review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Peter Zijlstra <peterz@infradead.org>
	Mon, 18 Jul 2022 11:41:37 +0000 (13:41 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 29 Jul 2022 15:25:31 +0000 (17:25 +0200)
commit	8842d5d70713896ac95423ce795366b350b1b0d7
tree	ad1588f4e008150fbddf2488615426a3e663fc4d	tree \| snapshot
parent	c2b484d784c8dfc3eb62fd4f9ff11515b6e78e19	commit \| diff

x86/amd: Use IBPB for firmware calls

commit 28a99e95f55c61855983d36a88c05c178d966bb7 upstream.

On AMD IBRS does not prevent Retbleed; as such use IBPB before a
firmware call to flush the branch history state.

And because in order to do an EFI call, the kernel maps a whole lot of
the kernel page table into the EFI page table, do an IBPB just in case
in order to prevent the scenario of poisoning the BTB and causing an EFI
call using the unprotected RET there.

[ bp: Massage. ]

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220715194550.793957-1-cascardo@canonical.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

arch/x86/include/asm/cpufeatures.h		diff \| blob \| history
arch/x86/include/asm/nospec-branch.h		diff \| blob \| history
arch/x86/kernel/cpu/bugs.c		diff \| blob \| history