Re: [PATCH 5/7] x86: Use IBRS for firmware update path
From: Peter Zijlstra
Date: Thu Jan 04 2018 - 17:51:42 EST
On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote:
> diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h
> index 28b0314..23b2804 100644
> --- a/arch/x86/include/asm/spec_ctrl.h
> +++ b/arch/x86/include/asm/spec_ctrl.h
> @@ -113,5 +113,42 @@ static inline void unprotected_speculation_end(void)
> rmb();
> }
>
> +
> +#if defined(RETPOLINE)
> +/*
> + * RETPOLINE does not protect against indirect speculation
> + * in firmware code. Enable IBRS to protect firmware execution.
> + */
> +static inline void unprotected_firmware_begin(void)
> +{
> + if (boot_cpu_has(X86_FEATURE_SPEC_CTRL))
> + __disable_indirect_speculation();
> + else
> + /*
> + * If we intended to disable indirect speculation
> + * but come here due to mis-speculation, we need
> + * to stop the mis-speculation with rmb.
> + */
> + rmb();
> +}
Looks like an exact replica of unprotected_speculation_end() we're going
for max linecount or something?
> +
> +static inline void unprotected_firmware_end(void)
> +{
> + if (boot_cpu_has(X86_FEATURE_SPEC_CTRL))
> + __enable_indirect_speculation();
> +}
> +
> +#else
> +static inline void unprotected_firmware_begin(void)
> +{
> + return;
> +}
> +
> +static inline void unprotected_firmware_end(void)
> +{
> + return;
> +}
Those return's are superfluous.
> +#endif
> +
> #endif /* __ASSEMBLY__ */
> #endif /* _ASM_X86_SPEC_CTRL_H */
> --
> 2.9.4
>