forked from rpms/kernel
87 lines
3.2 KiB
Diff
87 lines
3.2 KiB
Diff
|
From 373fedf7ca5674e2ab511685e183e6e6c6e00d91 Mon Sep 17 00:00:00 2001
|
||
|
From: "Borislav Petkov (AMD)" <bp@alien8.de>
|
||
|
Date: Sat, 25 Feb 2023 01:11:31 +0100
|
||
|
Subject: [PATCH 34/36] x86/CPU/AMD: Make sure EFER[AIBRSE] is set
|
||
|
|
||
|
The AutoIBRS bit gets set only on the BSP as part of determining which
|
||
|
mitigation to enable on AMD. Setting on the APs relies on the
|
||
|
circumstance that the APs get booted through the trampoline and EFER
|
||
|
- the MSR which contains that bit - gets replicated on every AP from the
|
||
|
BSP.
|
||
|
|
||
|
However, this can change in the future and considering the security
|
||
|
implications of this bit not being set on every CPU, make sure it is set
|
||
|
by verifying EFER later in the boot process and on every AP.
|
||
|
|
||
|
Reported-by: Josh Poimboeuf <jpoimboe@kernel.org>
|
||
|
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
|
||
|
Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
|
||
|
Link: https://lore.kernel.org/r/20230224185257.o3mcmloei5zqu7wa@treble
|
||
|
(cherry picked from commit 8cc68c9c9e92dbaae51a711454c66eb668045508)
|
||
|
|
||
|
CVE: CVE-2023-20593
|
||
|
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
|
||
|
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
|
||
|
---
|
||
|
arch/x86/kernel/cpu/amd.c | 11 +++++++++++
|
||
|
arch/x86/kernel/cpu/bugs.c | 3 +--
|
||
|
arch/x86/kernel/cpu/cpu.h | 8 ++++++++
|
||
|
3 files changed, 20 insertions(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
|
||
|
index 2406a71a1eb6..c2979e3bed04 100644
|
||
|
--- a/arch/x86/kernel/cpu/amd.c
|
||
|
+++ b/arch/x86/kernel/cpu/amd.c
|
||
|
@@ -1046,6 +1046,17 @@ static void init_amd(struct cpuinfo_x86 *c)
|
||
|
msr_set_bit(MSR_K7_HWCR, MSR_K7_HWCR_IRPERF_EN_BIT);
|
||
|
|
||
|
check_null_seg_clears_base(c);
|
||
|
+
|
||
|
+ /*
|
||
|
+ * Make sure EFER[AIBRSE - Automatic IBRS Enable] is set. The APs are brought up
|
||
|
+ * using the trampoline code and as part of it, MSR_EFER gets prepared there in
|
||
|
+ * order to be replicated onto them. Regardless, set it here again, if not set,
|
||
|
+ * to protect against any future refactoring/code reorganization which might
|
||
|
+ * miss setting this important bit.
|
||
|
+ */
|
||
|
+ if (spectre_v2_in_eibrs_mode(spectre_v2_enabled) &&
|
||
|
+ cpu_has(c, X86_FEATURE_AUTOIBRS))
|
||
|
+ WARN_ON_ONCE(msr_set_bit(MSR_EFER, _EFER_AUTOIBRS));
|
||
|
}
|
||
|
|
||
|
#ifdef CONFIG_X86_32
|
||
|
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
|
||
|
index 43295a878b8f..d8c1bbea4e90 100644
|
||
|
--- a/arch/x86/kernel/cpu/bugs.c
|
||
|
+++ b/arch/x86/kernel/cpu/bugs.c
|
||
|
@@ -748,8 +748,7 @@ static int __init nospectre_v1_cmdline(char *str)
|
||
|
}
|
||
|
early_param("nospectre_v1", nospectre_v1_cmdline);
|
||
|
|
||
|
-static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init =
|
||
|
- SPECTRE_V2_NONE;
|
||
|
+enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = SPECTRE_V2_NONE;
|
||
|
|
||
|
#undef pr_fmt
|
||
|
#define pr_fmt(fmt) "RETBleed: " fmt
|
||
|
diff --git a/arch/x86/kernel/cpu/cpu.h b/arch/x86/kernel/cpu/cpu.h
|
||
|
index 1add3618f766..0af870727bfa 100644
|
||
|
--- a/arch/x86/kernel/cpu/cpu.h
|
||
|
+++ b/arch/x86/kernel/cpu/cpu.h
|
||
|
@@ -88,4 +88,12 @@ extern void update_srbds_msr(void);
|
||
|
void init_ia32_feat_ctl(struct cpuinfo_x86 *c);
|
||
|
#endif
|
||
|
|
||
|
+extern enum spectre_v2_mitigation spectre_v2_enabled;
|
||
|
+
|
||
|
+static inline bool spectre_v2_in_eibrs_mode(enum spectre_v2_mitigation mode)
|
||
|
+{
|
||
|
+ return mode == SPECTRE_V2_EIBRS ||
|
||
|
+ mode == SPECTRE_V2_EIBRS_RETPOLINE ||
|
||
|
+ mode == SPECTRE_V2_EIBRS_LFENCE;
|
||
|
+}
|
||
|
#endif /* ARCH_X86_CPU_H */
|
||
|
--
|
||
|
2.39.3
|
||
|
|