From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Thu, 1 Feb 2018 21:20:54 +0000 (-0500)
Subject: x86/spectre: If IBRS is enabled disable "Filling RSB on context switch"
X-Git-Tag: v4.1.12-124.31.3~1162
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=8bd6ae65f98a1190b1a3000955d6137012a67c7f;p=users%2Fjedix%2Flinux-maple.git

x86/spectre: If IBRS is enabled disable "Filling RSB on context switch"

As that is only needed if the machine is running IBRS and !SMEP.

The comment above the conditional says it all:

 Skylake era CPUs have a separate issue with *underflow* of the
 RSB, when they will predict 'ret' targets from the generic BTB.
 The proper mitigation for this is IBRS. If IBRS is not supported
 or deactivated in favour of retpolines the RSB fill on context

.. and if we have IBRS then we should ignore this conditional.

Note that the check (!SMEP) and using the STUFF_RSB is already
done in:
x86/spectre_v2: Figure out if STUFF_RSB macro needs to be used.

Orabug: 27477743
CVE: CVE-2017-5715

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Pavel Tatashin <pasha.tatashin@oracle.com>
---

diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index a363f9cab12d..933beab407c8 100644
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -357,8 +357,9 @@ out:
 	 * or deactivated in favour of retpolines the RSB fill on context
 	 * switch is required.
 	 */
-	if ((!boot_cpu_has(X86_FEATURE_PTI) &&
-	     !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) {
+	if (((mode != SPECTRE_V2_IBRS) && (mode != SPECTRE_V2_IBRS_LFENCE)) &&
+	    ((!boot_cpu_has(X86_FEATURE_PTI) &&
+	     !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era())) {
 		setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW);
 		pr_info("Filling RSB on context switch\n");
 	}