Commit 50deeb53 authored by Juerg Haefliger's avatar Juerg Haefliger Committed by Kleber Sacilotto de Souza

UBUNTU: SAUCE: x86/speculation: Use x86_spec_ctrl_base in entry/exit code

Honor the value of x86_spec_ctrl_base when manipulating the
MSR_IA32_SPEC_CTRL MSR in the entry/exit code.

CVE-2017-5715
Signed-off-by: default avatarJuerg Haefliger <juergh@canonical.com>
Acked-by: default avatarStefan Bader <stefan.bader@canonical.com>
Acked-by: default avatarKleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: default avatarKleber Sacilotto de Souza <kleber.souza@canonical.com>
parent d5818449
...@@ -9,14 +9,17 @@ ...@@ -9,14 +9,17 @@
#ifdef __ASSEMBLY__ #ifdef __ASSEMBLY__
.extern ibrs_enabled .extern ibrs_enabled
.extern x86_spec_ctrl_base
#define __ASM_ENABLE_IBRS \ #define __ASM_ENABLE_IBRS \
pushq %rax; \ pushq %rax; \
pushq %rcx; \ pushq %rcx; \
pushq %rdx; \ pushq %rdx; \
movl $MSR_IA32_SPEC_CTRL, %ecx; \ movl $MSR_IA32_SPEC_CTRL, %ecx; \
movl $0, %edx; \ movq x86_spec_ctrl_base, %rdx; \
movl $SPEC_CTRL_IBRS, %eax; \ shr $32, %rdx; \
movq x86_spec_ctrl_base, %rax; \
orl $SPEC_CTRL_IBRS, %eax; \
wrmsr; \ wrmsr; \
popq %rdx; \ popq %rdx; \
popq %rcx; \ popq %rcx; \
...@@ -24,8 +27,10 @@ ...@@ -24,8 +27,10 @@
#define __ASM_ENABLE_IBRS_CLOBBER \ #define __ASM_ENABLE_IBRS_CLOBBER \
movl $MSR_IA32_SPEC_CTRL, %ecx; \ movl $MSR_IA32_SPEC_CTRL, %ecx; \
movl $0, %edx; \ movq x86_spec_ctrl_base, %rdx; \
movl $SPEC_CTRL_IBRS, %eax; \ shr $32, %rdx; \
movq x86_spec_ctrl_base, %rax; \
orl $SPEC_CTRL_IBRS, %eax; \
wrmsr; wrmsr;
#define __ASM_DISABLE_IBRS \ #define __ASM_DISABLE_IBRS \
...@@ -33,8 +38,9 @@ ...@@ -33,8 +38,9 @@
pushq %rcx; \ pushq %rcx; \
pushq %rdx; \ pushq %rdx; \
movl $MSR_IA32_SPEC_CTRL, %ecx; \ movl $MSR_IA32_SPEC_CTRL, %ecx; \
movl $0, %edx; \ movq x86_spec_ctrl_base, %rdx; \
movl $0, %eax; \ shr $32, %rdx; \
movq x86_spec_ctrl_base, %rax; \
wrmsr; \ wrmsr; \
popq %rdx; \ popq %rdx; \
popq %rcx; \ popq %rcx; \
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment