x86/speculation: Use Indirect Branch Prediction Barrier in context switch

This patch is a subset of the changes in the upstream commit
18bf3c3ea8ece8f03b6fc58508f2dfd23c7711c7. Since we don't have 'ctx_id' in
mm_context_t in UEK4, we can't check whether the context ID of the new
task is the same as that of the previous one. In this patch, we flush indirect
branches when switching into a process that marked itself non-dumpable.

This protects high value processes like gpg better, without having too high
performance overhead.

Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: ak@linux.intel.com
Cc: karahmed@amazon.de
Cc: arjan@linux.intel.com
Cc: torvalds@linux-foundation.org
Cc: linux@dominikbrodowski.net
Cc: peterz@infradead.org
Cc: bp@alien8.de
Cc: luto@kernel.org
Cc: pbonzini@redhat.com
Cc: gregkh@linux-foundation.org
Link: https://lkml.kernel.org/r/1517263487-3708-1-git-send-email-dwmw@amazon.co.uk
Orabug: 27524608
Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
index dd0c56c68faaf3789c0b3fd6b5f4d1bf1ba68402..4d6ed07349759a319740fed3dbdc89123ba5c79c 100644 (file)
--- a/arch/x86/mm/tlb.c
+++ b/arch/x86/mm/tlb.c
@@ -104,12 +104,13 @@ void switch_mm_irqs_off(struct mm_struct *prev, struct mm_struct *next,
 {
        unsigned cpu = smp_processor_id();
 
-       /* Null tsk means switching to kernel, so that's safe */
-       if (ibpb_inuse && tsk &&
-           ___ptrace_may_access(tsk, current, PTRACE_MODE_IBPB))
-               native_wrmsrl(MSR_IA32_PRED_CMD, FEATURE_SET_IBPB);
-
        if (likely(prev != next)) {
+
+               /* Null tsk means switching to kernel, so that's safe */
+               if (ibpb_inuse && tsk &&
+                  get_dumpable(tsk->mm) != SUID_DUMP_USER)
+                       native_wrmsrl(MSR_IA32_PRED_CMD, FEATURE_SET_IBPB);
+
                this_cpu_write(cpu_tlbstate.state, TLBSTATE_OK);
                this_cpu_write(cpu_tlbstate.active_mm, next);
                cpumask_set_cpu(cpu, mm_cpumask(next));