[PATCH 7/7] x86,sme: Annotate indirect call

From: Peter Zijlstra
Date: Thu Feb 01 2018 - 09:49:28 EST


This is boot code, we run this _way_ before userspace comes along to
poison our branch predictor.

Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxx>
Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
---
arch/x86/mm/mem_encrypt_boot.S | 2 ++
1 file changed, 2 insertions(+)

--- a/arch/x86/mm/mem_encrypt_boot.S
+++ b/arch/x86/mm/mem_encrypt_boot.S
@@ -15,6 +15,7 @@
#include <asm/page.h>
#include <asm/processor-flags.h>
#include <asm/msr-index.h>
+#include <asm/nospec-branch.h>

.text
.code64
@@ -59,6 +60,7 @@ ENTRY(sme_encrypt_execute)
movq %rax, %r8 /* Workarea encryption routine */
addq $PAGE_SIZE, %r8 /* Workarea intermediate copy buffer */

+ ANNOTATE_RETPOLINE_SAFE
call *%rax /* Call the encryption routine */

pop %r12