From patchwork Thu Dec 13 13:21:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juerg Haefliger X-Patchwork-Id: 1012869 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43FvT858B3z9s8r; Fri, 14 Dec 2018 00:21:16 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1gXQvP-0004Xc-RI; Thu, 13 Dec 2018 13:21:11 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1gXQvM-0004WP-VH for kernel-team@lists.ubuntu.com; Thu, 13 Dec 2018 13:21:08 +0000 Received: from mail-ed1-f72.google.com ([209.85.208.72]) by youngberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1gXQvM-0003IK-O0 for kernel-team@lists.ubuntu.com; Thu, 13 Dec 2018 13:21:08 +0000 Received: by mail-ed1-f72.google.com with SMTP id c53so1156321edc.9 for ; Thu, 13 Dec 2018 05:21:08 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=XKcTpu1cVBFI3ksSezbey14ZjA5VQYzqF40E96LHznk=; b=ZBcIVPpGkrHPlKZ1kcAZV17+hmkxlXXhxIUv60S0cQndoiDo7mChqbQfhp3UwuXK0O 0H6HPZFrokbBFm1wSgGmR1cl7EtGkEa5b2B9OVPxq7GXe+T3GlMi51IP/CnLh8GRm1CR orf49up9OSK5CWZqprwhJxDb5xoDCwN3PWTdrliZtDQL+4+RHu6ZxD01ctCiz/iPm4X9 Ho1Kr5KMreLa846jtPrEQxFnmDQ2KNxMyDkwqcDyo5wjoTSHUCcZhjvaYntpBpQi9HSe T2s2HWTxdw8PFBLLh5fqOklHq3W67Ps175Cl07yJKgHkiNmH/Cnx546iIdRC+UnYZe8k Nbtg== X-Gm-Message-State: AA+aEWY9ebYDHgAdrc67stch74npfCqNZ3hzO+4JHZGeu3SK3B/HUyMk vxhCv6yNfvyHEmfjf8isnsUnxn2yguRXbTNY2+Ch+1fYSC2GWsIje1jH7CqB41o39SiYyo0YE+V icn2RZM39Tl8syQeYt7gmkkAhSUCdERxyeiyfbiRh5w== X-Received: by 2002:a17:906:3ed4:: with SMTP id d20-v6mr18255933ejj.151.1544707268191; Thu, 13 Dec 2018 05:21:08 -0800 (PST) X-Google-Smtp-Source: AFSGD/VC7nzlt3SyrMWxzKoOc5iwT9tpodxaglGemC6uub8IcXzXrA2jbYSOXITw7vvtqP16xTKu9g== X-Received: by 2002:a17:906:3ed4:: with SMTP id d20-v6mr18255922ejj.151.1544707267934; Thu, 13 Dec 2018 05:21:07 -0800 (PST) Received: from gollum.fritz.box ([81.221.192.120]) by smtp.gmail.com with ESMTPSA id j23sm579823edr.89.2018.12.13.05.21.07 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Dec 2018 05:21:07 -0800 (PST) From: Juerg Haefliger X-Google-Original-From: Juerg Haefliger To: kernel-team@lists.ubuntu.com Subject: [SRU][Xenial][PATCH v2 4/4] UBUNTU: SAUCE: x86/speculation: Move RSB_CTXSW hunk Date: Thu, 13 Dec 2018 14:21:02 +0100 Message-Id: <20181213132102.23677-5-juergh@canonical.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181121135831.25405-1-juergh@canonical.com> References: <20181121135831.25405-1-juergh@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" Move the RSB_CTXSW hunk further up in spectre_v2_select_mitigation() to match upstream. No functional changes. CVE-2017-5715 Signed-off-by: Juerg Haefliger Acked-by: Stefan Bader Acked-by: Kleber Sacilotto de Souza --- arch/x86/kernel/cpu/bugs.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 7a9940015af5..15867c20ed1c 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -410,16 +410,6 @@ specv2_set_mode: spectre_v2_enabled = mode; pr_info("%s\n", spectre_v2_strings[mode]); - /* - * Initialize Indirect Branch Prediction Barrier if supported and not - * disabled on the commandline - */ - if (boot_cpu_has(X86_FEATURE_IBPB)) { - setup_force_cpu_cap(X86_FEATURE_USE_IBPB); - if (!noibpb) - set_ibpb_enabled(1); /* Enable IBPB */ - } - /* * If spectre v2 protection has been enabled, unconditionally fill * RSB during a context switch; this protects against two independent @@ -431,6 +421,16 @@ specv2_set_mode: setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n"); + /* + * Initialize Indirect Branch Prediction Barrier if supported and not + * disabled on the commandline + */ + if (boot_cpu_has(X86_FEATURE_IBPB)) { + setup_force_cpu_cap(X86_FEATURE_USE_IBPB); + if (!noibpb) + set_ibpb_enabled(1); /* Enable IBPB */ + } + /* * Retpoline means the kernel is safe because it has no indirect * branches. Enhanced IBRS protects firmware too, so, enable restricted