samsung_sm8750/android_kernel_samsung_sm8750
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

x86/bhi: Do not set BHI_DIS_S in 32-bit mode

Browse Source 
commit 073fdbe02c69c43fb7c0d547ec265c7747d4a646 upstream.

With the possibility of intra-mode BHI via cBPF, complete mitigation for
BHI is to use IBHF (history fence) instruction with BHI_DIS_S set. Since
this new instruction is only available in 64-bit mode, setting BHI_DIS_S in
32-bit mode is only a partial mitigation.

Do not set BHI_DIS_S in 32-bit mode so as to avoid reporting misleading
mitigated status. With this change IBHF won't be used in 32-bit mode, also
remove the CONFIG_X86_64 check from emit_spectre_bhb_barrier().

Suggested-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Pawan Gupta
2025-05-05 14:35:12 -07:00
committed by Greg Kroah-Hartman
parent a0ff7f679b
commit a8a8826bf6
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
arch/x86/kernel/cpu/bugs.c
View File

@@ -1677,10 +1677,11 @@ static void __init bhi_select_mitigation(void)
return; return;
} }
if (spec_ctrl_bhi_dis()) if (!IS_ENABLED(CONFIG_X86_64))
return; return;
if (!IS_ENABLED(CONFIG_X86_64)) /* Mitigate in hardware if supported */
if (spec_ctrl_bhi_dis())
return; return;
/* Mitigate KVM by default */ /* Mitigate KVM by default */

5
arch/x86/net/bpf_jit_comp.c
View File

@@ -1097,8 +1097,7 @@ static int emit_spectre_bhb_barrier(u8 **pprog, u8 *ip,
/* Insert IBHF instruction */ /* Insert IBHF instruction */
if ((cpu_feature_enabled(X86_FEATURE_CLEAR_BHB_LOOP) && if ((cpu_feature_enabled(X86_FEATURE_CLEAR_BHB_LOOP) &&
cpu_feature_enabled(X86_FEATURE_HYPERVISOR)) || cpu_feature_enabled(X86_FEATURE_HYPERVISOR)) ||
(cpu_feature_enabled(X86_FEATURE_CLEAR_BHB_HW) && cpu_feature_enabled(X86_FEATURE_CLEAR_BHB_HW)) {
IS_ENABLED(CONFIG_X86_64))) {
/* /*
* Add an Indirect Branch History Fence (IBHF). IBHF acts as a * Add an Indirect Branch History Fence (IBHF). IBHF acts as a
* fence preventing branch history from before the fence from * fence preventing branch history from before the fence from
@@ -1108,6 +1107,8 @@ static int emit_spectre_bhb_barrier(u8 **pprog, u8 *ip,
* hardware that doesn't need or support it. The REP and REX.W * hardware that doesn't need or support it. The REP and REX.W
* prefixes are required by the microcode, and they also ensure * prefixes are required by the microcode, and they also ensure
* that the NOP is unlikely to be used in existing code. * that the NOP is unlikely to be used in existing code.
*
* IBHF is not a valid instruction in 32-bit mode.
*/ */
EMIT5(0xF3, 0x48, 0x0F, 0x1E, 0xF8); /* ibhf */ EMIT5(0xF3, 0x48, 0x0F, 0x1E, 0xF8); /* ibhf */
} }