From: Konrad Rzeszutek Wilk Date: Mon, 5 Feb 2018 19:31:33 +0000 (-0500) Subject: x86/spectre_v2: Do not disable IBPB when disabling IBRS X-Git-Tag: v4.1.12-124.31.3~1145 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=5fabaf42f225b7c0ce5ba080ea5aec517eca27ec;p=users%2Fjedix%2Flinux-maple.git x86/spectre_v2: Do not disable IBPB when disabling IBRS Upstream has decided that while IBRS is bad, IBPB is good. In fact: 18bf3c3ea8ece8f03b6fc58508f2dfd23c7711c7 x86/speculation: Use Indirect Branch Prediction Barrier in context switch and KVM patches: 15d45071523d89b3fb7372e2135fbd72f6af9506 KVM/x86: Add IBPB support all use indirect_branch_prediction_barrier(). In our code base the indirect_branch_prediction_barrier is wrapped with an check: if (ibpb_inuse) wrmsrl(MSR_IA32_PRED_CMD, FEATURE_SET_IBPB); But nonethless we should keep the IBPB disabled on the normal path. However if folks have choosen 'spectre_v2=off' or 'spectre_v2=none' then we MUST disable the IBPB. Orabug: 27477743 CVE: CVE-2017-5715 Signed-off-by: Konrad Rzeszutek Wilk Reviewed-by: Daniel Jordan --- diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c index 40fd40bbeb1a..d56b3d462f19 100644 --- a/arch/x86/kernel/cpu/bugs_64.c +++ b/arch/x86/kernel/cpu/bugs_64.c @@ -258,10 +258,12 @@ static enum spectre_v2_mitigation __init ibrs_select(void) return mode; } -static void __init disable_ibrs_and_friends(void) +static void __init disable_ibrs_and_friends(bool disable_ibpb) { set_ibrs_disabled(); - set_ibpb_disabled(); + /* We need to use IBPB with retpoline if it is available. */ + if (disable_ibpb) + set_ibpb_disabled(); set_lfence_disabled(); } @@ -290,13 +292,13 @@ static void __init spectre_v2_select_mitigation(void) */ if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2) && (cmd == SPECTRE_V2_CMD_NONE || cmd == SPECTRE_V2_CMD_AUTO)) { - disable_ibrs_and_friends(); + disable_ibrs_and_friends(true); return; } switch (cmd) { case SPECTRE_V2_CMD_NONE: - disable_ibrs_and_friends(); + disable_ibrs_and_friends(true); return; case SPECTRE_V2_CMD_FORCE: @@ -392,7 +394,7 @@ out: /* IBRS is unnecessary with retpoline mitigation. */ if (mode == SPECTRE_V2_RETPOLINE_GENERIC || mode == SPECTRE_V2_RETPOLINE_AMD) { - disable_ibrs_and_friends(); + disable_ibrs_and_friends(false /* Do use IPBP if possible */); } /* Future CPUs with IBRS_ATT might be able to avoid this. */ setup_force_cpu_cap(X86_FEATURE_VMEXIT_RSB_FULL);