From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 7 Aug 2023 23:35:44 +0000 (-0700)
Subject: Merge tag 'x86_bugs_srso' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=138bcddb86d8a4f842e4ed6f0585abc9b1a764ff;p=tomoyo%2Ftomoyo-test1.git

Merge tag 'x86_bugs_srso' of git://git./linux/kernel/git/tip/tip

Pull x86/srso fixes from Borislav Petkov:
 "Add a mitigation for the speculative RAS (Return Address Stack)
  overflow vulnerability on AMD processors.

  In short, this is yet another issue where userspace poisons a
  microarchitectural structure which can then be used to leak privileged
  information through a side channel"

* tag 'x86_bugs_srso' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/srso: Tie SBPB bit setting to microcode patch detection
  x86/srso: Add a forgotten NOENDBR annotation
  x86/srso: Fix return thunks in generated code
  x86/srso: Add IBPB on VMEXIT
  x86/srso: Add IBPB
  x86/srso: Add SRSO_NO support
  x86/srso: Add IBPB_BRTYPE support
  x86/srso: Add a Speculative RAS Overflow mitigation
  x86/bugs: Increase the x86 bugs vector size to two u32s
---

138bcddb86d8a4f842e4ed6f0585abc9b1a764ff
diff --cc arch/x86/kernel/cpu/amd.c
index 26ad7ca423e7,41e10c26efb5..1e1e253038ce
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@@ -1279,14 -1236,21 +1279,33 @@@ u32 amd_get_highest_perf(void
  }
  EXPORT_SYMBOL_GPL(amd_get_highest_perf);
  
 +static void zenbleed_check_cpu(void *unused)
 +{
 +	struct cpuinfo_x86 *c = &cpu_data(smp_processor_id());
 +
 +	zenbleed_check(c);
 +}
 +
 +void amd_check_microcode(void)
 +{
 +	on_each_cpu(zenbleed_check_cpu, NULL, 1);
 +}
++
+ bool cpu_has_ibpb_brtype_microcode(void)
+ {
+ 	switch (boot_cpu_data.x86) {
+ 	/* Zen1/2 IBPB flushes branch type predictions too. */
+ 	case 0x17:
+ 		return boot_cpu_has(X86_FEATURE_AMD_IBPB);
+ 	case 0x19:
+ 		/* Poke the MSR bit on Zen3/4 to check its presence. */
+ 		if (!wrmsrl_safe(MSR_IA32_PRED_CMD, PRED_CMD_SBPB)) {
+ 			setup_force_cpu_cap(X86_FEATURE_SBPB);
+ 			return true;
+ 		} else {
+ 			return false;
+ 		}
+ 	default:
+ 		return false;
+ 	}
+ }