www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Patrick Colp <patrick.colp@oracle.com>
	Tue, 28 Aug 2018 23:22:41 +0000 (16:22 -0700)
committer	Brian Maly <brian.maly@oracle.com>
	Wed, 19 Sep 2018 00:30:14 +0000 (20:30 -0400)
commit	6a9757c562b36e32798b3e69a22295cd55ef8a69
tree	2ecb58a5c5cf941c9513aa3846ff0913ff4bbdcf	tree
parent	a1cfcb4e4773c13a7260e5d7bad47859dd938e9e	commit \| diff

x86/spec_ctrl: Only set SPEC_CTRL_IBRS_FIRMWARE if IBRS is actually in use

Currently the SPEC_CTRL_IBRS_FIRMWARE flag always gets set as long as
IBRS is supported by the hardware. However, as best as can be determined
by the documention, if IBRS has been disabled (e.g., spectre_v2=off) then
SPEC_CTRL_IBRS_FIRMWARE should not be set:

nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2
(indirect branch prediction) vulnerability. System may
allow data leaks with this option, which is equivalent
to spectre_v2=off.

and:

spectre_v2= [X86] Control mitigation of Spectre variant 2
(indirect branch speculation) vulnerability.

off - unconditionally disable

Add a check in set_ibrs_firmware() to only set SPEC_CTRL_IBRS_FIRMWARE if
ibrs_disabled is not also set.

Orabug: 28274907

Signed-off-by: Patrick Colp <patrick.colp@oracle.com>
Reviewed-by: Kanth Ghatraju <kanth.ghatraju@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>