Blame patches.suse/x86-bugs-Flush-IBP-in-ib_prctl_set.patch
|
Jiri Slaby |
baf6be |
From: Rodrigo Branco <bsdaemon@google.com>
|
|
Jiri Slaby |
baf6be |
Date: Tue, 3 Jan 2023 14:17:51 -0600
|
|
Jiri Slaby |
baf6be |
Subject: x86/bugs: Flush IBP in ib_prctl_set()
|
|
Jiri Slaby |
baf6be |
Git-commit: a664ec9158eeddd75121d39c9a0758016097fa96
|
|
Jiri Slaby |
baf6be |
Patch-mainline: 6.2-rc3
|
|
Jiri Slaby |
baf6be |
References: bsc#1207773 CVE-2023-0045
|
|
Jiri Slaby |
baf6be |
|
|
Jiri Slaby |
baf6be |
We missed the window between the TIF flag update and the next reschedule.
|
|
Jiri Slaby |
baf6be |
|
|
Jiri Slaby |
baf6be |
Signed-off-by: Rodrigo Branco <bsdaemon@google.com>
|
|
Jiri Slaby |
baf6be |
Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>
|
|
Jiri Slaby |
baf6be |
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
|
Jiri Slaby |
baf6be |
Cc: <stable@vger.kernel.org>
|
|
Jiri Slaby |
baf6be |
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
|
|
Jiri Slaby |
baf6be |
---
|
|
Jiri Slaby |
baf6be |
arch/x86/kernel/cpu/bugs.c | 2 ++
|
|
Jiri Slaby |
baf6be |
1 file changed, 2 insertions(+)
|
|
Jiri Slaby |
baf6be |
|
|
Jiri Slaby |
baf6be |
--- a/arch/x86/kernel/cpu/bugs.c
|
|
Jiri Slaby |
baf6be |
+++ b/arch/x86/kernel/cpu/bugs.c
|
|
Jiri Slaby |
baf6be |
@@ -1332,6 +1332,8 @@ static int ib_prctl_set(struct task_stru
|
|
Jiri Slaby |
baf6be |
if (ctrl == PR_SPEC_FORCE_DISABLE)
|
|
Jiri Slaby |
baf6be |
task_set_spec_ib_force_disable(task);
|
|
Jiri Slaby |
baf6be |
task_update_spec_tif(task);
|
|
Jiri Slaby |
baf6be |
+ if (task == current)
|
|
Jiri Slaby |
baf6be |
+ indirect_branch_prediction_barrier();
|
|
Jiri Slaby |
baf6be |
break;
|
|
Jiri Slaby |
baf6be |
default:
|
|
Jiri Slaby |
baf6be |
return -ERANGE;
|