x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control

CVE-2017-5715 (Spectre v2 Intel)

Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
(backported from commit 33e16ee8bd43aa4f065e17abbe9ed66457327b84)
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Acked-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index 3060d974cee6245b4eabcf9ae2741bbfd6a5b399..0f91c2a2104d234ad9788576f38db8d14bf328d9 100644 (file)
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -529,16 +529,18 @@ static void init_intel(struct cpuinfo_x86 *c)
 
        init_intel_energy_perf(c);
 
-       if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
-                printk_once(KERN_INFO "FEATURE SPEC_CTRL Present\n");
-               set_ibrs_supported();
-               set_ibpb_supported();
-               if (ibrs_inuse)
-                       sysctl_ibrs_enabled = 1;
-               if (ibpb_inuse)
-                       sysctl_ibpb_enabled = 1;
-        } else {
-                printk_once(KERN_INFO "FEATURE SPEC_CTRL Not Present\n");
+       if (!c->cpu_index) {
+               if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
+                       printk(KERN_INFO "FEATURE SPEC_CTRL Present\n");
+                       set_ibrs_supported();
+                       set_ibpb_supported();
+                       if (ibrs_inuse)
+                               sysctl_ibrs_enabled = 1;
+                       if (ibpb_inuse)
+                               sysctl_ibpb_enabled = 1;
+               } else {
+                       printk(KERN_INFO "FEATURE SPEC_CTRL Not Present\n");
+               }
        }
 }
 

diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 603fbd30aa679bcee09a11fc8ccb5758075214d5..f4929dded1233ec9df166478cb385995cb9eac18 100644 (file)
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -422,12 +422,14 @@ static ssize_t reload_store(struct device *dev,
 
        if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
                printk_once(KERN_INFO "FEATURE SPEC_CTRL Present\n");
+               mutex_lock(&spec_ctrl_mutex);
                set_ibrs_supported();
                set_ibpb_supported();
                if (ibrs_inuse)
                        sysctl_ibrs_enabled = 1;
                if (ibpb_inuse)
                        sysctl_ibpb_enabled = 1;
+               mutex_unlock(&spec_ctrl_mutex);
        }
 
        mutex_unlock(&microcode_mutex);

diff --git a/kernel/smp.c b/kernel/smp.c
index 454827abacac71d30a138b40242370beeefb9bb6..a1b4474150d74654619ce5be39d162dbcceebccd 100644 (file)
--- a/kernel/smp.c
+++ b/kernel/smp.c
@@ -520,6 +520,10 @@ int use_ibpb;
 EXPORT_SYMBOL(use_ibpb);
 #endif
 
+/* mutex to serialize IBRS & IBPB control changes */
+DEFINE_MUTEX(spec_ctrl_mutex);
+EXPORT_SYMBOL(spec_ctrl_mutex);
+
 /*
  * Setup routine for controlling SMP activation
  *

diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 513a6d18660047aa7aa3bb2bef0804bac6774d07..8a236ede02a50ae4296bc23294b31663ce4665a0 100644 (file)
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -69,6 +69,7 @@
 #include <linux/mount.h>
 
 #include <asm/uaccess.h>
+#include <linux/mutex.h>
 #include <asm/processor.h>
 
 #ifdef CONFIG_X86
@@ -2424,12 +2425,17 @@ int proc_dointvec_minmax(struct ctl_table *table, int write,
 int proc_dointvec_ibrs_dump(struct ctl_table *table, int write,
        void __user *buffer, size_t *lenp, loff_t *ppos)
 {
-       int ret;
+       int ret, orig_inuse;
        unsigned int cpu;
 
+
        ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
        printk("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
        printk("use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
+       mutex_lock(&spec_ctrl_mutex);
+       orig_inuse = use_ibrs;
+       /* temporary halt to ibrs usage to dump ibrs values */
+       clear_ibrs_inuse();
        for_each_online_cpu(cpu) {
               u64 val;
 
@@ -2439,6 +2445,8 @@ int proc_dointvec_ibrs_dump(struct ctl_table *table, int write,
                       val = 0;
               printk("read cpu %d ibrs val %lu\n", cpu, (unsigned long) val);
        }
+       use_ibrs = orig_inuse;
+       mutex_unlock(&spec_ctrl_mutex);
        return ret;
 }
 
@@ -2451,6 +2459,7 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
        ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
        pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
        pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
+       mutex_lock(&spec_ctrl_mutex);
        if (sysctl_ibrs_enabled == 0) {
                /* always set IBRS off */
                set_ibrs_disabled();
@@ -2474,6 +2483,7 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
                        /* platform don't support ibrs */
                        sysctl_ibrs_enabled = 0;
        }
+       mutex_unlock(&spec_ctrl_mutex);
        pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
        return ret;
 }
@@ -2486,6 +2496,7 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
        ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
        pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
        pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
+       mutex_lock(&spec_ctrl_mutex);
        if (sysctl_ibpb_enabled == 0)
                set_ibpb_disabled();
        else if (sysctl_ibpb_enabled == 1) {
@@ -2494,6 +2505,7 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
                        /* platform don't support ibpb */
                        sysctl_ibpb_enabled = 0;
        }
+       mutex_unlock(&spec_ctrl_mutex);
        pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
        return ret;
 }