 2017 00:04:25 +0000 (16:04 -0800)
committer	Kirtikar Kashyap <kirtikar.kashyap@oracle.com>
	Fri, 12 Jan 2018 18:19:55 +0000 (10:19 -0800)
commit	42c22a28024ee8f6695836ae38761bb46b46b73c
tree	200f330c1e8fe3092a0167a552cee19cf470a7d5	tree
parent	dffd3e21c3de9fe426810ac891409a173e00ad02	commit \| diff

x86/spec_ctrl: save IBRS MSR value in paranoid_entry

If the NMI runs while entering kernel between SWAPGS and IBRS_ENABLE
everything is fine, paranoid_entry would have unconditionally set
IBRS bit 0 and when exiting the NMI it would have cleared bit 0 like
if it was returning to userland. IBRS_ENABLE would have then enabled
bit 0 again.

If NMI instead runs when exiting kernel between IBRS_DISABLE and
SWAPGS, the NMI would have turned on IBRS bit 0 and then it would have
left enabled when exiting the NMI. IBRS bit 0 would then be left
enabled in userland until the next enter kernel.

That is a minor inefficiency only, but we can eliminate it by saving
the MSR when entering the NMI in save_paranoid and restoring it when
exiting the NMI.

Orabug: 27344012
CVE: CVE-2017-5715

Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: John Haxby <john.haxby@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>

arch/x86/include/asm/spec_ctrl.h		diff \| blob \| history
arch/x86/kernel/entry_64.S		diff \| blob \| history