www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
	Sat, 13 Jan 2018 02:05:45 +0000 (21:05 -0500)
committer	Jack Vogel <jack.vogel@oracle.com>
	Sat, 27 Jan 2018 00:36:26 +0000 (16:36 -0800)
commit	4dbe29aabe3aa71dbbd23d39a731800ada836b2f
tree	e79849eebb5ffc7065232c1ff2ba7d2ff0fddec8	tree
parent	ae52f36d01ba97159965bc35005304ebc01ead55	commit \| diff

x86/spec: STUFF_RSB _before_ ENABLE_IBRS

And also we need to STUFF_RSB _before_ calls.

In our case we have a bunch of ENABLE_INTERRUPTS
which are (in objdump):
callq *0x40b379(%rip) <pv_cpu_ops+0x128>

During bootup they do change to 'cld' (on baremetal).

On Xen PV they end up being those calls and STUFF_RSB is still
in effect which means it should be done before those calls are made.

Also the semantics of the IBRS MSR is "If IBRS is set, .. indirect
calls will not allow their predicated target address to be controlled ...
so long as as all RSB entries from previous less privileged prediction
mode are overwritten."

In other words - STUFF_RSB, then ENABLE_IBRS.

Xen hypervisor code follows that religiously and so shall we.

OraBug: 27448169
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Ankur Arora <ankur.a.arora@oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

arch/x86/ia32/ia32entry.S		diff \| blob \| history
arch/x86/kernel/entry_64.S		diff \| blob \| history