From: Konrad Rzeszutek Wilk Date: Mon, 5 Feb 2018 19:34:55 +0000 (-0500) Subject: x86/spectre_v2: Add spectre_v2_heuristics= X-Git-Tag: v4.1.12-124.31.3~1144 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=2768230b60c362512f3837db2742706859cd79e5;p=users%2Fjedix%2Flinux-maple.git x86/spectre_v2: Add spectre_v2_heuristics= As we have one already in the tree: x86/spectre: Favor IBRS on Skylake over retpoline But we may want a knob to turn that off altgoether. The hard to remember spectre_v2_heuristics=off or spectre_v2_heuristics=skylake=off will take care of disabling that optimization. Orabug: 27477743 CVE: CVE-2017-5715 Signed-off-by: Konrad Rzeszutek Wilk Reviewed-by: Daniel Jordan --- diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index f01453c4a342..7f3662353206 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -3515,6 +3515,14 @@ bytes respectively. Such letter suffixes can also be entirely omitted. Not specifying this option is equivalent to spectre_v2=auto. + spectre_v2_heuristics= + [X86] Control Spectre_v2 variant heuristics. + + off - disable all heuristics (see below) + skylake=off - do not use IBRS if present on Skylake + instead of retpoline (this is equivalant + to spectre_v2=ibrs). + spia_io_base= [HW,MTD] spia_fio_base= spia_pedr= diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c index d56b3d462f19..198bc1a552af 100644 --- a/arch/x86/kernel/cpu/bugs_64.c +++ b/arch/x86/kernel/cpu/bugs_64.c @@ -41,6 +41,40 @@ EXPORT_SYMBOL(use_ibpb); DEFINE_MUTEX(spec_ctrl_mutex); EXPORT_SYMBOL(spec_ctrl_mutex); +bool use_ibrs_on_skylake = true; +EXPORT_SYMBOL(use_ibrs_on_skylake); + + +int __init spectre_v2_heuristics_setup(char *p) +{ + ssize_t len; + + while (*p) { + /* Disable all heuristics. */ + if (!strncmp(p, "off", 3)) { + use_ibrs_on_skylake = false; + break; + } + len = strlen("skylake"); + if (!strncmp(p, "skylake", len)) { + p += len; + if (*p == '=') + ++p; + if (*p == '\0') + break; + if (!strncmp(p, "off", 3)) + use_ibrs_on_skylake = false; + } + + p = strpbrk(p, ","); + if (!p) + break; + p++; /* skip ',' */ + } + return 1; +} +__setup("spectre_v2_heuristics=", spectre_v2_heuristics_setup); + static void __init spectre_v2_select_mitigation(void); void __init check_bugs(void) @@ -357,7 +391,8 @@ retpoline_auto: * are forced to use retpoline on Skylake then use that. */ if (!retp_compiler() /* prefer IBRS over minimal ASM */ || - (retp_compiler() && !retpoline_selected(cmd) && is_skylake_era())) { + (retp_compiler() && !retpoline_selected(cmd) && + is_skylake_era() && use_ibrs_on_skylake)) { mode = SPECTRE_V2_IBRS; /* OK, some form of IBRS is enabled, lets see if we need to STUFF_RSB */ if (!boot_cpu_has(X86_FEATURE_SMEP))