From: Tim Chen <tim.c.chen@linux.intel.com>
Date: Thu, 8 Feb 2018 21:52:42 +0000 (-0500)
Subject: x86/speculation: Use Indirect Branch Prediction Barrier in context switch
X-Git-Tag: v4.1.12-124.31.3~1142
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=31b9fdd151ae380812802ddbbf3af5c80b915a8d;p=users%2Fjedix%2Flinux-maple.git

x86/speculation: Use Indirect Branch Prediction Barrier in context switch

This patch is a subset of the changes in the upstream commit
18bf3c3ea8ece8f03b6fc58508f2dfd23c7711c7. Since we don't have 'ctx_id' in
mm_context_t in UEK4, we can't check whether the context ID of the new
task is the same as that of the previous one. In this patch, we flush indirect
branches when switching into a process that marked itself non-dumpable.

This protects high value processes like gpg better, without having too high
performance overhead.

Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: ak@linux.intel.com
Cc: karahmed@amazon.de
Cc: arjan@linux.intel.com
Cc: torvalds@linux-foundation.org
Cc: linux@dominikbrodowski.net
Cc: peterz@infradead.org
Cc: bp@alien8.de
Cc: luto@kernel.org
Cc: pbonzini@redhat.com
Cc: gregkh@linux-foundation.org
Link: https://lkml.kernel.org/r/1517263487-3708-1-git-send-email-dwmw@amazon.co.uk
Orabug: 27524608
Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---

diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
index dd0c56c68faa..4d6ed0734975 100644
--- a/arch/x86/mm/tlb.c
+++ b/arch/x86/mm/tlb.c
@@ -104,12 +104,13 @@ void switch_mm_irqs_off(struct mm_struct *prev, struct mm_struct *next,
 {
 	unsigned cpu = smp_processor_id();
 
-	/* Null tsk means switching to kernel, so that's safe */
-	if (ibpb_inuse && tsk &&
-	    ___ptrace_may_access(tsk, current, PTRACE_MODE_IBPB))
-		native_wrmsrl(MSR_IA32_PRED_CMD, FEATURE_SET_IBPB);
-
 	if (likely(prev != next)) {
+
+		/* Null tsk means switching to kernel, so that's safe */
+		if (ibpb_inuse && tsk &&
+		   get_dumpable(tsk->mm) != SUID_DUMP_USER)
+			native_wrmsrl(MSR_IA32_PRED_CMD, FEATURE_SET_IBPB);
+
 		this_cpu_write(cpu_tlbstate.state, TLBSTATE_OK);
 		this_cpu_write(cpu_tlbstate.active_mm, next);
 		cpumask_set_cpu(cpu, mm_cpumask(next));