Commit 31fd9eda authored by David Woodhouse's avatar David Woodhouse Committed by Greg Kroah-Hartman

x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support

(cherry picked from commit 20ffa1ca)

Expose indirect_branch_prediction_barrier() for use in subsequent patches.

[ tglx: Add IBPB status to spectre_v2 sysfs file ]
Co-developed-by: default avatarKarimAllah Ahmed <karahmed@amazon.de>
Signed-off-by: default avatarKarimAllah Ahmed <karahmed@amazon.de>
Signed-off-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
Cc: gnomes@lxorguk.ukuu.org.uk
Cc: ak@linux.intel.com
Cc: ashok.raj@intel.com
Cc: dave.hansen@intel.com
Cc: arjan@linux.intel.com
Cc: torvalds@linux-foundation.org
Cc: peterz@infradead.org
Cc: bp@alien8.de
Cc: pbonzini@redhat.com
Cc: tim.c.chen@linux.intel.com
Cc: gregkh@linux-foundation.org
Link: https://lkml.kernel.org/r/1516896855-7642-8-git-send-email-dwmw@amazon.co.ukSigned-off-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 6c5e4915
...@@ -202,6 +202,8 @@ ...@@ -202,6 +202,8 @@
/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */ /* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */ #define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */
#define X86_FEATURE_IBPB ( 7*32+21) /* Indirect Branch Prediction Barrier enabled*/
/* Virtualization flags: Linux defined, word 8 */ /* Virtualization flags: Linux defined, word 8 */
#define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */ #define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */
#define X86_FEATURE_VNMI ( 8*32+ 1) /* Intel Virtual NMI */ #define X86_FEATURE_VNMI ( 8*32+ 1) /* Intel Virtual NMI */
......
...@@ -218,5 +218,18 @@ static inline void vmexit_fill_RSB(void) ...@@ -218,5 +218,18 @@ static inline void vmexit_fill_RSB(void)
#endif #endif
} }
static inline void indirect_branch_prediction_barrier(void)
{
asm volatile(ALTERNATIVE("",
"movl %[msr], %%ecx\n\t"
"movl %[val], %%eax\n\t"
"movl $0, %%edx\n\t"
"wrmsr",
X86_FEATURE_IBPB)
: : [msr] "i" (MSR_IA32_PRED_CMD),
[val] "i" (PRED_CMD_IBPB)
: "eax", "ecx", "edx", "memory");
}
#endif /* __ASSEMBLY__ */ #endif /* __ASSEMBLY__ */
#endif /* __NOSPEC_BRANCH_H__ */ #endif /* __NOSPEC_BRANCH_H__ */
...@@ -262,6 +262,13 @@ static void __init spectre_v2_select_mitigation(void) ...@@ -262,6 +262,13 @@ static void __init spectre_v2_select_mitigation(void)
setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW);
pr_info("Filling RSB on context switch\n"); pr_info("Filling RSB on context switch\n");
} }
/* Initialize Indirect Branch Prediction Barrier if supported */
if (boot_cpu_has(X86_FEATURE_SPEC_CTRL) ||
boot_cpu_has(X86_FEATURE_AMD_PRED_CMD)) {
setup_force_cpu_cap(X86_FEATURE_IBPB);
pr_info("Enabling Indirect Branch Prediction Barrier\n");
}
} }
#undef pr_fmt #undef pr_fmt
...@@ -291,7 +298,8 @@ ssize_t cpu_show_spectre_v2(struct device *dev, ...@@ -291,7 +298,8 @@ ssize_t cpu_show_spectre_v2(struct device *dev,
if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2)) if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2))
return sprintf(buf, "Not affected\n"); return sprintf(buf, "Not affected\n");
return sprintf(buf, "%s%s\n", spectre_v2_strings[spectre_v2_enabled], return sprintf(buf, "%s%s%s\n", spectre_v2_strings[spectre_v2_enabled],
boot_cpu_has(X86_FEATURE_IBPB) ? ", IPBP" : "",
spectre_v2_bad_module ? " - vulnerable module loaded" : ""); spectre_v2_bad_module ? " - vulnerable module loaded" : "");
} }
#endif #endif
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment