From 99ee27dc0c92b950dbf5dd1ac1c8e8f3647a8e1a Mon Sep 17 00:00:00 2001
From: Elena Reshetova <elena.reshetova@intel.com>
Date: Wed, 3 Jan 2018 23:56:24 -0800
Subject: [PATCH] locking/barriers: introduce new observable speculation
 barrier

The new observable speculation barrier, osb(), ensures
that any user observable speculation doesn't cross the boundary.

Any user observable speculative activity on this CPU
thread before this point either completes, reaches a
state it can no longer cause an observable activity, or
is aborted before instructions after the barrier execute.

In x86 case, osb() resolves in lfence if X86_FEATURE_LFENCE_RDTSC
is present. Other architectures can define their variants.

Suggested-by: Arjan van de Ven <arjan@linux.intel.com>
Suggested-by: Alan Cox <alan.cox@intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>

Orabug: 27340445
CVE: CVE-2017-5753

Signed-off-by: Chuck Anderson <chuck.anderson@oracle.com>
Conflicts:
	include/asm-generic/barrier.h code base differences

Reviewed-by: John Haxby <john.haxby@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>
---
 arch/x86/include/asm/barrier.h |  2 ++
 include/asm-generic/barrier.h  | 11 +++++++++++
 2 files changed, 13 insertions(+)

diff --git a/arch/x86/include/asm/barrier.h b/arch/x86/include/asm/barrier.h
index 9a186bf55e26..43b7d3b37150 100644
--- a/arch/x86/include/asm/barrier.h
+++ b/arch/x86/include/asm/barrier.h
@@ -82,6 +82,8 @@ do {									\
 
 #endif
 
+#define osb() alternative("", "lfence", X86_FEATURE_LFENCE_RDTSC)
+
 /* Atomic operations are already serializing on x86 */
 #define __smp_mb__before_atomic()	barrier()
 #define __smp_mb__after_atomic()	barrier()
diff --git a/include/asm-generic/barrier.h b/include/asm-generic/barrier.h
index 23c2a1bb5362..c4f059c28c7d 100644
--- a/include/asm-generic/barrier.h
+++ b/include/asm-generic/barrier.h
@@ -198,5 +198,16 @@ do {									\
 #define virt_store_release(p, v) __smp_store_release(p, v)
 #define virt_load_acquire(p) __smp_load_acquire(p)
 
+/* Observable speculation barrier: ensures that any user
+ * observable speculation doesn't cross the boundary.
+ * Any user observable speculative activity on this CPU
+ * thread before this point either completes, reaches a
+ * state it can no longer cause observable activity, or
+ * is aborted before instructions after the barrier execute.
+ */
+#ifndef osb
+#define osb()	do { } while (0)
+#endif
+
 #endif /* !__ASSEMBLY__ */
 #endif /* __ASM_GENERIC_BARRIER_H */
-- 
2.50.1