From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 2 Feb 2018 03:56:00 +0000 (-0500)
Subject: x86/spectre_v2: Add VMEXIT_FILL_RSB instead of RETPOLINE
X-Git-Tag: v4.1.12-124.31.3~1161
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=7ad7b4320ab9b014cea0a5e606f7d7c5abfbcc92;p=users%2Fjedix%2Flinux-maple.git

x86/spectre_v2: Add VMEXIT_FILL_RSB instead of RETPOLINE

The backport of "x86/retpoline: Fill return stack buffer on vmexit"
made the full stuffing of RSB only enabled if the kernel had
selected X86_FEATURE_RETPOLINE.

But if we are using IBRS we still want the full RSB stuffing
as it was prior to the backport.

Since we have both retpoline and ibrs wanting it we introduce
a new feature to enable the common mitigation that both of them
need.

Orabug: 27477743
CVE: CVE-2017-5715

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
---

diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index cb6294e2b810..6016dbbd7be3 100644
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -208,6 +208,7 @@
 #define X86_FEATURE_IBPB                (7*32+24) /* Indirect Branch Prediction Barrier */
 
 
+#define X86_FEATURE_VMEXIT_RSB_FULL	(7*32+27) /* "" Whether to stuff the RSB on VMEXIT. */
 #define X86_FEATURE_STUFF_RSB	(7*32+28) /* "" Whether to stuff the RSB (usually dependent on !SMEP) */
 #define X86_FEATURE_RETPOLINE	( 7*32+29) /* Generic Retpoline mitigation for Spectre variant 2 */
 #define X86_FEATURE_RETPOLINE_AMD ( 7*32+30) /* AMD Retpoline mitigation for Spectre variant 2 */
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index fca2bdd8b24c..bc4a272a315b 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -188,7 +188,7 @@ static inline void vmexit_fill_RSB(void)
 
 	asm volatile (ALTERNATIVE("jmp 910f",
 				  __stringify(__FILL_RETURN_BUFFER(%0, RSB_CLEAR_LOOPS, %1)),
-				  X86_FEATURE_RETPOLINE)
+				  X86_FEATURE_VMEXIT_RSB_FULL)
 		      "910:"
 		      : "=r" (loops), ASM_CALL_CONSTRAINT
 		      : : "memory" );
diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index 933beab407c8..dd4581ef6acf 100644
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -369,6 +369,8 @@ out:
 	    mode == SPECTRE_V2_RETPOLINE_AMD) {
 		disable_ibrs_and_friends();
 	}
+	/* Future CPUs with IBRS_ATT might be able to avoid this. */
+	setup_force_cpu_cap(X86_FEATURE_VMEXIT_RSB_FULL);
 }
 
 #undef pr_fmt