brain-hackers_pepepper-mirror/linux-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/linux-brain.git synced 2024-06-09 23:36:23 +09:00
Code Issues Projects Releases Wiki Activity
36d7dcf6da
linux-brain/arch/x86/kernel/cpu
History
Anand K Mistry b74fe31864 x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP 
commit 1978b3a53a74e3230cd46932b149c6e62e832e9a upstream.

On AMD CPUs which have the feature X86_FEATURE_AMD_STIBP_ALWAYS_ON,
STIBP is set to on and

  spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED

At the same time, IBPB can be set to conditional.

However, this leads to the case where it's impossible to turn on IBPB
for a process because in the PR_SPEC_DISABLE case in ib_prctl_set() the

  spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED

condition leads to a return before the task flag is set. Similarly,
ib_prctl_get() will return PR_SPEC_DISABLE even though IBPB is set to
conditional.

More generally, the following cases are possible:

1. STIBP = conditional && IBPB = on for spectre_v2_user=seccomp,ibpb
2. STIBP = on && IBPB = conditional for AMD CPUs with
   X86_FEATURE_AMD_STIBP_ALWAYS_ON

The first case functions correctly today, but only because
spectre_v2_user_ibpb isn't updated to reflect the IBPB mode.

At a high level, this change does one thing. If either STIBP or IBPB
is set to conditional, allow the prctl to change the task flag.
Also, reflect that capability when querying the state. This isn't
perfect since it doesn't take into account if only STIBP or IBPB is
unconditionally on. But it allows the conditional feature to work as
expected, without affecting the unconditional one.

 [ bp: Massage commit message and comment; space out statements for
   better readability. ]

Fixes: 21998a351512 ("x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.")
Signed-off-by: Anand K Mistry <amistry@google.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://lkml.kernel.org/r/20201105163246.v2.1.Ifd7243cd3e2c2206a893ad0a5b9a4f19549e22c6@changeid
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-11-18 19:20:33 +01:00
..
mce x86/mce: Make mce_rdmsrl() panic on an inaccessible MSR 2020-10-29 09:58:03 +01:00
microcode It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
mtrr x86: mtrr: cyrix: Mark expected switch fall-through 2019-08-07 15:12:01 +02:00
resctrl x86/resctrl: Fix memory bandwidth counter width for AMD 2020-07-09 09:37:57 +02:00
.gitignore
acrn.c x86/acrn: Use HYPERVISOR_CALLBACK_VECTOR for ACRN guest upcall vector 2019-06-11 21:31:31 +02:00
amd.c x86/cpu/amd: Make erratum #1054 a legacy erratum 2020-06-17 16:40:23 +02:00
aperfmperf.c x86/cpu: Disable frequency requests via aperfmperf IPI for nohz_full CPUs 2019-06-22 17:23:48 +02:00
bugs.c x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP 2020-11-18 19:20:33 +01:00
cacheinfo.c x86/cacheinfo: Fix a -Wtype-limits warning 2019-06-19 19:21:32 +02:00
centaur.c x86/CPU: Move x86_cpuinfo::x86_max_cores assignment to detect_num_cpu_cores() 2018-05-13 16:14:24 +02:00
common.c x86/asm: Replace __force_order with a memory clobber 2020-10-29 09:58:01 +01:00
cpu.h x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 2020-06-10 20:24:57 +02:00
cpuid-deps.c x86/cpufeatures: Enable a new AVX512 CPU feature 2019-07-22 10:38:25 +02:00
cyrix.c x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors 2019-03-21 12:28:50 +01:00
hygon.c x86: Remove X86_FEATURE_MFENCE_RDTSC 2019-07-22 12:00:51 +02:00
hypervisor.c x86/paravirt: Remove const mark from x86_hyper_xen_hvm variable 2019-07-17 08:09:59 +02:00
intel_epb.c x86: intel_epb: Do not build when CONFIG_PM is unset 2019-05-30 10:58:36 +02:00
intel_pconfig.c x86/pconfig: Detect PCONFIG targets 2018-03-12 12:10:54 +01:00
intel.c x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default 2019-10-28 08:36:58 +01:00
Makefile x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default 2019-10-28 08:36:58 +01:00
match.c x86/cpu: Add a steppings field to struct x86_cpu_id 2020-06-10 20:24:57 +02:00
mkcapflags.sh x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c 2019-06-25 09:52:05 +02:00
mshyperv.c x86: hyperv: report value of misc_features 2020-05-02 08:48:55 +02:00
perfctr-watchdog.c x86/events: Add Hygon Dhyana support to PMU infrastructure 2018-09-27 18:28:57 +02:00
powerflags.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
proc.c x86: Convert some slow-path static_cpu_has() callers to boot_cpu_has() 2019-04-08 12:13:34 +02:00
rdrand.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 335 2019-06-05 17:37:06 +02:00
scattered.c x86/cpufeatures: Combine word 11 and 12 into a new scattered features word 2019-06-20 12:38:44 +02:00
topology.c x86/topology: Create topology_max_die_per_package() 2019-05-23 10:08:30 +02:00
transmeta.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tsx.c x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR 2020-02-11 04:35:15 -08:00
umc.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
umwait.c KVM: VMX: Stop context switching MSR_IA32_UMWAIT_CONTROL 2020-06-30 15:37:07 -04:00
vmware.c x86/cpu/vmware: Use the full form of INL in VMWARE_PORT 2019-10-08 13:26:42 +02:00
zhaoxin.c x86/cpu: Create Zhaoxin processors architecture support file 2019-06-22 11:45:57 +02:00