Re: [PATCH 6/7] x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
From: David Woodhouse
Date: Fri Jan 05 2018 - 06:17:01 EST
On Thu, 2018-01-04 at 09:56 -0800, Tim Chen wrote:
>
> +ÂÂÂÂÂÂÂmutex_lock(&spec_ctrl_mutex);
> +
> +ÂÂÂÂÂÂÂif (enable == IBRS_DISABLED) {
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ/* disable IBRS usage */
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂset_ibrs_disabled();
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂif (spec_ctrl_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂspec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_DISABLE_IBRS);
> +ÂÂÂÂÂÂÂ} else if (enable == IBRS_ENABLED) {
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ/* enable IBRS usage in kernel */
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂclear_ibrs_disabled();
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂif (spec_ctrl_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂset_ibrs_inuse();
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂelse
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ/* Platform don't support IBRS */
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂenable = IBRS_DISABLED;
> +ÂÂÂÂÂÂÂ} else if (enable == IBRS_ENABLED_USER) {
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ/* enable IBRS usage in both userspace and kernel */
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂclear_ibrs_disabled();
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ/* don't change IBRS value once we set it to always on */
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂclear_ibrs_inuse();
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂif (spec_ctrl_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂspec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS);
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂelse
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ/* Platform don't support IBRS */
> +ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂenable = IBRS_DISABLED;
> +ÂÂÂÂÂÂÂ}
This doesn't take the retpoline status into account. If we have
retpoline, we don't need IBRS in the kernel.Attachment:
smime.p7s
Description: S/MIME cryptographic signature