[SRU][Trusty][PATCH 1/3] UBUNTU: SAUCE: x86/speculation: Cleanup IBPB runtime control handling (v2)

Juerg Haefliger juerg.haefliger at canonical.com
Wed Nov 21 17:31:11 UTC 2018


Cleanup the code to match Xenial. Functional changes introduced:
  - Return an error when someone tries to enable IBPB via procfs on HW that
    doesn't have IBPB support.
  - Write every IBPB state change to the kernel log.

CVE-2017-5715

Signed-off-by: Juerg Haefliger <juergh at canonical.com>
---
 arch/x86/include/asm/nospec-branch.h |  6 ++++--
 arch/x86/kernel/cpu/bugs.c           | 23 +++++++++++-----------
 kernel/sysctl.c                      | 29 ++++++++++++++++------------
 3 files changed, 32 insertions(+), 26 deletions(-)

diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index dd8f0790fbd9..3cc7e65fbb3a 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -190,9 +190,11 @@
 # define THUNK_TARGET(addr) [thunk_target] "rm" (addr)
 #endif
 
-/* The IBPB and IBRS runtime control knobs */
+/* The IBPB runtime control knob */
 extern unsigned int ibpb_enabled;
-void ibpb_enable(void);
+int set_ibpb_enabled(unsigned int);
+
+/* The IBRS runtime control knob */
 extern unsigned int ibrs_enabled;
 void ibrs_enable(void);
 
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 5b1d8522764e..b4a0a26efc0d 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -428,19 +428,18 @@ retpoline_auto:
 	spectre_v2_enabled = mode;
 	pr_info("%s\n", spectre_v2_strings[mode]);
 
-	/* Initialize Indirect Branch Prediction Barrier if supported */
+	/*
+	 * Initialize Indirect Branch Prediction Barrier if supported and not
+	 * disabled on the commandline
+	 */
 	if (boot_cpu_has(X86_FEATURE_IBPB)) {
 		setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
-
-		/*
-		 * Enable IBPB support if it's not turned off on the
-		 * commandline.
-		 */
-		if (!noibpb)
-			ibpb_enable();
-
-		pr_info("%s Indirect Branch Prediction Barrier\n",
-			ibpb_enabled ? "Enabling" : "Disabling");
+		if (noibpb) {
+			/* IBPB disabled via commandline */
+			set_ibpb_enabled(0);
+		} else {
+			set_ibpb_enabled(1);
+		}
 	}
 
 	/*
@@ -876,7 +875,7 @@ static ssize_t cpu_show_common(struct device *dev, struct device_attribute *attr
 
 	case X86_BUG_SPECTRE_V2:
 		return sprintf(buf, "%s%s%s\n", spectre_v2_strings[spectre_v2_enabled],
-			       ibpb_enabled && boot_cpu_has(X86_FEATURE_USE_IBPB) ? ", IBPB" : "",
+			       ibpb_enabled ? ", IBPB" : "",
 			       boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "");
 
 	case X86_BUG_SPEC_STORE_BYPASS:
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index e18e18bebd92..9d3084581410 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -203,31 +203,37 @@ static int proc_dostring_coredump(struct ctl_table *table, int write,
 DEFINE_MUTEX(spec_ctrl_mutex);
 
 unsigned int ibpb_enabled = 0;
-EXPORT_SYMBOL(ibpb_enabled);
+EXPORT_SYMBOL(ibpb_enabled);   /* Required in some modules */
 
 static unsigned int __ibpb_enabled = 0;   /* procfs shadow variable */
 
-static void set_ibpb_enabled(unsigned int val)
+int set_ibpb_enabled(unsigned int val)
 {
+	int error = 0;
+
 	mutex_lock(&spec_ctrl_mutex);
 
 	/* Only enable IBPB if the CPU supports it */
-	if (val && boot_cpu_has(X86_FEATURE_USE_IBPB))
-		ibpb_enabled = 1;
-	else
+	if (boot_cpu_has(X86_FEATURE_IBPB)) {
+		ibpb_enabled = val;
+		pr_info("Spectre V2 : Spectre v2 mitigation: %s Indirect "
+			"Branch Prediction Barrier\n",
+			ibpb_enabled ? "Enabling" : "Disabling");
+	} else {
 		ibpb_enabled = 0;
+		if (val) {
+			/* IBPB is not supported but we try to turn it on */
+			error = -EINVAL;
+		}
+	}
 
 	/* Update the shadow variable */
 	__ibpb_enabled = ibpb_enabled;
 
 	mutex_unlock(&spec_ctrl_mutex);
-}
 
-inline void ibpb_enable(void)
-{
-	set_ibpb_enabled(1);
+	return error;
 }
-EXPORT_SYMBOL(ibpb_enable);
 
 static int ibpb_enabled_handler(struct ctl_table *table, int write,
 				void __user *buffer, size_t *lenp,
@@ -239,8 +245,7 @@ static int ibpb_enabled_handler(struct ctl_table *table, int write,
 	if (error)
 		return error;
 
-	set_ibpb_enabled(__ibpb_enabled);
-	return 0;
+	return set_ibpb_enabled(__ibpb_enabled);
 }
 
 unsigned int ibrs_enabled = 0;
-- 
2.19.1




More information about the kernel-team mailing list