From patchwork Thu Dec 13 13:21:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juerg Haefliger X-Patchwork-Id: 1012868 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43FvT908Ztz9sB7; Fri, 14 Dec 2018 00:21:16 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1gXQvO-0004Wz-MC; Thu, 13 Dec 2018 13:21:10 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1gXQvM-0004WH-6d for kernel-team@lists.ubuntu.com; Thu, 13 Dec 2018 13:21:08 +0000 Received: from mail-ed1-f71.google.com ([209.85.208.71]) by youngberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1gXQvL-0003IA-VR for kernel-team@lists.ubuntu.com; Thu, 13 Dec 2018 13:21:07 +0000 Received: by mail-ed1-f71.google.com with SMTP id e17so1140004edr.7 for ; Thu, 13 Dec 2018 05:21:07 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=sPj4Os/AGhS+6MCLyHtwpRRB0UuFxwtwhHchhSJ0704=; b=k0oN4dg/Oxp+t5FNv/HzjvHAlT+NMyHH/PF5jVOC5JirpmVUMIS782adPSXqmbq4ja VBFm1C/1Ke6ytXb8o3BVlk1WntyYfgoOFF/uJrAuOjiuGu+Kvdw9mb2pJDb5kLm3iOkf KCfDweYweRAnekaaBMIV5s+RKKCQgVdrNAZQLWXamEBqtS17HmXuE5tzsJYiBcQSsPp6 JkQ6Y0zjeLdewPOhSWWxcB7xGIMEuyj93TS9SHIhA0RPjR4GwCLmrJmTcev68iaakHMC rd+Xbc4FWFTP/rhOHUPp+4sFt+m8PWJFfwNtABszihb/0PvxESaIL4+M6zFC6/m3qMPt pKOA== X-Gm-Message-State: AA+aEWaIqIzmO3OAtcnGO/8T3GfBBGlPXLTIeCC7rjBNX67Q5hi1q/Lx FWYGCDIJqN9LwgBfi/xk0mIifNLGe+7XSmcXBVwi5Y8V60bB8mi5A9YLHZYRojQYvSMo35dIeTZ e1u9CeMUzDU0ZIWz19q2HBpf65mmsEmphu9JLF2x2Jg== X-Received: by 2002:a17:906:a281:: with SMTP id i1-v6mr5860380ejz.86.1544707267422; Thu, 13 Dec 2018 05:21:07 -0800 (PST) X-Google-Smtp-Source: AFSGD/VCVjJInCcputFMQGxvv9GWF9SPWCcikzeYhpfiT0uJy/WRvwBzl5mHEU1UlUxrpsijyY+uXQ== X-Received: by 2002:a17:906:a281:: with SMTP id i1-v6mr5860372ejz.86.1544707267178; Thu, 13 Dec 2018 05:21:07 -0800 (PST) Received: from gollum.fritz.box ([81.221.192.120]) by smtp.gmail.com with ESMTPSA id j23sm579823edr.89.2018.12.13.05.21.06 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Dec 2018 05:21:06 -0800 (PST) From: Juerg Haefliger X-Google-Original-From: Juerg Haefliger To: kernel-team@lists.ubuntu.com Subject: [SRU][Xenial][PATCH v2 3/4] UBUNTU: SAUCE: x86/speculation: Use x86_spec_ctrl_base in entry/exit code Date: Thu, 13 Dec 2018 14:21:01 +0100 Message-Id: <20181213132102.23677-4-juergh@canonical.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181121135831.25405-1-juergh@canonical.com> References: <20181121135831.25405-1-juergh@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" Honor the value of x86_spec_ctrl_base when manipulating the MSR_IA32_SPEC_CTRL MSR in the entry/exit code. CVE-2017-5715 Signed-off-by: Juerg Haefliger Acked-by: Stefan Bader Acked-by: Kleber Sacilotto de Souza --- arch/x86/include/asm/spec_ctrl.h | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h index a5d93d23390e..152c0ed1833f 100644 --- a/arch/x86/include/asm/spec_ctrl.h +++ b/arch/x86/include/asm/spec_ctrl.h @@ -9,14 +9,17 @@ #ifdef __ASSEMBLY__ .extern ibrs_enabled +.extern x86_spec_ctrl_base #define __ASM_ENABLE_IBRS \ pushq %rax; \ pushq %rcx; \ pushq %rdx; \ movl $MSR_IA32_SPEC_CTRL, %ecx; \ - movl $0, %edx; \ - movl $SPEC_CTRL_IBRS, %eax; \ + movq x86_spec_ctrl_base, %rdx; \ + shr $32, %rdx; \ + movq x86_spec_ctrl_base, %rax; \ + orl $SPEC_CTRL_IBRS, %eax; \ wrmsr; \ popq %rdx; \ popq %rcx; \ @@ -24,8 +27,10 @@ #define __ASM_ENABLE_IBRS_CLOBBER \ movl $MSR_IA32_SPEC_CTRL, %ecx; \ - movl $0, %edx; \ - movl $SPEC_CTRL_IBRS, %eax; \ + movq x86_spec_ctrl_base, %rdx; \ + shr $32, %rdx; \ + movq x86_spec_ctrl_base, %rax; \ + orl $SPEC_CTRL_IBRS, %eax; \ wrmsr; #define __ASM_DISABLE_IBRS \ @@ -33,8 +38,9 @@ pushq %rcx; \ pushq %rdx; \ movl $MSR_IA32_SPEC_CTRL, %ecx; \ - movl $0, %edx; \ - movl $0, %eax; \ + movq x86_spec_ctrl_base, %rdx; \ + shr $32, %rdx; \ + movq x86_spec_ctrl_base, %rax; \ wrmsr; \ popq %rdx; \ popq %rcx; \