From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Date: Wed, 21 Nov 2018 21:15:25 +0000 (-0500)
Subject: x86/intel/spectre_v4: Keep SPEC_CTRL_SSBD when IBRS is in use
X-Git-Tag: v4.1.12-124.31.3~400
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=7a43f9fa233766fc4aae3564850a5dfbbb7cb769;p=users%2Fjedix%2Flinux-maple.git

x86/intel/spectre_v4: Keep SPEC_CTRL_SSBD when IBRS is in use

When IBRS mitigations are in use, and we are running with prctl or seccomp
SSBD mitigations, we end up not setting SPEC_CTRL_SSBD bit in MSR_IA32_SPEC_CTRL
in DISABLE_IBRS (which is called, for example, when returning from a syscall to
userspace.

Orabug: 28814570

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Mihai Carabas <mihai.carabas@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
---

diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h
index 3c1f6df899cdc..68ff83e292477 100644
--- a/arch/x86/include/asm/spec_ctrl.h
+++ b/arch/x86/include/asm/spec_ctrl.h
@@ -40,7 +40,7 @@
 	pushq %rdx;				\
 	movl $MSR_IA32_SPEC_CTRL, %ecx;		\
 	movl $0, %edx;				\
-	movl x86_spec_ctrl_base, %eax;		\
+	movl PER_CPU_VAR(x86_spec_ctrl_restore), %eax;		\
 	wrmsr;					\
 	popq %rdx;				\
 	popq %rcx;				\
@@ -172,8 +172,8 @@
 	testl	$SPEC_CTRL_IBRS_INUSE, PER_CPU_VAR(cpu_ibrs)
 	jz	13f
 
-	testl	$SPEC_CTRL_FEATURE_ENABLE_IBRS, \save_reg
-	jnz	13f
+	cmp	\save_reg, PER_CPU_VAR(x86_spec_ctrl_priv_cpu)
+	je      13f
 
 	movl	$MSR_IA32_SPEC_CTRL, %ecx
 	movl	$0, %edx
@@ -209,6 +209,7 @@ ALTERNATIVE __stringify(__ASM_STUFF_RSB), "", X86_FEATURE_STUFF_RSB
 /* Defined in bugs_64.c */
 extern u64 x86_spec_ctrl_priv;
 DECLARE_PER_CPU(u64, x86_spec_ctrl_priv_cpu);
+DECLARE_PER_CPU(u64, x86_spec_ctrl_restore);
 extern u64 x86_spec_ctrl_base;
 
 /*
@@ -241,6 +242,7 @@ DECLARE_STATIC_KEY_FALSE(retpoline_enabled_key);
 static inline void update_cpu_spec_ctrl(int cpu)
 {
 	per_cpu(x86_spec_ctrl_priv_cpu, cpu) = x86_spec_ctrl_priv;
+	per_cpu(x86_spec_ctrl_restore, cpu) = x86_spec_ctrl_base;
 }
 
 static inline void update_cpu_spec_ctrl_all(void)
diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index ad562d8e91d0f..6827e4fb105c6 100644
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -153,6 +153,8 @@ u64 x86_spec_ctrl_priv;
 EXPORT_SYMBOL_GPL(x86_spec_ctrl_priv);
 DEFINE_PER_CPU(u64, x86_spec_ctrl_priv_cpu) = 0;
 EXPORT_PER_CPU_SYMBOL(x86_spec_ctrl_priv_cpu);
+DEFINE_PER_CPU(u64, x86_spec_ctrl_restore) = 0;
+EXPORT_PER_CPU_SYMBOL(x86_spec_ctrl_restore);
 
 /*
  * AMD specific MSR info for Speculative Store Bypass control.
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 59cda6f04066c..5c73161d3da7a 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -352,6 +352,7 @@ static __always_inline void intel_set_ssb_state(unsigned long tifn)
 {
 	u64 msr = x86_spec_ctrl_base | ssbd_tif_to_spec_ctrl(tifn);
 
+	this_cpu_write(x86_spec_ctrl_restore,  msr);
 	wrmsrl(MSR_IA32_SPEC_CTRL, msr);
 }