retpoline/module: do not enable IBRS/IPBP if SPEC_CTRL_IBRS_ADMIN_DISABLED/SPEC_CTRL_IBPB_ADMIN_DISABLED is set
The retpoline fallback code in disable_retpoline() attempts to enable
the Spectre IBRS and IPBP mitigations by calling set_ibrs_inuse() and
set_ibpb_inuse(). SPEC_CTRL_IBRS_INUSE should not be set unless
SPEC_CTRL_IBRS_SUPPORTED is set and SPEC_CTRL_IBRS_ADMIN_DISABLED is not
set. Otherwise, the kernel boot parameter noibrs, which sets
SPEC_CTRL_IBRS_ADMIN_DISABLED, is ignored and IBRS is incorrectly
enabled during retpoline fallback.
Same for set_ibpb_inuse(): it should respect
SPEC_CTRL_IBPB_ADMIN_DISABLED.
Orabug:
27625353
Signed-off-by: Chuck Anderson <chuck.anderson@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
projects / users / jedix / linux-maple.git / commit