Received: by 10.223.176.5 with SMTP id f5csp2847174wra; Mon, 5 Feb 2018 10:52:46 -0800 (PST) X-Google-Smtp-Source: AH8x224LjzhAdpPM8GzvXK7mAiGIaXZL5+sfn6YtGaNjTBXDNWfDIdbwUYoZgCLPuYCvyRtrCw2z X-Received: by 10.98.225.7 with SMTP id q7mr48942502pfh.22.1517856766401; Mon, 05 Feb 2018 10:52:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517856766; cv=none; d=google.com; s=arc-20160816; b=WaL6qQRok4u6ZhiqahoxzjoR1nnRpdY59mJ0+7j3v1ZsIwEJrZAN/LciyoN/5gLSVe 3H8HvJTJn1vMBBWKBHDvLaJLOAnDo8AFt322yJmOb/76i40pp5nl4QtncmY+jM6uI699 ozf7P8wgkXJ9S1NLQTd4aT7NiFnd1IbsDIGk2W+ihIDN47Yq51MV0ZiJrLZMV55B/AOE 09T8ZOkpqTglfVlF4uOqQmFIoPdT+HOBO3RPvY3U4dSlGUPfklJbrCT/fYMVVwcXL3eF zEJEitjCod3RK/w3EO+gmemTh5/cj62xzpGJSWmOq3PyMtsCOslDBF8dXrKyhIbZ+F2p MBbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=9rZGbRa39u3f+GfUMz5sjegZ0dbVPMp/EBcsHr1MLIU=; b=HC1l/fCRFU4DP6UmI0tf+l3iWOPGGuzEKpgI5F70ckRS9VXgX1ADa5UJ3xdEHuQhko MOPZ3HIPjmnJbY4Dt6ySU+JWm4cvJ+8xWdfs8G6rCmVC1Ifu7fkvRQlVgrtm28eV8zm2 pqfptc64hEcOpLzfdEylv+6mj7h+BbbcWh8m12v4KTCqH8WQVDGsOkSE3p5swcOpacmT efZ4Omiw+yOY6f1GFoBbn0hSM3Znci/1Ik09JKUxi3X8tf/02GgNAfb4JIIfsZaLr52H Q58JExzRrqWIjN1Nd6+fZQpAbfciC5Bvf2KPzKAPC+Z3kA+2/uy39dFiCa7Uvjhy9wEn WcgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g3-v6si181254plb.331.2018.02.05.10.52.31; Mon, 05 Feb 2018 10:52:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753739AbeBESwI (ORCPT + 99 others); Mon, 5 Feb 2018 13:52:08 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:52896 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753813AbeBESZv (ORCPT ); Mon, 5 Feb 2018 13:25:51 -0500 Received: from localhost (unknown [104.132.1.108]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id ADB961144; Mon, 5 Feb 2018 18:25:32 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, David Woodhouse , Thomas Gleixner , karahmed@amazon.de, peterz@infradead.org, bp@alien8.de Subject: [PATCH 4.15 45/60] x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel Date: Mon, 5 Feb 2018 10:23:18 -0800 Message-Id: <20180205182215.828953926@linuxfoundation.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180205182213.902626065@linuxfoundation.org> References: <20180205182213.902626065@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: David Woodhouse dwmw@amazon.co.uk commit 7fcae1118f5fd44a862aa5c3525248e35ee67c3b Despite the fact that all the other code there seems to be doing it, just using set_cpu_cap() in early_intel_init() doesn't actually work. For CPUs with PKU support, setup_pku() calls get_cpu_cap() after c->c_init() has set those feature bits. That resets those bits back to what was queried from the hardware. Turning the bits off for bad microcode is easy to fix. That can just use setup_clear_cpu_cap() to force them off for all CPUs. I was less keen on forcing the feature bits *on* that way, just in case of inconsistencies. I appreciate that the kernel is going to get this utterly wrong if CPU features are not consistent, because it has already applied alternatives by the time secondary CPUs are brought up. But at least if setup_force_cpu_cap() isn't being used, we might have a chance of *detecting* the lack of the corresponding bit and either panicking or refusing to bring the offending CPU online. So ensure that the appropriate feature bits are set within get_cpu_cap() regardless of how many extra times it's called. Fixes: 2961298e ("x86/cpufeatures: Clean up Spectre v2 related CPUID flags") Signed-off-by: David Woodhouse Signed-off-by: Thomas Gleixner Cc: karahmed@amazon.de Cc: peterz@infradead.org Cc: bp@alien8.de Link: https://lkml.kernel.org/r/1517322623-15261-1-git-send-email-dwmw@amazon.co.uk Signed-off-by: Greg Kroah-Hartman --- arch/x86/kernel/cpu/common.c | 21 +++++++++++++++++++++ arch/x86/kernel/cpu/intel.c | 27 ++++++++------------------- 2 files changed, 29 insertions(+), 19 deletions(-) --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -750,6 +750,26 @@ static void apply_forced_caps(struct cpu } } +static void init_speculation_control(struct cpuinfo_x86 *c) +{ + /* + * The Intel SPEC_CTRL CPUID bit implies IBRS and IBPB support, + * and they also have a different bit for STIBP support. Also, + * a hypervisor might have set the individual AMD bits even on + * Intel CPUs, for finer-grained selection of what's available. + * + * We use the AMD bits in 0x8000_0008 EBX as the generic hardware + * features, which are visible in /proc/cpuinfo and used by the + * kernel. So set those accordingly from the Intel bits. + */ + if (cpu_has(c, X86_FEATURE_SPEC_CTRL)) { + set_cpu_cap(c, X86_FEATURE_IBRS); + set_cpu_cap(c, X86_FEATURE_IBPB); + } + if (cpu_has(c, X86_FEATURE_INTEL_STIBP)) + set_cpu_cap(c, X86_FEATURE_STIBP); +} + void get_cpu_cap(struct cpuinfo_x86 *c) { u32 eax, ebx, ecx, edx; @@ -844,6 +864,7 @@ void get_cpu_cap(struct cpuinfo_x86 *c) c->x86_capability[CPUID_8000_000A_EDX] = cpuid_edx(0x8000000a); init_scattered_cpuid_features(c); + init_speculation_control(c); /* * Clear/Set all flags overridden by options, after probe. --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -175,28 +175,17 @@ static void early_init_intel(struct cpui if (c->x86 >= 6 && !cpu_has(c, X86_FEATURE_IA64)) c->microcode = intel_get_microcode_revision(); - /* - * The Intel SPEC_CTRL CPUID bit implies IBRS and IBPB support, - * and they also have a different bit for STIBP support. Also, - * a hypervisor might have set the individual AMD bits even on - * Intel CPUs, for finer-grained selection of what's available. - */ - if (cpu_has(c, X86_FEATURE_SPEC_CTRL)) { - set_cpu_cap(c, X86_FEATURE_IBRS); - set_cpu_cap(c, X86_FEATURE_IBPB); - } - if (cpu_has(c, X86_FEATURE_INTEL_STIBP)) - set_cpu_cap(c, X86_FEATURE_STIBP); - /* Now if any of them are set, check the blacklist and clear the lot */ - if ((cpu_has(c, X86_FEATURE_IBRS) || cpu_has(c, X86_FEATURE_IBPB) || + if ((cpu_has(c, X86_FEATURE_SPEC_CTRL) || + cpu_has(c, X86_FEATURE_INTEL_STIBP) || + cpu_has(c, X86_FEATURE_IBRS) || cpu_has(c, X86_FEATURE_IBPB) || cpu_has(c, X86_FEATURE_STIBP)) && bad_spectre_microcode(c)) { pr_warn("Intel Spectre v2 broken microcode detected; disabling Speculation Control\n"); - clear_cpu_cap(c, X86_FEATURE_IBRS); - clear_cpu_cap(c, X86_FEATURE_IBPB); - clear_cpu_cap(c, X86_FEATURE_STIBP); - clear_cpu_cap(c, X86_FEATURE_SPEC_CTRL); - clear_cpu_cap(c, X86_FEATURE_INTEL_STIBP); + setup_clear_cpu_cap(X86_FEATURE_IBRS); + setup_clear_cpu_cap(X86_FEATURE_IBPB); + setup_clear_cpu_cap(X86_FEATURE_STIBP); + setup_clear_cpu_cap(X86_FEATURE_SPEC_CTRL); + setup_clear_cpu_cap(X86_FEATURE_INTEL_STIBP); } /*