Re: [patch V2 05/28] x86/speculation: Disable STIBP when enhanced IBRS is in use
From: Konrad Rzeszutek Wilk
Date: Thu Nov 29 2018 - 09:35:53 EST
On Sun, Nov 25, 2018 at 07:33:33PM +0100, Thomas Gleixner wrote:
> If enhanced IBRS is active, STIBP is redundant for mitigating Spectre v2
> user space exploits from hyperthread sibling.
>
> Disable STIBP when enhanced IBRS is used.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Thank you!
>
> Signed-off-by: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
>
> ---
> arch/x86/kernel/cpu/bugs.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -321,6 +321,10 @@ static bool stibp_needed(void)
> if (spectre_v2_enabled == SPECTRE_V2_NONE)
> return false;
>
> + /* Enhanced IBRS makes using STIBP unnecessary. */
> + if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
> + return false;
> +
> if (!boot_cpu_has(X86_FEATURE_STIBP))
> return false;
>
> @@ -846,6 +850,9 @@ static ssize_t l1tf_show_state(char *buf
>
> static char *stibp_state(void)
> {
> + if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
> + return "";
> +
> if (x86_spec_ctrl_base & SPEC_CTRL_STIBP)
> return ", STIBP";
> else
>
>