www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Boris Ostrovsky <boris.ostrovsky@oracle.com>
	Tue, 23 Jan 2018 16:02:41 +0000 (11:02 -0500)
committer	Jack Vogel <jack.vogel@oracle.com>
	Sat, 27 Jan 2018 00:32:30 +0000 (16:32 -0800)
commit	6356581e07921f134124f909e17cdfc52acac139
tree	b461660fe5663408611b9c8b98715d60b1ac3caf	tree
parent	e8d36c971676efa3e316d1c44f6807ce8c9c9725	commit \| diff

x86/IBRS: Remove support for IBRS_ENABLED_USER mode

This mode was added based on our understanding of IBRS_ATT (IBRS
All The Time) described in early versions of Intel documentation.
We assumed that while "basic" IBRS protects kernel from using
predictions created by userland, IBRS_ATT will provide similar
defence between usermode tasks.

This understanding was incorrect.

Instead, IBRS_ATT (also referred to as "Enhanced IBRS") allows the
kernel to write IBRS MSR once, during boot, and never have to write
it again. This is in contrast to basic IBRS where every change of
protection mode required an MSR write, which is somewhat expensive.

Enhanced IBRS is not available on existing processors. Until it
becomes available we remove IBRS_ENABLED_USER.

While doing this also add a test in ibrs_enabled_write() that will
only process input if the mode will actually change.

Orabug: 27448280

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

arch/x86/include/asm/spec_ctrl.h		diff \| blob \| history
arch/x86/kernel/cpu/spec_ctrl.c		diff \| blob \| history