Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a771511c authored by Peter Zijlstra (Intel)'s avatar Peter Zijlstra (Intel) Committed by Greg Kroah-Hartman
Browse files

x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE 



commit d45476d9832409371537013ebdd8dc1a7781f97a upstream.

The RETPOLINE_AMD name is unfortunate since it isn't necessarily
AMD only, in fact Hygon also uses it. Furthermore it will likely be
sufficient for some Intel processors. Therefore rename the thing to
RETPOLINE_LFENCE to better describe what it is.

Add the spectre_v2=retpoline,lfence option as an alias to
spectre_v2=retpoline,amd to preserve existing setups. However, the output
of /sys/devices/system/cpu/vulnerabilities/spectre_v2 will be changed.

  [ bp: Fix typos, massage. ]

Co-developed-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
[fllinden@amazon.com: backported to 4.19]
Signed-off-by: default avatarFrank van der Linden <fllinden@amazon.com>
[bwh: Backported to 4.9: adjust context]
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent a9015502

arch/x86/include/asm/cpufeatures.h

+1 −1
Original line number Diff line number Diff line
@@ -195,7 +195,7 @@ 
#define X86_FEATURE_FENCE_SWAPGS_USER	( 7*32+10) /* "" LFENCE in user entry SWAPGS path */

#define X86_FEATURE_FENCE_SWAPGS_KERNEL	( 7*32+11) /* "" LFENCE in kernel entry SWAPGS path */

#define X86_FEATURE_RETPOLINE	( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* "" AMD Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE_LFENCE	( 7*32+13) /* "" Use LFENCE for Spectre variant 2 */



#define X86_FEATURE_MSR_SPEC_CTRL ( 7*32+16) /* "" MSR SPEC_CTRL is implemented */

#define X86_FEATURE_SSBD	( 7*32+17) /* Speculative Store Bypass Disable */

arch/x86/include/asm/nospec-branch.h

+6 −6
Original line number Diff line number Diff line
@@ -119,7 +119,7 @@ 
	ANNOTATE_NOSPEC_ALTERNATIVE

	ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; jmp *\reg),	\

		__stringify(RETPOLINE_JMP \reg), X86_FEATURE_RETPOLINE,	\

		__stringify(lfence; ANNOTATE_RETPOLINE_SAFE; jmp *\reg), X86_FEATURE_RETPOLINE_AMD

		__stringify(lfence; ANNOTATE_RETPOLINE_SAFE; jmp *\reg), X86_FEATURE_RETPOLINE_LFENCE

#else

	jmp	*\reg

#endif
@@ -130,7 +130,7 @@ 
	ANNOTATE_NOSPEC_ALTERNATIVE

	ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; call *\reg),	\

		__stringify(RETPOLINE_CALL \reg), X86_FEATURE_RETPOLINE,\

		__stringify(lfence; ANNOTATE_RETPOLINE_SAFE; call *\reg), X86_FEATURE_RETPOLINE_AMD

		__stringify(lfence; ANNOTATE_RETPOLINE_SAFE; call *\reg), X86_FEATURE_RETPOLINE_LFENCE

#else

	call	*\reg

#endif
@@ -181,7 +181,7 @@ 
	"lfence;\n"						\

	ANNOTATE_RETPOLINE_SAFE					\

	"call *%[thunk_target]\n",				\

	X86_FEATURE_RETPOLINE_AMD)

	X86_FEATURE_RETPOLINE_LFENCE)

# define THUNK_TARGET(addr) [thunk_target] "r" (addr)



#else /* CONFIG_X86_32 */
@@ -211,7 +211,7 @@ 
	"lfence;\n"						\

	ANNOTATE_RETPOLINE_SAFE					\

	"call *%[thunk_target]\n",				\

	X86_FEATURE_RETPOLINE_AMD)

	X86_FEATURE_RETPOLINE_LFENCE)



# define THUNK_TARGET(addr) [thunk_target] "rm" (addr)

#endif
@@ -223,8 +223,8 @@ 
/* The Spectre V2 mitigation variants */

enum spectre_v2_mitigation {

	SPECTRE_V2_NONE,

	SPECTRE_V2_RETPOLINE_GENERIC,

	SPECTRE_V2_RETPOLINE_AMD,

	SPECTRE_V2_RETPOLINE,

	SPECTRE_V2_LFENCE,

	SPECTRE_V2_IBRS_ENHANCED,

};

arch/x86/kernel/cpu/bugs.c

+18 −11
Original line number Diff line number Diff line
@@ -620,7 +620,7 @@ enum spectre_v2_mitigation_cmd { 
	SPECTRE_V2_CMD_FORCE,

	SPECTRE_V2_CMD_RETPOLINE,

	SPECTRE_V2_CMD_RETPOLINE_GENERIC,

	SPECTRE_V2_CMD_RETPOLINE_AMD,

	SPECTRE_V2_CMD_RETPOLINE_LFENCE,

};



enum spectre_v2_user_cmd {
@@ -780,8 +780,8 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd) 


static const char * const spectre_v2_strings[] = {

	[SPECTRE_V2_NONE]			= "Vulnerable",

	[SPECTRE_V2_RETPOLINE_GENERIC]		= "Mitigation: Full generic retpoline",

	[SPECTRE_V2_RETPOLINE_AMD]		= "Mitigation: Full AMD retpoline",

	[SPECTRE_V2_RETPOLINE]			= "Mitigation: Retpolines",

	[SPECTRE_V2_LFENCE]			= "Mitigation: LFENCE",

	[SPECTRE_V2_IBRS_ENHANCED]		= "Mitigation: Enhanced IBRS",

};
@@ -793,7 +793,8 @@ static const struct { 
	{ "off",		SPECTRE_V2_CMD_NONE,		  false },

	{ "on",			SPECTRE_V2_CMD_FORCE,		  true  },

	{ "retpoline",		SPECTRE_V2_CMD_RETPOLINE,	  false },

	{ "retpoline,amd",	SPECTRE_V2_CMD_RETPOLINE_AMD,	  false },

	{ "retpoline,amd",	SPECTRE_V2_CMD_RETPOLINE_LFENCE,  false },

	{ "retpoline,lfence",	SPECTRE_V2_CMD_RETPOLINE_LFENCE,  false },

	{ "retpoline,generic",	SPECTRE_V2_CMD_RETPOLINE_GENERIC, false },

	{ "auto",		SPECTRE_V2_CMD_AUTO,		  false },

};
@@ -831,13 +832,19 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) 
	}



	if ((cmd == SPECTRE_V2_CMD_RETPOLINE ||

	     cmd == SPECTRE_V2_CMD_RETPOLINE_AMD ||

	     cmd == SPECTRE_V2_CMD_RETPOLINE_LFENCE ||

	     cmd == SPECTRE_V2_CMD_RETPOLINE_GENERIC) &&

	    !IS_ENABLED(CONFIG_RETPOLINE)) {

		pr_err("%s selected but not compiled in. Switching to AUTO select\n", mitigation_options[i].option);

		return SPECTRE_V2_CMD_AUTO;

	}



	if ((cmd == SPECTRE_V2_CMD_RETPOLINE_LFENCE) &&

	    !boot_cpu_has(X86_FEATURE_LFENCE_RDTSC)) {

		pr_err("%s selected, but CPU doesn't have a serializing LFENCE. Switching to AUTO select\n", mitigation_options[i].option);

		return SPECTRE_V2_CMD_AUTO;

	}



	spec_v2_print_cond(mitigation_options[i].option,

			   mitigation_options[i].secure);

	return cmd;
@@ -872,9 +879,9 @@ static void __init spectre_v2_select_mitigation(void) 
		if (IS_ENABLED(CONFIG_RETPOLINE))

			goto retpoline_auto;

		break;

	case SPECTRE_V2_CMD_RETPOLINE_AMD:

	case SPECTRE_V2_CMD_RETPOLINE_LFENCE:

		if (IS_ENABLED(CONFIG_RETPOLINE))

			goto retpoline_amd;

			goto retpoline_lfence;

		break;

	case SPECTRE_V2_CMD_RETPOLINE_GENERIC:

		if (IS_ENABLED(CONFIG_RETPOLINE))
@@ -890,17 +897,17 @@ static void __init spectre_v2_select_mitigation(void) 


retpoline_auto:

	if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD) {

	retpoline_amd:

	retpoline_lfence:

		if (!boot_cpu_has(X86_FEATURE_LFENCE_RDTSC)) {

			pr_err("Spectre mitigation: LFENCE not serializing, switching to generic retpoline\n");

			goto retpoline_generic;

		}

		mode = SPECTRE_V2_RETPOLINE_AMD;

		setup_force_cpu_cap(X86_FEATURE_RETPOLINE_AMD);

		mode = SPECTRE_V2_LFENCE;

		setup_force_cpu_cap(X86_FEATURE_RETPOLINE_LFENCE);

		setup_force_cpu_cap(X86_FEATURE_RETPOLINE);

	} else {

	retpoline_generic:

		mode = SPECTRE_V2_RETPOLINE_GENERIC;

		mode = SPECTRE_V2_RETPOLINE;

		setup_force_cpu_cap(X86_FEATURE_RETPOLINE);

	}

tools/arch/x86/include/asm/cpufeatures.h

+1 −1
Original line number Diff line number Diff line
@@ -194,7 +194,7 @@ 
#define X86_FEATURE_PROC_FEEDBACK ( 7*32+ 9) /* AMD ProcFeedbackInterface */



#define X86_FEATURE_RETPOLINE	( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* "" AMD Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE_LFENCE	( 7*32+13) /* "" Use LFENCEs for Spectre variant 2 */



#define X86_FEATURE_MSR_SPEC_CTRL ( 7*32+16) /* "" MSR SPEC_CTRL is implemented */

#define X86_FEATURE_SSBD	( 7*32+17) /* Speculative Store Bypass Disable */