Re: [PATCH 23/35] x86/speculation: Add basic speculation control code

From: Josh Poimboeuf
Date: Thu Jan 18 2018 - 11:38:02 EST

Next message: Philippe CORNU: "Re: [PATCH 2/2] clk: stm32: Add DSI clock for STM32F469 Board"
Previous message: Philippe CORNU: "Re: [PATCH 1/2] clk: stm32: END_PRIMARY_CLK should be declare after CLK_SYSCLK"
In reply to: Peter Zijlstra: "[PATCH 23/35] x86/speculation: Add basic speculation control code"
Next in thread: Dave Hansen: "Re: [PATCH 23/35] x86/speculation: Add basic speculation control code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 18, 2018 at 02:48:23PM +0100, Peter Zijlstra wrote:
> From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
>
> Add the minimal infrastructure to control the speculation control feature.
>
> - Integrate it into the spectre_v2 coammand line parser and the mitigation
> selector function. The conditional selector function is a placeholder
> right now, which needs to be expanded with CPU specific decision
> functions.
>
> - Provide a static key for the actual code control.
>
> - Provide a init function which is called after jump label patching is
> functional.
>
> - Provide an interface for the late micro code loader to allow late
> discovery of the IBRS support. Not yet functional.
>
> [peterz: fixed Makefile]
>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
> ---
> Documentation/admin-guide/kernel-parameters.txt | 1
> arch/x86/include/asm/nospec-branch.h | 5 +++
> arch/x86/kernel/cpu/Makefile | 1
> arch/x86/kernel/cpu/bugs.c | 26 +++++++++++++++++-
> arch/x86/kernel/cpu/specctrl.c | 33 ++++++++++++++++++++++++
> 5 files changed, 64 insertions(+), 2 deletions(-)
>
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -3932,6 +3932,7 @@
> retpoline - replace indirect branches
> retpoline,generic - google's original retpoline
> retpoline,amd - AMD-specific minimal thunk
> + ibrs - Intel: Indirect Branch Restricted Speculation

Are there plans to add spectre_v2=ibrs_always to prevent SMT-based
attacks?

> --- /dev/null
> +++ b/arch/x86/kernel/cpu/specctrl.c
> @@ -0,0 +1,33 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +#include <asm/cpufeature.h>
> +#include <asm/cpufeatures.h>
> +#include <asm/nospec-branch.h>
> +
> +static inline void specctrl_enable_ibrs(void)
> +{
> + setup_force_cpu_cap(X86_FEATURE_IBRS);
> +}

"spec_ctrl" seems much more readable than specctrl (for both function
and file names). And also more consistent with the SPEC_CTRL MSR and
FEATURE names.

--
Josh

Next message: Philippe CORNU: "Re: [PATCH 2/2] clk: stm32: Add DSI clock for STM32F469 Board"
Previous message: Philippe CORNU: "Re: [PATCH 1/2] clk: stm32: END_PRIMARY_CLK should be declare after CLK_SYSCLK"
In reply to: Peter Zijlstra: "[PATCH 23/35] x86/speculation: Add basic speculation control code"
Next in thread: Dave Hansen: "Re: [PATCH 23/35] x86/speculation: Add basic speculation control code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]