From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Tue, 27 Feb 2018 01:07:51 +0000 (-0500)
Subject: Revert "x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation"
X-Git-Tag: v4.1.12-124.31.3~1117
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=cf3b86bc0761981582dfc9efda75475dffccc5c4;p=users%2Fjedix%2Flinux-maple.git

Revert "x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation"

This reverts commit f51532c93e3359743f0f8e226f1503123d3b1ae5.

And also other pieces of code that would use this.

Orabug: 27601789
Reviewed-by: Mihai Carabas <mihai.carabas@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 7f3662353206..b1a5084b0455 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2357,19 +2357,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 	noibrs          [X86]
 			Don't use indirect branch restricted speculation (IBRS)
 			feature when running in secure environment,
-			to avoid performance overhead. Disabling this will fallback
-			on using lfence.
+			to avoid performance overhead.
 
 	noibpb          [X86]
 			Don't use indirect branch prediction barrier (IBPB)
 			feature when running in secure environment,
 			to avoid performance overhead.
 
-	nolfence	[X86]
-			Don't use lfence on every system call/interrupt/exception
-			if noibrs has been specified. This is used to avoid
-			performance overhead.
-
 	nosmap		[X86]
 			Disable SMAP (Supervisor Mode Access Prevention)
 			even if it is supported by processor.
diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h
index 4d3577c54e51..66424e6b4c37 100644
--- a/arch/x86/include/asm/spec_ctrl.h
+++ b/arch/x86/include/asm/spec_ctrl.h
@@ -9,7 +9,7 @@
 #define SPEC_CTRL_IBRS_INUSE           (1<<0)  /* OS enables IBRS usage */
 #define SPEC_CTRL_IBRS_SUPPORTED       (1<<1)  /* System supports IBRS */
 #define SPEC_CTRL_IBRS_ADMIN_DISABLED  (1<<2)  /* Admin disables IBRS */
-#define SPEC_CTRL_LFENCE_OFF           (1<<3)  /* No lfence */
+
 #ifdef __ASSEMBLY__
 
 .extern use_ibrs
@@ -133,8 +133,6 @@
 	__ASM_ENABLE_IBRS
 	jmp	20f
 7:
-	testl  $SPEC_CTRL_LFENCE_OFF, use_ibrs
-	jnz	20f
 	lfence
 20:
 .endm
@@ -145,8 +143,6 @@
 	__ASM_ENABLE_IBRS_CLOBBER
 	jmp	21f
 11:
-	testl  $SPEC_CTRL_LFENCE_OFF, use_ibrs
-	jnz	21f
 	lfence
 21:
 .endm
@@ -165,8 +161,6 @@
 	jmp 22f
 12:
 	movl $SPEC_CTRL_FEATURE_ENABLE_IBRS, \save_reg
-	testl  $SPEC_CTRL_LFENCE_OFF, use_ibrs
-	jnz	22f
 	lfence
 22:
 .endm
@@ -184,8 +178,6 @@
 	wrmsr
 	jmp 23f
 13:
-	testl  $SPEC_CTRL_LFENCE_OFF, use_ibrs
-	jnz	23f
 	lfence
 23:
 .endm
@@ -266,15 +258,6 @@ static inline void clear_ibrs_disabled(void)
 	sysctl_ibrs_enabled = ibrs_inuse ? 1 : 0;
 }
 
-extern u32 sysctl_lfence_enabled;
-
-#define lfence_inuse (!(use_ibrs & SPEC_CTRL_LFENCE_OFF))
-
-static inline void set_lfence_disabled(void)
-{
-	use_ibrs |= SPEC_CTRL_LFENCE_OFF;
-}
-
 /* indicate usage of IBPB to control execution speculation */
 extern int use_ibpb;
 extern u32 sysctl_ibpb_enabled;
diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c
index 6fbbdee42cfa..c38997a0d227 100644
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -138,7 +138,6 @@ static const char *spectre_v2_strings[] = {
 	[SPECTRE_V2_RETPOLINE_GENERIC]		= "Mitigation: Full generic retpoline",
 	[SPECTRE_V2_RETPOLINE_AMD]		= "Mitigation: Full AMD retpoline",
 	[SPECTRE_V2_IBRS]			= "Mitigation: IBRS",
-	[SPECTRE_V2_IBRS_LFENCE]		= "Mitigation: lfence",
 
 };
 
@@ -177,14 +176,7 @@ int refresh_set_spectre_v2_enabled(void)
 	if (check_ibrs_inuse())
 		spectre_v2_enabled = SPECTRE_V2_IBRS;
 	else {
-		/*
-		 * If that didn't work (say no microcode or noibrs), we end up using
-		 * lfence on system calls/exceptions/parameters.
-		 */
-		if (lfence_inuse)
-			spectre_v2_enabled = SPECTRE_V2_IBRS_LFENCE;
-		else
-			spectre_v2_enabled = SPECTRE_V2_NONE;
+		spectre_v2_enabled = SPECTRE_V2_NONE;
 	}
 
 	return true;
@@ -227,10 +219,6 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
 		set_ibpb_disabled();
 	}
 
-	if (cmdline_find_option_bool(boot_command_line, "nolfence")) {
-		set_lfence_disabled();
-	}
-
 	ret = cmdline_find_option(boot_command_line, "spectre_v2", arg,
 				  sizeof(arg));
 	if (ret > 0)  {
@@ -273,18 +261,10 @@ static enum spectre_v2_mitigation __init ibrs_select(void)
 	/* If it is ON, OK, lets use it.*/
 	if (check_ibrs_inuse())
 		mode = SPECTRE_V2_IBRS;
-	else {
-		/*
-		 * If that didn't work (say no microcode or noibrs), we end up using
-		 * lfence on system calls/exceptions/parameters.
-		 */
-		if (lfence_inuse)
-			mode = SPECTRE_V2_IBRS_LFENCE;
-	}
 
 	if (mode == SPECTRE_V2_NONE)
 		/* Well, fallback on automatic discovery. */
-		pr_info("IBRS and lfence could not be enabled.\n");
+		pr_info("IBRS could not be enabled.\n");
 	else {
 		/* OK, some form of IBRS is enabled, lets see if we need to STUFF_RSB */
 		if (!boot_cpu_has(X86_FEATURE_SMEP))
@@ -308,7 +288,6 @@ static void __init disable_ibrs_and_friends(bool disable_ibpb)
 	/* We need to use IBPB with retpoline if it is available. */
 	if (disable_ibpb)
 		set_ibpb_disabled();
-	set_lfence_disabled();
 }
 
 static bool __init retpoline_selected(enum spectre_v2_mitigation_cmd cmd)