From patchwork Wed Nov 21 17:31:13 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juerg Haefliger X-Patchwork-Id: 1001274 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 430V3y3pcGz9s7T; Thu, 22 Nov 2018 04:31:26 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1gPWLR-0005oM-9B; Wed, 21 Nov 2018 17:31:21 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1gPWLQ-0005nY-45 for kernel-team@lists.ubuntu.com; Wed, 21 Nov 2018 17:31:20 +0000 Received: from mail-ed1-f70.google.com ([209.85.208.70]) by youngberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1gPWLP-00029i-Pb for kernel-team@lists.ubuntu.com; Wed, 21 Nov 2018 17:31:19 +0000 Received: by mail-ed1-f70.google.com with SMTP id e17so3301392edr.7 for ; Wed, 21 Nov 2018 09:31:19 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/hkk8ZMFS4I1LAz5JA0zPPda8sUC36NXJAQGN02JWs0=; b=MhryCNu0hmaYVtVYffpg9KvoDrG1iVGXB2ZUGSwXv6DSyRVNp/TKvuXbfRj9Hh3ids t61+3AJYZa1eEht3U9XXxcwNcnhRWdfhgGt7LARODKk4vbWT4nTJtjI3L2r1B/upIBpZ CEQ5LRXFsXis5oQ8g5s8z//Ws/qDl4NWant1QBVKMbJoKlQR/zmSX/zerDL8LC5Hi+oc d4vM6W8Na+zQe2eu1zoH5kd8RJaBRalv1dsX8s2D0euSvvAmve92uQ1wjx9RKAOUUkNT 5xxAL8GixVpdwWhGmXATFFHDPkSeOC6tnBT5E/ElT+qHg4sxob0BIqnFic2dTc5FucNM +p3w== X-Gm-Message-State: AA+aEWaYPfEB7mOdFQwIRoWnFUdmV1ltoK7zYGnUOq/NuBCAZ4IKmnzJ jj8zdmS1ta5Fi3hY4JIEjh7B4V85b73ht9WcnCgouUHESQos3O3VhxFvL+masf8dzaVQHWNr5yt hef0dzUuG7OGsE+Qtm1hd58oI4ZiXC7gODd0VKh9dmA== X-Received: by 2002:a50:a663:: with SMTP id d90-v6mr6617782edc.290.1542821479152; Wed, 21 Nov 2018 09:31:19 -0800 (PST) X-Google-Smtp-Source: AFSGD/Wl4vRWa2yjAraKyF6NvzqEfguSUoEsR1wQU4AulT5miiGQ7zzZPl2kdsC9sms877BJY1JG3w== X-Received: by 2002:a50:a663:: with SMTP id d90-v6mr6617774edc.290.1542821478995; Wed, 21 Nov 2018 09:31:18 -0800 (PST) Received: from localhost.localdomain ([81.221.192.120]) by smtp.gmail.com with ESMTPSA id p36sm3783066edc.78.2018.11.21.09.31.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Nov 2018 09:31:18 -0800 (PST) From: Juerg Haefliger X-Google-Original-From: Juerg Haefliger To: kernel-team@lists.ubuntu.com Subject: [SRU][Trusty][PATCH 3/3] UBUNTU: SAUCE: x86/speculation: Move RSB_CTXSW hunk Date: Wed, 21 Nov 2018 18:31:13 +0100 Message-Id: <20181121173113.13474-4-juergh@canonical.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181121173113.13474-1-juergh@canonical.com> References: <20181121173113.13474-1-juergh@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: juergh@canonical.com Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" Move the RSB_CTXSW hunk further up in spectre_v2_select_mitigation() to match upstream. No functional changes. CVE-2017-5715 Signed-off-by: Juerg Haefliger --- arch/x86/kernel/cpu/bugs.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index c86a805557fc..4a8b8fedffe1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -428,6 +428,17 @@ retpoline_auto: spectre_v2_enabled = mode; pr_info("%s\n", spectre_v2_strings[mode]); + /* + * If spectre v2 protection has been enabled, unconditionally fill + * RSB during a context switch; this protects against two independent + * issues: + * + * - RSB underflow (and switch to BTB) on Skylake+ + * - SpectreRSB variant of spectre v2 on X86_BUG_SPECTRE_V2 CPUs + */ + setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); + pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n"); + /* * Initialize Indirect Branch Prediction Barrier if supported and not * disabled on the commandline @@ -462,17 +473,6 @@ retpoline_auto: set_ibrs_enabled(1); } } - - /* - * If spectre v2 protection has been enabled, unconditionally fill - * RSB during a context switch; this protects against two independent - * issues: - * - * - RSB underflow (and switch to BTB) on Skylake+ - * - SpectreRSB variant of spectre v2 on X86_BUG_SPECTRE_V2 CPUs - */ - setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); - pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n"); } #undef pr_fmt