speculation: Disable STIBP when enhanced IBRS is in use

Konrad Rzeszutek Wilk Thu, 29 Nov 2018 06:36:43 -0800

On Sun, Nov 25, 2018 at 07:33:33PM +0100, Thomas Gleixner wrote:
> If enhanced IBRS is active, STIBP is redundant for mitigating Spectre v2
> user space exploits from hyperthread sibling.
> 
> Disable STIBP when enhanced IBRS is used.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.w...@oracle.com>


Thank you!
> 
> Signed-off-by: Tim Chen <tim.c.c...@linux.intel.com>
> Signed-off-by: Thomas Gleixner <t...@linutronix.de>
> 
> ---
>  arch/x86/kernel/cpu/bugs.c |    7 +++++++
>  1 file changed, 7 insertions(+)
> 
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -321,6 +321,10 @@ static bool stibp_needed(void)
>       if (spectre_v2_enabled == SPECTRE_V2_NONE)
>               return false;
>  
> +     /* Enhanced IBRS makes using STIBP unnecessary. */
> +     if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
> +             return false;
> +
>       if (!boot_cpu_has(X86_FEATURE_STIBP))
>               return false;
>  
> @@ -846,6 +850,9 @@ static ssize_t l1tf_show_state(char *buf
>  
>  static char *stibp_state(void)
>  {
> +     if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
> +             return "";
> +
>       if (x86_spec_ctrl_base & SPEC_CTRL_STIBP)
>               return ", STIBP";
>       else
> 
>

Re: [patch V2 05/28] x86/speculation: Disable STIBP when enhanced IBRS is in use

Reply via email to