x86/ia32: Move STUFF_RSB And ENABLE_IBRS

The:
x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
x86/enter: Use IBRS on syscall and interrupts
backports put the macros after the ENABLE_INTERRUPTS, but in case
the ENABLE_INTERRUPTS macro unrolls, let put it above it.

Orabug: 27344012
CVE:CVE-2017-5715
Reported-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>

diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S
index eebb13d11c097691ff0bb7c5d42aaf24145d37ca..9d7a93bd8bb1c4e35a5f17788bd594346f9d32f0 100644 (file)
--- a/arch/x86/ia32/ia32entry.S
+++ b/arch/x86/ia32/ia32entry.S
@@ -124,6 +124,10 @@ ENTRY(ia32_sysenter_target)
        SWAPGS_UNSAFE_STACK
        SWITCH_KERNEL_CR3_NO_STACK
        movq    PER_CPU_VAR(cpu_current_top_of_stack), %rsp
+
+       ENABLE_IBRS
+       STUFF_RSB
+
        ENABLE_INTERRUPTS(CLBR_NONE)
 
        /* Zero-extending 32-bit regs, do not remove */
@@ -153,8 +157,6 @@ ENTRY(ia32_sysenter_target)
 
        SAVE_EXTRA_REGS
        CLEAR_R8_TO_R15
-       ENABLE_IBRS
-       STUFF_RSB
 
        /*
         * no need to do an access_ok check here because rbp has been