• Martin Schwidefsky's avatar
    s390: introduce execute-trampolines for branches · d6e925ec
    Martin Schwidefsky authored
    [ Upstream commit f19fbd5e ]
    
    Add CONFIG_EXPOLINE to enable the use of the new -mindirect-branch= and
    -mfunction_return= compiler options to create a kernel fortified against
    the specte v2 attack.
    
    With CONFIG_EXPOLINE=y all indirect branches will be issued with an
    execute type instruction. For z10 or newer the EXRL instruction will
    be used, for older machines the EX instruction. The typical indirect
    call
    
    	basr	%r14,%r1
    
    is replaced with a PC relative call to a new thunk
    
    	brasl	%r14,__s390x_indirect_jump_r1
    
    The thunk contains the EXRL/EX instruction to the indirect branch
    
    __s390x_indirect_jump_r1:
    	exrl	0,0f
    	j	.
    0:	br	%r1
    
    The detour via the execute type instruction has a performance impact.
    To get rid of the detour the new kernel parameter "nospectre_v2" and
    "spectre_v2=[on,off,auto]" can be used. If the parameter is specified
    the kernel and module code will be patched at runtime.
    Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    d6e925ec
nospec-branch.c 2.79 KB