[SRU][Xenial][PATCH v2 3/4] UBUNTU: SAUCE: x86/speculation: Use x86_spec_ctrl_base in entry/exit code
Juerg Haefliger
juerg.haefliger at canonical.com
Thu Dec 13 13:21:01 UTC 2018
Honor the value of x86_spec_ctrl_base when manipulating the
MSR_IA32_SPEC_CTRL MSR in the entry/exit code.
CVE-2017-5715
Signed-off-by: Juerg Haefliger <juergh at canonical.com>
---
arch/x86/include/asm/spec_ctrl.h | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h
index a5d93d23390e..152c0ed1833f 100644
--- a/arch/x86/include/asm/spec_ctrl.h
+++ b/arch/x86/include/asm/spec_ctrl.h
@@ -9,14 +9,17 @@
#ifdef __ASSEMBLY__
.extern ibrs_enabled
+.extern x86_spec_ctrl_base
#define __ASM_ENABLE_IBRS \
pushq %rax; \
pushq %rcx; \
pushq %rdx; \
movl $MSR_IA32_SPEC_CTRL, %ecx; \
- movl $0, %edx; \
- movl $SPEC_CTRL_IBRS, %eax; \
+ movq x86_spec_ctrl_base, %rdx; \
+ shr $32, %rdx; \
+ movq x86_spec_ctrl_base, %rax; \
+ orl $SPEC_CTRL_IBRS, %eax; \
wrmsr; \
popq %rdx; \
popq %rcx; \
@@ -24,8 +27,10 @@
#define __ASM_ENABLE_IBRS_CLOBBER \
movl $MSR_IA32_SPEC_CTRL, %ecx; \
- movl $0, %edx; \
- movl $SPEC_CTRL_IBRS, %eax; \
+ movq x86_spec_ctrl_base, %rdx; \
+ shr $32, %rdx; \
+ movq x86_spec_ctrl_base, %rax; \
+ orl $SPEC_CTRL_IBRS, %eax; \
wrmsr;
#define __ASM_DISABLE_IBRS \
@@ -33,8 +38,9 @@
pushq %rcx; \
pushq %rdx; \
movl $MSR_IA32_SPEC_CTRL, %ecx; \
- movl $0, %edx; \
- movl $0, %eax; \
+ movq x86_spec_ctrl_base, %rdx; \
+ shr $32, %rdx; \
+ movq x86_spec_ctrl_base, %rax; \
wrmsr; \
popq %rdx; \
popq %rcx; \
--
2.19.1
More information about the kernel-team
mailing list