x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup

Clear IBRS when cpu is offlined and set it when bringing it back online.

Orabug: 27344012
CVE: CVE-2017-5715

Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: John Haxby <john.haxby@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>

diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index 757546dffb0bb495266c7ecded5bcef2ce2be508..9495f5efdf87434b6e10623b4c10ec21ba9e8020 100644 (file)
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -76,6 +76,7 @@
 #include <asm/i8259.h>
 #include <asm/realmode.h>
 #include <asm/misc.h>
+#include <asm/microcode.h>
 
 /* Number of siblings per CPU package */
 int smp_num_siblings = 1;
@@ -1504,9 +1505,15 @@ void native_play_dead(void)
        play_dead_common();
        tboot_shutdown(TB_SHUTDOWN_WFS);
 
+       if (boot_cpu_has(X86_FEATURE_SPEC_CTRL))
+               native_wrmsrl(MSR_IA32_SPEC_CTRL, 0);
+
        mwait_play_dead();      /* Only returns on failure */
        if (cpuidle_play_dead())
                hlt_play_dead();
+
+       if (boot_cpu_has(X86_FEATURE_SPEC_CTRL))
+               native_wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS);
 }
 
 #else /* ... !CONFIG_HOTPLUG_CPU */