From: William Roche <william.roche@oracle.com>
Date: Fri, 15 Feb 2019 15:23:25 +0000 (-0500)
Subject: x86/speculation: STUFF_RSB dynamic enable
X-Git-Tag: v4.1.12-124.31.3~90
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=c4be03aa598451d50743acf99390dc23d3575a6c;p=users%2Fjedix%2Flinux-maple.git

x86/speculation: STUFF_RSB dynamic enable

The STUFF_RSB overwrite macro can be enabled dynamically with
rsb_overwrite_key instead of using X86_FEATURE_STUFF_RSB.

Signed-off-by: William Roche <william.roche@oracle.com>
Co-developed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>

(cherry picked from commit 84e09871beb92364bd374d8c3bc3441a8c4be593)

Orabug: 29660924

Signed-off-by: William Roche <william.roche@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Acked-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>

Conflicts:
	arch/x86/include/asm/cpufeatures.h
	arch/x86/include/asm/spec_ctrl.h
	arch/x86/kernel/cpu/bugs.c
cpufeatures.h vs cpufeature.h in UEK4
include <linux/jump_label.h> header in spec_ctrl.h to use this feature
bugs.c vs bugs_64.c in UEK4

Signed-off-by: Brian Maly <brian.maly@oracle.com>
---

diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index 6455f591257d..fba248660005 100644
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -216,7 +216,6 @@
 #define X86_FEATURE_SSBD		( 7*32+25) /* Speculative Store Bypass Disable */
 #define X86_FEATURE_SPEC_STORE_BYPASS_DISABLE ( 7*32+26) /* "" Disable Speculative Store Bypass. */
 #define X86_FEATURE_VMEXIT_RSB_FULL	(7*32+27) /* "" Whether to stuff the RSB on VMEXIT. */
-#define X86_FEATURE_STUFF_RSB	(7*32+28) /* "" Whether to stuff the RSB (usually dependent on !SMEP) */
 #define X86_FEATURE_RETPOLINE	( 7*32+29) /* "" Generic Retpoline mitigation for Spectre variant 2 */
 #define X86_FEATURE_RETPOLINE_AMD ( 7*32+30) /* "" AMD Retpoline mitigation for Spectre variant 2 */
 /* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h
index 09e8b761a74d..48877d6857bc 100644
--- a/arch/x86/include/asm/spec_ctrl.h
+++ b/arch/x86/include/asm/spec_ctrl.h
@@ -1,6 +1,7 @@
 #ifndef _ASM_X86_SPEC_CTRL_H
 #define _ASM_X86_SPEC_CTRL_H
 
+#include <linux/jump_label.h>
 #include <linux/stringify.h>
 #include <asm/msr-index.h>
 #include <asm/cpufeature.h>
@@ -187,8 +188,15 @@
 9:
 .endm
 
+/*
+ * Overwrite RSB stuffing macro.
+ */
 .macro STUFF_RSB
-ALTERNATIVE __stringify(__ASM_STUFF_RSB), "", X86_FEATURE_STUFF_RSB
+	STATIC_JUMP_IF_TRUE .Lstuff_rsb_\@, rsb_overwrite_key, def=0
+	jmp	.Ldone_call_\@
+.Lstuff_rsb_\@:
+	__ASM_STUFF_RSB
+.Ldone_call_\@:
 .endm
 
 #else /* __ASSEMBLY__ */
@@ -219,6 +227,17 @@ extern void unprotected_firmware_begin(void);
 extern void unprotected_firmware_end(void);
 
 DECLARE_STATIC_KEY_FALSE(retpoline_enabled_key);
+DECLARE_STATIC_KEY_FALSE(rsb_overwrite_key);
+
+static inline void rsb_overwrite_enable(void)
+{
+	static_branch_enable(&rsb_overwrite_key);
+}
+
+static inline void rsb_overwrite_disable(void)
+{
+	static_branch_disable(&rsb_overwrite_key);
+}
 
 #define ibrs_firmware		(use_ibrs & SPEC_CTRL_IBRS_FIRMWARE)
 #define ibrs_supported		(use_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index 58ff9433927d..5c27c37ee36b 100644
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -76,6 +76,12 @@ static enum spectre_v2_mitigation retpoline_mode = SPECTRE_V2_NONE;
 DEFINE_STATIC_KEY_FALSE(retpoline_enabled_key);
 EXPORT_SYMBOL(retpoline_enabled_key);
 
+/*
+ * RSB stuffing dynamic key to activate the STUFF_RSB overwrite macro.
+ */
+DEFINE_STATIC_KEY_FALSE(rsb_overwrite_key);
+EXPORT_SYMBOL(rsb_overwrite_key);
+
 static bool is_skylake_era(void);
 static void disable_ibrs_and_friends(bool);
 static void activate_spectre_v2_mitigation(enum spectre_v2_mitigation);
@@ -700,7 +706,8 @@ static void ibrs_select(enum spectre_v2_mitigation *mode)
 	if (boot_cpu_has(X86_FEATURE_SMEP))
 		return;
 
-	setup_force_cpu_cap(X86_FEATURE_STUFF_RSB);
+	/* IBRS without SMEP needs RSB overwrite */
+	rsb_overwrite_enable();
 
 	if (*mode == SPECTRE_V2_IBRS_ENHANCED)
 		pr_warn("Enhanced IBRS might not provide full mitigation against Spectre v2 if SMEP is not available.\n");