x86/spectre_v2: Do not disable IBPB when disabling IBRS
Upstream has decided that while IBRS is bad, IBPB is good.
In fact:
18bf3c3ea8ece8f03b6fc58508f2dfd23c7711c7 x86/speculation: Use Indirect Branch Prediction Barrier in context switch
and KVM patches:
15d45071523d89b3fb7372e2135fbd72f6af9506 KVM/x86: Add IBPB support
all use indirect_branch_prediction_barrier().
In our code base the indirect_branch_prediction_barrier
is wrapped with an check:
if (ibpb_inuse)
wrmsrl(MSR_IA32_PRED_CMD, FEATURE_SET_IBPB);
But nonethless we should keep the IBPB disabled on the normal path.
However if folks have choosen 'spectre_v2=off' or 'spectre_v2=none'
then we MUST disable the IBPB.
Orabug:
27477743
CVE: CVE-2017-5715
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com>
projects / users / jedix / linux-maple.git / commit