The SPEC_CTRL MSR of a remote CPU cannot be updated immediately when TIF_STIBP flag is changed on a task running on the remote CPU.
If next task's TIF_STIBP flag happened to be the same as the updated TIF_STIBP on the previous task on the next context switch, the SPEC_CTRL MSR update is missed as the SPEC_CTRL MSR update occurs only on flag changes, and update of the SPEC_CTRL MSR did not happen while previous task was running. This patch creates TIF_UPDATE_SPEC_CTRL bit and set it along with TIF_STIBP bit update for tasks running on remote CPU. This signals that the SPEC_CTRL MSR has a pending forced update on the next context switch. Signed-off-by: Tim Chen <tim.c.c...@linux.intel.com> --- arch/x86/include/asm/thread_info.h | 6 +++++- arch/x86/kernel/cpu/bugs.c | 2 ++ arch/x86/kernel/process.c | 22 +++++++++++++++++++++- 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h index 4f6a7a9..7bdd097 100644 --- a/arch/x86/include/asm/thread_info.h +++ b/arch/x86/include/asm/thread_info.h @@ -97,6 +97,7 @@ struct thread_info { #define TIF_USER_RETURN_NOTIFY 14 /* Notify kernel of userspace return */ #define TIF_PATCH_PENDING 15 /* Pending live patching update */ #define TIF_FSCHECK 16 /* Check FS is USER_DS on return */ +#define TIF_UPDATE_SPEC_CTRL 17 /* Pending update of speculation control MSR */ /* Task status */ #define TIF_UPROBE 18 /* Breakpointed or singlestepping */ @@ -131,6 +132,7 @@ struct thread_info { #define _TIF_USER_RETURN_NOTIFY (1 << TIF_USER_RETURN_NOTIFY) #define _TIF_PATCH_PENDING (1 << TIF_PATCH_PENDING) #define _TIF_FSCHECK (1 << TIF_FSCHECK) +#define _TIF_UPDATE_SPEC_CTRL (1 << TIF_UPDATE_SPEC_CTRL) #define _TIF_UPROBE (1 << TIF_UPROBE) #define _TIF_MEMDIE (1 << TIF_MEMDIE) @@ -166,7 +168,9 @@ struct thread_info { (_TIF_IO_BITMAP|_TIF_NOCPUID|_TIF_NOTSC|_TIF_BLOCKSTEP| \ _TIF_SSBD|_TIF_STIBP) -#define _TIF_WORK_CTXSW_PREV (_TIF_WORK_CTXSW|_TIF_USER_RETURN_NOTIFY) +#define _TIF_WORK_CTXSW_PREV \ + (_TIF_WORK_CTXSW|_TIF_USER_RETURN_NOTIFY|_TIF_UPDATE_SPEC_CTRL) + #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW) #define STACK_WARN (THREAD_SIZE/8) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b402b96..1ba9cb5 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -789,6 +789,8 @@ static void set_task_stibp(struct task_struct *tsk, bool stibp_on) if (tsk == current) speculation_ctrl_update_current(); + else if (task_cpu(tsk) != smp_processor_id()) + set_tsk_thread_flag(tsk, TIF_UPDATE_SPEC_CTRL); } void arch_set_security(struct task_struct *tsk, unsigned int value) diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index 943e90d..048b7f4b 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -426,7 +426,19 @@ static __always_inline void spec_ctrl_update_msr(unsigned long tifn) static __always_inline void __speculation_ctrl_update(unsigned long tifp, unsigned long tifn) { - bool updmsr = !!((tifp ^ tifn) & _TIF_STIBP); + /* + * If TIF_UPDATE_SPEC_CTRL bit is set in tifp, speculation related + * TIF flags have changed when previous task was running, but + * SPEC_CTRL MSR has not been synchronized with TIF flag changes. + * SPEC_CTRL MSR value can be out of date. + * + * Need to force update SPEC_CTRL MSR if TIF_UPDATE_SPEC_CTRL + * bit in tifp is set. + * + * The TIF_UPDATE_SPEC_CTRL bit in tifn was cleared before calling + * this function. + */ + bool updmsr = !!((tifp ^ tifn) & (_TIF_STIBP|_TIF_UPDATE_SPEC_CTRL)); /* If TIF_SSBD is different, select the proper mitigation method */ if ((tifp ^ tifn) & _TIF_SSBD) { @@ -482,6 +494,14 @@ void __switch_to_xtra(struct task_struct *prev_p, struct task_struct *next_p, if ((tifp ^ tifn) & _TIF_NOCPUID) set_cpuid_faulting(!!(tifn & _TIF_NOCPUID)); + if (tifp & _TIF_UPDATE_SPEC_CTRL) + clear_tsk_thread_flag(prev_p, TIF_UPDATE_SPEC_CTRL); + + if (tifn & _TIF_UPDATE_SPEC_CTRL) { + clear_tsk_thread_flag(next_p, TIF_UPDATE_SPEC_CTRL); + tifn &= ~_TIF_UPDATE_SPEC_CTRL; + } + __speculation_ctrl_update(tifp, tifn); } -- 2.9.4