x86/spectre_v2: Add spectre_v2_heuristics=

As we have one already in the tree:
 x86/spectre: Favor IBRS on Skylake over retpoline

But we may want a knob to turn that off altgoether. The
hard to remember spectre_v2_heuristics=off or
spectre_v2_heuristics=skylake=off

will take care of disabling that optimization.

Orabug: 27477743
CVE: CVE-2017-5715
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com>

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index f01453c4a342a2d04f09affc5fbf65de66bb6ca8..7f3662353206048499cdc1b0b211ea129d0f2d48 100644 (file)
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -3515,6 +3515,14 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
                        Not specifying this option is equivalent to
                        spectre_v2=auto.
 
+       spectre_v2_heuristics=
+                       [X86] Control Spectre_v2 variant heuristics.
+
+                       off             - disable all heuristics (see below)
+                       skylake=off     - do not use IBRS if present on Skylake
+                                         instead of retpoline (this is equivalant
+                                         to spectre_v2=ibrs).
+
        spia_io_base=   [HW,MTD]
        spia_fio_base=
        spia_pedr=

diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index d56b3d462f19621bd058e025aea668b0871ee4a7..198bc1a552af597340c1c422f07ac368ea4f56ea 100644 (file)
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -41,6 +41,40 @@ EXPORT_SYMBOL(use_ibpb);
 DEFINE_MUTEX(spec_ctrl_mutex);
 EXPORT_SYMBOL(spec_ctrl_mutex);
 
+bool use_ibrs_on_skylake = true;
+EXPORT_SYMBOL(use_ibrs_on_skylake);
+
+
+int __init spectre_v2_heuristics_setup(char *p)
+{
+       ssize_t len;
+
+       while (*p) {
+               /* Disable all heuristics. */
+               if (!strncmp(p, "off", 3)) {
+                       use_ibrs_on_skylake = false;
+                       break;
+               }
+               len = strlen("skylake");
+               if (!strncmp(p, "skylake", len)) {
+                       p += len;
+                       if (*p == '=')
+                               ++p;
+                       if (*p == '\0')
+                               break;
+                       if (!strncmp(p, "off", 3))
+                               use_ibrs_on_skylake = false;
+               }
+
+               p = strpbrk(p, ",");
+               if (!p)
+                       break;
+               p++; /* skip ',' */
+       }
+       return 1;
+}
+__setup("spectre_v2_heuristics=", spectre_v2_heuristics_setup);
+
 static void __init spectre_v2_select_mitigation(void);
 
 void __init check_bugs(void)
@@ -357,7 +391,8 @@ retpoline_auto:
                         * are forced to use retpoline on Skylake then use that.
                         */
                        if (!retp_compiler() /* prefer IBRS over minimal ASM */ ||
-                           (retp_compiler() && !retpoline_selected(cmd) && is_skylake_era())) {
+                           (retp_compiler() && !retpoline_selected(cmd) &&
+                            is_skylake_era() && use_ibrs_on_skylake)) {
                                mode = SPECTRE_V2_IBRS;
                                /* OK, some form of IBRS is enabled, lets see if we need to STUFF_RSB */
                                if (!boot_cpu_has(X86_FEATURE_SMEP))