x86/speculation: Prepare for per task indirect branch speculation control

[mirror_ubuntu-bionic-kernel.git] / arch / x86 / kernel / process.c

diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 292ba05d602bcdc933ed5808601429a098c96ba3..1f1faa040d80884165c1ea481cc1a21d32def77e 100644 (file)
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -407,11 +407,17 @@ static __always_inline void amd_set_ssb_virt_state(unsigned long tifn)
 static __always_inline void __speculation_ctrl_update(unsigned long tifp,
                                                      unsigned long tifn)
 {
+       unsigned long tif_diff = tifp ^ tifn;
        u64 msr = x86_spec_ctrl_base;
        bool updmsr = false;
 
-       /* If TIF_SSBD is different, select the proper mitigation method */
-       if ((tifp ^ tifn) & _TIF_SSBD) {
+       /*
+        * If TIF_SSBD is different, select the proper mitigation
+        * method. Note that if SSBD mitigation is disabled or permanentely
+        * enabled this branch can't be taken because nothing can set
+        * TIF_SSBD.
+        */
+       if (tif_diff & _TIF_SSBD) {
                if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) {
                        amd_set_ssb_virt_state(tifn);
                } else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) {
@@ -423,6 +429,16 @@ static __always_inline void __speculation_ctrl_update(unsigned long tifp,
                }
        }
 
+       /*
+        * Only evaluate TIF_SPEC_IB if conditional STIBP is enabled,
+        * otherwise avoid the MSR write.
+        */
+       if (IS_ENABLED(CONFIG_SMP) &&
+           static_branch_unlikely(&switch_to_cond_stibp)) {
+               updmsr |= !!(tif_diff & _TIF_SPEC_IB);
+               msr |= stibp_tif_to_spec_ctrl(tifn);
+       }
+
        if (updmsr)
                wrmsrl(MSR_IA32_SPEC_CTRL, msr);
 }