Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6304672b authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86/pti updates from Thomas Gleixner:
 "Another set of melted spectrum related changes:

   - Code simplifications and cleanups for RSB and retpolines.

   - Make the indirect calls in KVM speculation safe.

   - Whitelist CPUs which are known not to speculate from Meltdown and
     prepare for the new CPUID flag which tells the kernel that a CPU is
     not affected.

   - A less rigorous variant of the module retpoline check which merily
     warns when a non-retpoline protected module is loaded and reflects
     that fact in the sysfs file.

   - Prepare for Indirect Branch Prediction Barrier support.

   - Prepare for exposure of the Speculation Control MSRs to guests, so
     guest OSes which depend on those "features" can use them. Includes
     a blacklist of the broken microcodes. The actual exposure of the
     MSRs through KVM is still being worked on"

* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/speculation: Simplify indirect_branch_prediction_barrier()
  x86/retpoline: Simplify vmexit_fill_RSB()
  x86/cpufeatures: Clean up Spectre v2 related CPUID flags
  x86/cpu/bugs: Make retpoline module warning conditional
  x86/bugs: Drop one "mitigation" from dmesg
  x86/nospec: Fix header guards names
  x86/alternative: Print unadorned pointers
  x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
  x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
  x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
  x86/msr: Add definitions for new speculation control MSRs
  x86/cpufeatures: Add AMD feature bits for Speculation Control
  x86/cpufeatures: Add Intel feature bits for Speculation Control
  x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
  module/retpoline: Warn about missing retpoline in module
  KVM: VMX: Make indirect call speculation safe
  KVM: x86: Make indirect calls in emulator speculation safe
parents 94263352 64e16720

arch/x86/entry/entry_32.S

+2 −1
Original line number Diff line number Diff line
@@ -252,7 +252,8 @@ ENTRY(__switch_to_asm) 
	 * exist, overwrite the RSB with entries which capture

	 * speculative execution to prevent attack.

	 */

	FILL_RETURN_BUFFER %ebx, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW

	/* Clobbers %ebx */

	FILL_RETURN_BUFFER RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW

#endif



	/* restore callee-saved registers */

arch/x86/entry/entry_64.S

+2 −1
Original line number Diff line number Diff line
@@ -499,7 +499,8 @@ ENTRY(__switch_to_asm) 
	 * exist, overwrite the RSB with entries which capture

	 * speculative execution to prevent attack.

	 */

	FILL_RETURN_BUFFER %r12, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW

	/* Clobbers %rbx */

	FILL_RETURN_BUFFER RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW

#endif



	/* restore callee-saved registers */

arch/x86/include/asm/asm-prototypes.h

+3 −0
Original line number Diff line number Diff line
@@ -38,4 +38,7 @@ INDIRECT_THUNK(dx) 
INDIRECT_THUNK(si)

INDIRECT_THUNK(di)

INDIRECT_THUNK(bp)

asmlinkage void __fill_rsb(void);

asmlinkage void __clear_rsb(void);



#endif /* CONFIG_RETPOLINE */

arch/x86/include/asm/cpufeature.h

+5 −2
Original line number Diff line number Diff line
@@ -29,6 +29,7 @@ enum cpuid_leafs 
	CPUID_8000_000A_EDX,

	CPUID_7_ECX,

	CPUID_8000_0007_EBX,

	CPUID_7_EDX,

};



#ifdef CONFIG_X86_FEATURE_NAMES
@@ -79,8 +80,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; 
	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) ||	\

	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) ||	\

	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) ||	\

	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) ||	\

	   REQUIRED_MASK_CHECK					  ||	\

	   BUILD_BUG_ON_ZERO(NCAPINTS != 18))

	   BUILD_BUG_ON_ZERO(NCAPINTS != 19))



#define DISABLED_MASK_BIT_SET(feature_bit)				\

	 ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK,  0, feature_bit) ||	\
@@ -101,8 +103,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; 
	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 15, feature_bit) ||	\

	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 16, feature_bit) ||	\

	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 17, feature_bit) ||	\

	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) ||	\

	   DISABLED_MASK_CHECK					  ||	\

	   BUILD_BUG_ON_ZERO(NCAPINTS != 18))

	   BUILD_BUG_ON_ZERO(NCAPINTS != 19))



#define cpu_has(c, bit)							\

	(__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 :	\

arch/x86/include/asm/cpufeatures.h

+16 −6
Original line number Diff line number Diff line
@@ -13,7 +13,7 @@ 
/*

 * Defines x86 CPU feature bits

 */

#define NCAPINTS			18	   /* N 32-bit words worth of info */

#define NCAPINTS			19	   /* N 32-bit words worth of info */

#define NBUGINTS			1	   /* N 32-bit bug flags */



/*
@@ -203,15 +203,15 @@ 
#define X86_FEATURE_PROC_FEEDBACK	( 7*32+ 9) /* AMD ProcFeedbackInterface */

#define X86_FEATURE_SME			( 7*32+10) /* AMD Secure Memory Encryption */

#define X86_FEATURE_PTI			( 7*32+11) /* Kernel Page Table Isolation enabled */

#define X86_FEATURE_RETPOLINE		( 7*32+12) /* Generic Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE		( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* "" AMD Retpoline mitigation for Spectre variant 2 */

#define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory Number */

#define X86_FEATURE_CDP_L2		( 7*32+15) /* Code and Data Prioritization L2 */

#define X86_FEATURE_AVX512_4VNNIW	( 7*32+16) /* AVX-512 Neural Network Instructions */

#define X86_FEATURE_AVX512_4FMAPS	( 7*32+17) /* AVX-512 Multiply Accumulation Single precision */



#define X86_FEATURE_MBA			( 7*32+18) /* Memory Bandwidth Allocation */

#define X86_FEATURE_RSB_CTXSW		( 7*32+19) /* Fill RSB on context switches */

#define X86_FEATURE_RSB_CTXSW		( 7*32+19) /* "" Fill RSB on context switches */



#define X86_FEATURE_USE_IBPB		( 7*32+21) /* "" Indirect Branch Prediction Barrier enabled */



/* Virtualization flags: Linux defined, word 8 */

#define X86_FEATURE_TPR_SHADOW		( 8*32+ 0) /* Intel TPR Shadow */
@@ -272,6 +272,9 @@ 
#define X86_FEATURE_CLZERO		(13*32+ 0) /* CLZERO instruction */

#define X86_FEATURE_IRPERF		(13*32+ 1) /* Instructions Retired Count */

#define X86_FEATURE_XSAVEERPTR		(13*32+ 2) /* Always save/restore FP error pointers */

#define X86_FEATURE_IBPB		(13*32+12) /* Indirect Branch Prediction Barrier */

#define X86_FEATURE_IBRS		(13*32+14) /* Indirect Branch Restricted Speculation */

#define X86_FEATURE_STIBP		(13*32+15) /* Single Thread Indirect Branch Predictors */



/* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */

#define X86_FEATURE_DTHERM		(14*32+ 0) /* Digital Thermal Sensor */
@@ -320,6 +323,13 @@ 
#define X86_FEATURE_SUCCOR		(17*32+ 1) /* Uncorrectable error containment and recovery */

#define X86_FEATURE_SMCA		(17*32+ 3) /* Scalable MCA */



/* Intel-defined CPU features, CPUID level 0x00000007:0 (EDX), word 18 */

#define X86_FEATURE_AVX512_4VNNIW	(18*32+ 2) /* AVX-512 Neural Network Instructions */

#define X86_FEATURE_AVX512_4FMAPS	(18*32+ 3) /* AVX-512 Multiply Accumulation Single precision */

#define X86_FEATURE_SPEC_CTRL		(18*32+26) /* "" Speculation Control (IBRS + IBPB) */

#define X86_FEATURE_INTEL_STIBP		(18*32+27) /* "" Single Thread Indirect Branch Predictors */

#define X86_FEATURE_ARCH_CAPABILITIES	(18*32+29) /* IA32_ARCH_CAPABILITIES MSR (Intel) */



/*

 * BUG word(s)

 */