[PATCH 4.19 037/139] x86/speculation: Disable STIBP when enhanced IBRS is in use

Tue, 04 Dec 2018 02:57:01 -0800 

4.19-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Tim Chen tim.c.c...@linux.intel.com

commit 34bce7c9690b1d897686aac89604ba7adc365556 upstream

If enhanced IBRS is active, STIBP is redundant for mitigating Spectre v2
user space exploits from hyperthread sibling.

Disable STIBP when enhanced IBRS is used.

Signed-off-by: Tim Chen <tim.c.c...@linux.intel.com>
Signed-off-by: Thomas Gleixner <t...@linutronix.de>
Reviewed-by: Ingo Molnar <mi...@kernel.org>
Cc: Peter Zijlstra <pet...@infradead.org>
Cc: Andy Lutomirski <l...@kernel.org>
Cc: Linus Torvalds <torva...@linux-foundation.org>
Cc: Jiri Kosina <jkos...@suse.cz>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: Josh Poimboeuf <jpoim...@redhat.com>
Cc: Andrea Arcangeli <aarca...@redhat.com>
Cc: David Woodhouse <d...@amazon.co.uk>
Cc: Andi Kleen <a...@linux.intel.com>
Cc: Dave Hansen <dave.han...@intel.com>
Cc: Casey Schaufler <casey.schauf...@intel.com>
Cc: Asit Mallick <asit.k.mall...@intel.com>
Cc: Arjan van de Ven <ar...@linux.intel.com>
Cc: Jon Masters <j...@redhat.com>
Cc: Waiman Long <longman9...@gmail.com>
Cc: Greg KH <gre...@linuxfoundation.org>
Cc: Dave Stewart <david.c.stew...@intel.com>
Cc: Kees Cook <keesc...@chromium.org>
Cc: sta...@vger.kernel.org
Link: https://lkml.kernel.org/r/20181125185003.966801...@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
 arch/x86/kernel/cpu/bugs.c |    7 +++++++
 1 file changed, 7 insertions(+)

--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -320,6 +320,10 @@ static bool stibp_needed(void)
        if (spectre_v2_enabled == SPECTRE_V2_NONE)
                return false;
 
+       /* Enhanced IBRS makes using STIBP unnecessary. */
+       if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
+               return false;
+
        if (!boot_cpu_has(X86_FEATURE_STIBP))
                return false;
 
@@ -844,6 +848,9 @@ static ssize_t l1tf_show_state(char *buf
 
 static char *stibp_state(void)
 {
+       if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
+               return "";
+
        if (x86_spec_ctrl_base & SPEC_CTRL_STIBP)
                return ", STIBP";
        else

Reply via email to