From: Andy Whitcroft <apw@canonical.com>
Date: Wed, 31 Jan 2018 15:38:10 +0000 (+0000)
Subject: Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control"
X-Git-Tag: Ubuntu-4.13.0-33.36~240
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=341659d36db685eefb0e96fa11261a56be2f703a;p=mirror_ubuntu-artful-kernel.git

Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control"

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 85789933bc45a3e763823675bd0d80e3e617f234.

Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
---

diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index 8d558e24783c..c69ea2efbed1 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -628,18 +628,16 @@ static void init_intel(struct cpuinfo_x86 *c)
 
 	init_intel_misc_features(c);
 
-	if (!c->cpu_index) {
-		if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
-			printk(KERN_INFO "FEATURE SPEC_CTRL Present\n");
-			set_ibrs_supported();
-			set_ibpb_supported();
-			if (ibrs_inuse)
-				sysctl_ibrs_enabled = 1;
-			if (ibpb_inuse)
-				sysctl_ibpb_enabled = 1;
-		} else {
-			printk(KERN_INFO "FEATURE SPEC_CTRL Not Present\n");
-		}
+	if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
+                printk_once(KERN_INFO "FEATURE SPEC_CTRL Present\n");
+		set_ibrs_supported();
+		set_ibpb_supported();
+		if (ibrs_inuse)
+			sysctl_ibrs_enabled = 1;
+		if (ibpb_inuse)
+			sysctl_ibpb_enabled = 1;
+        } else {
+                printk_once(KERN_INFO "FEATURE SPEC_CTRL Not Present\n");
 	}
 }
 
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 55086921d29e..6450aeda72fc 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -538,14 +538,12 @@ static ssize_t reload_store(struct device *dev,
 
 	if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
 		printk_once(KERN_INFO "FEATURE SPEC_CTRL Present\n");
-		mutex_lock(&spec_ctrl_mutex);
 		set_ibrs_supported();
 		set_ibpb_supported();
 		if (ibrs_inuse)
 			sysctl_ibrs_enabled = 1;
 		if (ibpb_inuse)
 			sysctl_ibpb_enabled = 1;
-		mutex_unlock(&spec_ctrl_mutex);
 	}
 
 	mutex_unlock(&microcode_mutex);
diff --git a/kernel/smp.c b/kernel/smp.c
index a224ec0c540c..3bece045f4a4 100644
--- a/kernel/smp.c
+++ b/kernel/smp.c
@@ -519,10 +519,6 @@ int use_ibpb;
 EXPORT_SYMBOL(use_ibpb);
 #endif
 
-/* mutex to serialize IBRS & IBPB control changes */
-DEFINE_MUTEX(spec_ctrl_mutex);
-EXPORT_SYMBOL(spec_ctrl_mutex);
-
 /*
  * Setup routine for controlling SMP activation
  *
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 47a37792109d..69c37bd6251a 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -69,7 +69,6 @@
 #include <linux/mount.h>
 
 #include <linux/uaccess.h>
-#include <linux/mutex.h>
 #include <asm/processor.h>
 
 #ifdef CONFIG_X86
@@ -2635,17 +2634,12 @@ int proc_dointvec_minmax(struct ctl_table *table, int write,
 int proc_dointvec_ibrs_dump(struct ctl_table *table, int write,
 	void __user *buffer, size_t *lenp, loff_t *ppos)
 {
-	int ret, orig_inuse;
+	int ret;
 	unsigned int cpu;
 
-
 	ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
 	printk("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
 	printk("use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
-	mutex_lock(&spec_ctrl_mutex);
-	orig_inuse = use_ibrs;
-	/* temporary halt to ibrs usage to dump ibrs values */
-	clear_ibrs_inuse();
 	for_each_online_cpu(cpu) {
 	       u64 val;
 
@@ -2655,8 +2649,6 @@ int proc_dointvec_ibrs_dump(struct ctl_table *table, int write,
 		       val = 0;
 	       printk("read cpu %d ibrs val %lu\n", cpu, (unsigned long) val);
 	}
-	use_ibrs = orig_inuse;
-	mutex_unlock(&spec_ctrl_mutex);
 	return ret;
 }
 
@@ -2669,7 +2661,6 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
 	ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
 	pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
 	pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
-	mutex_lock(&spec_ctrl_mutex);
 	if (sysctl_ibrs_enabled == 0) {
 		/* always set IBRS off */
 		set_ibrs_disabled();
@@ -2693,7 +2684,6 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
 			/* platform don't support ibrs */
 			sysctl_ibrs_enabled = 0;
 	}
-	mutex_unlock(&spec_ctrl_mutex);
 	pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
 	return ret;
 }
@@ -2706,7 +2696,6 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
 	ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
 	pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
 	pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
-	mutex_lock(&spec_ctrl_mutex);
 	if (sysctl_ibpb_enabled == 0)
 		set_ibpb_disabled();
 	else if (sysctl_ibpb_enabled == 1) {
@@ -2715,7 +2704,6 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
 			/* platform don't support ibpb */
 			sysctl_ibpb_enabled = 0;
 	}
-	mutex_unlock(&spec_ctrl_mutex);
 	pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
 	return ret;
 }