From cf4117d14d6f6007757dad8646d71676fdae2f29 Mon Sep 17 00:00:00 2001 From: Konrad Rzeszutek Wilk Date: Thu, 4 Jan 2018 22:34:14 -0500 Subject: [PATCH] x86: Use better #define for FEATURE_ENABLE_IBRS and 0 Upstream patches use: SPEC_CTRL_FEATURE_DISABLE_IBRS for 0 SPEC_CTRL_FEATURE_ENABLE_IBRS for 1 Lets use those fancy names so that it is easier to look in the code and compare to upstream. Orabug: 27344012 CVE: CVE-2017-5715 Reviewed-by: Todd Vierling Acked-by: John Haxby Signed-off-by: Konrad Rzeszutek Wilk Signed-off-by: Kirtikar Kashyap --- arch/x86/include/asm/mwait.h | 4 ++-- arch/x86/include/asm/spec_ctrl.h | 8 ++++---- arch/x86/include/uapi/asm/msr-index.h | 4 +++- arch/x86/kernel/process.c | 6 +++--- arch/x86/kernel/smpboot.c | 4 ++-- arch/x86/kvm/svm.c | 6 +++--- arch/x86/kvm/vmx.c | 4 ++-- include/linux/smp.h | 1 + kernel/sysctl.c | 4 ++-- 9 files changed, 22 insertions(+), 19 deletions(-) diff --git a/arch/x86/include/asm/mwait.h b/arch/x86/include/asm/mwait.h index 72f8fcd65ec1..7d1df6d36eab 100644 --- a/arch/x86/include/asm/mwait.h +++ b/arch/x86/include/asm/mwait.h @@ -60,14 +60,14 @@ static inline void mwait_idle_with_hints(unsigned long eax, unsigned long ecx) } if (ibrs_inuse) - native_wrmsrl(MSR_IA32_SPEC_CTRL, 0); + native_wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_DISABLE_IBRS); __monitor((void *)¤t_thread_info()->flags, 0, 0); if (!need_resched()) __mwait(eax, ecx); if (ibrs_inuse) - native_wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + native_wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); } current_clr_polling(); } diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h index 5204336841a1..d4df538ce72d 100644 --- a/arch/x86/include/asm/spec_ctrl.h +++ b/arch/x86/include/asm/spec_ctrl.h @@ -21,7 +21,7 @@ pushq %rdx; \ movl $MSR_IA32_SPEC_CTRL, %ecx; \ movl $0, %edx; \ - movl $FEATURE_ENABLE_IBRS, %eax; \ + movl $SPEC_CTRL_FEATURE_ENABLE_IBRS, %eax; \ wrmsr; \ popq %rdx; \ popq %rcx; \ @@ -29,7 +29,7 @@ #define __ASM_ENABLE_IBRS_CLOBBER \ movl $MSR_IA32_SPEC_CTRL, %ecx; \ movl $0, %edx; \ - movl $FEATURE_ENABLE_IBRS, %eax; \ + movl $SPEC_CTRL_FEATURE_ENABLE_IBRS, %eax; \ wrmsr; #define __ASM_DISABLE_IBRS \ pushq %rax; \ @@ -147,7 +147,7 @@ ALTERNATIVE "", __stringify(__ASM_ENABLE_IBRS), X86_FEATURE_SPEC_CTRL movl %eax, \save_reg movl $0, %edx - movl $FEATURE_ENABLE_IBRS, %eax + movl $SPEC_CTRL_FEATURE_ENABLE_IBRS, %eax wrmsr jmp 22f 12: @@ -159,7 +159,7 @@ ALTERNATIVE "", __stringify(__ASM_ENABLE_IBRS), X86_FEATURE_SPEC_CTRL testl $SPEC_CTRL_IBRS_INUSE, use_ibrs jz 13f - cmpl $FEATURE_ENABLE_IBRS, \save_reg + cmpl $SPEC_CTRL_FEATURE_ENABLE_IBRS, \save_reg je 13f movl $MSR_IA32_SPEC_CTRL, %ecx diff --git a/arch/x86/include/uapi/asm/msr-index.h b/arch/x86/include/uapi/asm/msr-index.h index a4d88b896b55..eb183c40dff2 100644 --- a/arch/x86/include/uapi/asm/msr-index.h +++ b/arch/x86/include/uapi/asm/msr-index.h @@ -124,6 +124,9 @@ #define MSR_IA32_LASTINTFROMIP 0x000001dd #define MSR_IA32_LASTINTTOIP 0x000001de +#define SPEC_CTRL_FEATURE_DISABLE_IBRS (0 << 0) +#define SPEC_CTRL_FEATURE_ENABLE_IBRS (1 << 0) + #define MSR_IA32_SPEC_CTRL 0x00000048 #define MSR_IA32_PRED_CMD 0x00000049 @@ -470,7 +473,6 @@ #define PACKAGE_THERM_INT_LOW_ENABLE (1 << 1) #define PACKAGE_THERM_INT_PLN_ENABLE (1 << 24) -#define FEATURE_ENABLE_IBRS (1<<0) #define FEATURE_SET_IBPB (1<<0) /* Thermal Thresholds Support */ diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index f6c1cea968d9..b47511b91de0 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -464,17 +464,17 @@ static __cpuidle void mwait_idle(void) } if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) - native_wrmsrl(MSR_IA32_SPEC_CTRL, 0); + native_wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_DISABLE_IBRS); __monitor((void *)¤t_thread_info()->flags, 0, 0); if (!need_resched()) { __sti_mwait(0, 0); if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) native_wrmsrl(MSR_IA32_SPEC_CTRL, - FEATURE_ENABLE_IBRS); + SPEC_CTRL_FEATURE_ENABLE_IBRS); } else { if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) - native_wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + native_wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); local_irq_enable(); } trace_cpu_idle_rcuidle(PWR_EVENT_EXIT, smp_processor_id()); diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index 240cd2b73ed8..15c27ffaa4c5 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -1504,14 +1504,14 @@ void native_play_dead(void) tboot_shutdown(TB_SHUTDOWN_WFS); if (ibrs_inuse) - native_wrmsrl(MSR_IA32_SPEC_CTRL, 0); + native_wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_DISABLE_IBRS); mwait_play_dead(); /* Only returns on failure */ if (cpuidle_play_dead()) hlt_play_dead(); if (ibrs_inuse) - native_wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + native_wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); } #else /* ... !CONFIG_HOTPLUG_CPU */ diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 8cc1f5347d75..fa2cb89c5403 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -3931,7 +3931,7 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) local_irq_enable(); if (ibrs_inuse && - svm->spec_ctrl != FEATURE_ENABLE_IBRS) + svm->spec_ctrl != SPEC_CTRL_FEATURE_ENABLE_IBRS) wrmsrl(MSR_IA32_SPEC_CTRL, svm->spec_ctrl); asm volatile ( @@ -4028,8 +4028,8 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) if (ibrs_inuse) { rdmsrl(MSR_IA32_SPEC_CTRL, svm->spec_ctrl); - if (svm->spec_ctrl != FEATURE_ENABLE_IBRS) - wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + if (svm->spec_ctrl != SPEC_CTRL_FEATURE_ENABLE_IBRS) + wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); } stuff_RSB(); diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index db38e33cc201..4a60333d322c 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -8188,7 +8188,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) vmx_set_interrupt_shadow(vcpu, 0); if (ibpb_inuse && - vmx->spec_ctrl != FEATURE_ENABLE_IBRS) + vmx->spec_ctrl != SPEC_CTRL_FEATURE_ENABLE_IBRS) wrmsrl(MSR_IA32_SPEC_CTRL, vmx->spec_ctrl); atomic_switch_perf_msrs(vmx); @@ -8320,7 +8320,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) if (ibpb_inuse) { rdmsrl(MSR_IA32_SPEC_CTRL, vmx->spec_ctrl); if (vmx->spec_ctrl) - wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + wrmsrl(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); } stuff_RSB(); diff --git a/include/linux/smp.h b/include/linux/smp.h index 3701f451f12a..ed927292713b 100644 --- a/include/linux/smp.h +++ b/include/linux/smp.h @@ -51,6 +51,7 @@ void on_each_cpu_cond(bool (*cond_func)(int cpu, void *info), int smp_call_function_single_async(int cpu, struct call_single_data *csd); #ifdef CONFIG_X86 +#include /* indicate usage of IBRS to control execution speculation */ extern int use_ibrs; extern u32 sysctl_ibrs_enabled; diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 71bcdd0854b4..5428d939b693 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -2847,14 +2847,14 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write, set_ibrs_disabled(); if (ibrs_supported) { for_each_online_cpu(cpu) - wrmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, 0x0); + wrmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_DISABLE_IBRS); } } else if (sysctl_ibrs_enabled == 2) { /* always set IBRS on, even in user space */ clear_ibrs_disabled(); if (ibrs_supported) { for_each_online_cpu(cpu) - wrmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + wrmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); } else { sysctl_ibrs_enabled = 0; } -- 2.50.1