diff options
| author | Ingo Molnar <mingo@kernel.org> | 2018-03-09 07:32:20 +0100 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2018-03-09 07:32:20 +0100 |
| commit | fc4c5a3828bdba157f8ea406e1f4ceb75c13039c (patch) | |
| tree | e3fc4601f914fa59e70c7534206cf5c2c6ba16d1 /arch/x86/kernel/cpu/bugs.c | |
| parent | 14a7405b2e814221a951bd7a76ce4a8d24c1b3be (diff) | |
| parent | 1b88accf6a659c46d5c8e68912896f112bf882bb (diff) | |
| download | talos-op-linux-fc4c5a3828bdba157f8ea406e1f4ceb75c13039c.tar.gz talos-op-linux-fc4c5a3828bdba157f8ea406e1f4ceb75c13039c.zip | |
Merge branch 'linus' into sched/core, to pick up fixes
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'arch/x86/kernel/cpu/bugs.c')
| -rw-r--r-- | arch/x86/kernel/cpu/bugs.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index d71c8b54b696..bfca937bdcc3 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -300,6 +300,15 @@ retpoline_auto: setup_force_cpu_cap(X86_FEATURE_USE_IBPB); pr_info("Spectre v2 mitigation: Enabling Indirect Branch Prediction Barrier\n"); } + + /* + * Retpoline means the kernel is safe because it has no indirect + * branches. But firmware isn't, so use IBRS to protect that. + */ + if (boot_cpu_has(X86_FEATURE_IBRS)) { + setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW); + pr_info("Enabling Restricted Speculation for firmware calls\n"); + } } #undef pr_fmt @@ -326,8 +335,9 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2)) return sprintf(buf, "Not affected\n"); - return sprintf(buf, "%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], + return sprintf(buf, "%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], boot_cpu_has(X86_FEATURE_USE_IBPB) ? ", IBPB" : "", + boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "", spectre_v2_module_string()); } #endif |
