x86/speculation: Dynamic enable and disable of RSB stuffing with IBRS&!SMEP

As IBRS is a dynamic feature, RSB overwrite needs to also be dynamically
activated and disabled with IBRS (if SMEP is not available).

Signed-off-by: William Roche <william.roche@oracle.com>
Co-developed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
(cherry picked from commit fe61cd8181780903b2e092e2079ee09a6eb733d9)

Orabug: 29660924

Signed-off-by: William Roche <william.roche@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Acked-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Conflicts:
	arch/x86/kernel/cpu/bugs.c
	arch/x86/kernel/cpu/spec_ctrl.c
bugs.c vs bugs_64.c in UEK4
spec_ctrl.c code still in bugs_64.c on UEK4

Signed-off-by: Brian Maly <brian.maly@oracle.com>

diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index 5c27c37ee36b9696813893be77c5bd4fc67b232c..688b3a8f2d598aa7b79487747e539aaa812f2fad 100644 (file)
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -573,9 +573,14 @@ void change_spectre_v2_mitigation(enum spectre_v2_mitigation_action action)
                        if (eibrs_supported)
                                spec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL,
                                        x86_spec_ctrl_priv);
+                       if (!boot_cpu_has(X86_FEATURE_SMEP)) {
+                               /* IBRS without SMEP needs RSB overwrite */
+                               rsb_overwrite_enable();
+                       }
                } else {
                        set_ibrs_disabled();
                        if (use_ibrs & SPEC_CTRL_IBRS_SUPPORTED) {
+                               rsb_overwrite_disable();
                                spec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL,
                                                         x86_spec_ctrl_base);
                        }
@@ -735,10 +740,13 @@ static void __init select_ibrs_variant(enum spectre_v2_mitigation *mode)
 static void disable_ibrs_and_friends(bool disable_ibpb)
 {
        set_ibrs_disabled();
-       if (use_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
-               /* Disable IBRS an all cpus */
+       if (use_ibrs & SPEC_CTRL_IBRS_SUPPORTED) {
+               rsb_overwrite_disable();
+               /* Disable IBRS on all cpus */
                spec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL,
                        x86_spec_ctrl_base & ~SPEC_CTRL_FEATURE_ENABLE_IBRS);
+       }
+
        /*
         * We need to use IBPB with retpoline if it is available.
         * Also IBRS for firmware paths.