Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4704409imw; Tue, 12 Jul 2022 12:43:51 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sqKMOit8eL1EpUOii352fvkYNzzg1/LeI7vhKZjOZ2nH9pDVuogv0nZRjwS+oPmn94q18f X-Received: by 2002:a17:907:7d91:b0:72b:4d74:f4f6 with SMTP id oz17-20020a1709077d9100b0072b4d74f4f6mr14151788ejc.314.1657655031460; Tue, 12 Jul 2022 12:43:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657655031; cv=none; d=google.com; s=arc-20160816; b=YHyBCwlxaynz+35Y0UTMuqXCJ4r8g92/xIaEjEVk+3PTSgnrW8WFUSBXGPyJ1B5M2Z OwctyRPlk+sE+FtZ2wHQyeI3Y7PX0MTfHZ90JNCgt1hwR4Eui/30I5bsGM5Q1/AT7cJS yXmiVte2s1vp7OzbzdR1dy/Fprzuj+9n0nDdmClUk438daWyUL4VCOkdFYuiFsr6AYMI 0X6RwSMWxjpOxO2dacXyjW8h140WfXmpUQsoDe9EpfPT8K24ZopCer0+EuWrMPQi3/ko frNfL5ldDmKLz5L+vpWThyPoZ4hK+IkwWk6VGnRTlMQhE2p+Ziu3CjGumYUYVmzf2nti drVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=vS2GJEKulj7t1N2oYMYKiY8GsfboIiSMFPbI6J3CawY=; b=Ven6Aq5KDuw/OW79CTwfX7CR/b7w793rW5Iy8mj9MISycwRXO8Rs5fwu3CWX/TvvyF O8cLKTh8r5i8vwMA1P8SKKSgybQaUX4KqSJlWRxyiN6dW4z4wfgK0gA2f+eigT95/uBk vZkLtLRZEKrH+A67YcVuo/N8Vwlr/mXmUP3yiJgoVIqCW6Xv2o3Q5mjVrmISaDm0KAOe gXvmDiomLH+/K9yb465xIQXQeuPTbdxTPWJOJsziGmP1jvYXe9vPprGY7bEM2KaMKD5X AbtvW0/9q9XuzYdzvQNOgZ+frotMC0gK8+Ac0yNZW0+80knkBGfIlow6HXFzRUPaJjir JPew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=T2eaa6Bq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id oz30-20020a1709077d9e00b00722fb07523asi6569636ejc.614.2022.07.12.12.43.26; Tue, 12 Jul 2022 12:43:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=T2eaa6Bq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235930AbiGLTPD (ORCPT + 99 others); Tue, 12 Jul 2022 15:15:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49802 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235807AbiGLTOC (ORCPT ); Tue, 12 Jul 2022 15:14:02 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2CCDC4D167; Tue, 12 Jul 2022 11:53:52 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 78EAB61123; Tue, 12 Jul 2022 18:53:51 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 67D6AC341C0; Tue, 12 Jul 2022 18:53:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1657652030; bh=zvjDX8b18xJxifx02nx4to4MscGcD0clud+Y979qlDs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=T2eaa6BqnDWUi3GC3J1EjwQW8GLcp8b6AYzNl9S3myKDC4RJ/NLXjRukr8+CuH+i4 1pQZUpJweM1RJMfO8bnkzBfqh4CSaOAFSNGXhOVAbsuARJo6cx6wtVYnlLv0mkIJre 2LL8aiXu2lJvwQx3DowvcEJ7RQ7Lk3osjRJB0uqo= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Thadeu Lima de Souza Cascardo , Borislav Petkov Subject: [PATCH 5.18 58/61] x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported Date: Tue, 12 Jul 2022 20:39:55 +0200 Message-Id: <20220712183239.191222652@linuxfoundation.org> X-Mailer: git-send-email 2.37.0 In-Reply-To: <20220712183236.931648980@linuxfoundation.org> References: <20220712183236.931648980@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Thadeu Lima de Souza Cascardo commit 2259da159fbe5dba8ac00b560cf00b6a6537fa18 upstream. There are some VM configurations which have Skylake model but do not support IBPB. In those cases, when using retbleed=ibpb, userspace is going to be killed and kernel is going to panic. If the CPU does not support IBPB, warn and proceed with the auto option. Also, do not fallback to IBPB on AMD/Hygon systems if it is not supported. Fixes: 3ebc17006888 ("x86/bugs: Add retbleed=ibpb") Signed-off-by: Thadeu Lima de Souza Cascardo Signed-off-by: Borislav Petkov Signed-off-by: Thadeu Lima de Souza Cascardo Signed-off-by: Greg Kroah-Hartman --- arch/x86/kernel/cpu/bugs.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -858,7 +858,10 @@ static void __init retbleed_select_mitig break; case RETBLEED_CMD_IBPB: - if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { + if (!boot_cpu_has(X86_FEATURE_IBPB)) { + pr_err("WARNING: CPU does not support IBPB.\n"); + goto do_cmd_auto; + } else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { retbleed_mitigation = RETBLEED_MITIGATION_IBPB; } else { pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); @@ -873,7 +876,7 @@ do_cmd_auto: boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) { if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) retbleed_mitigation = RETBLEED_MITIGATION_UNRET; - else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) + else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) retbleed_mitigation = RETBLEED_MITIGATION_IBPB; }