From c20da7de09e1e9d34261abfe6b44055175165ba0 Mon Sep 17 00:00:00 2001 From: Chuck Anderson Date: Thu, 22 Feb 2018 14:01:24 -0800 Subject: [PATCH] retpoline/module: do not enable IBRS/IPBP if SPEC_CTRL_IBRS_ADMIN_DISABLED/SPEC_CTRL_IBPB_ADMIN_DISABLED is set The retpoline fallback code in disable_retpoline() attempts to enable the Spectre IBRS and IPBP mitigations by calling set_ibrs_inuse() and set_ibpb_inuse(). SPEC_CTRL_IBRS_INUSE should not be set unless SPEC_CTRL_IBRS_SUPPORTED is set and SPEC_CTRL_IBRS_ADMIN_DISABLED is not set. Otherwise, the kernel boot parameter noibrs, which sets SPEC_CTRL_IBRS_ADMIN_DISABLED, is ignored and IBRS is incorrectly enabled during retpoline fallback. Same for set_ibpb_inuse(): it should respect SPEC_CTRL_IBPB_ADMIN_DISABLED. Orabug: 27625353 Signed-off-by: Chuck Anderson Reviewed-by: Konrad Rzeszutek Wilk Reviewed-by: Darren Kenny --- arch/x86/include/asm/spec_ctrl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h index 17bd0916164a..91465ba903e0 100644 --- a/arch/x86/include/asm/spec_ctrl.h +++ b/arch/x86/include/asm/spec_ctrl.h @@ -220,7 +220,7 @@ extern void unprotected_firmware_end(void); static inline bool set_ibrs_inuse(void) { - if (ibrs_supported) { + if (ibrs_supported && !ibrs_disabled) { use_ibrs |= SPEC_CTRL_IBRS_INUSE; return true; } else { @@ -293,7 +293,7 @@ extern u32 sysctl_ibpb_enabled; static inline bool set_ibpb_inuse(void) { - if (ibpb_supported) { + if (ibpb_supported && !ibpb_disabled) { use_ibpb |= SPEC_CTRL_IBPB_INUSE; return true; } else { -- 2.50.1