From: Jiri Kosina <jkosina@suse.cz>
Subject: x86/bugs: do not default to IBRS even on SKL
Patch-mainline: never, SUSE specific
References: bsc#1068032 CVE-2017-5753 bsc#1112824 jsc#SLE-7074
Disable SUSE-specific IBRS-on-SKL implementation. Please refer to page 16 of
https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
---
arch/x86/kernel/cpu/bugs.c | 27 ---------------------------
1 file changed, 27 deletions(-)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -644,16 +627,6 @@
wrmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base);
goto specv2_set_mode;
}
-
- /*
- * If we have IBRS support, and either Skylake or !RETPOLINE,
- * then that's what we do.
- */
- if (boot_cpu_has(X86_FEATURE_IBRS) && is_skylake_era()) {
- mode = SPECTRE_V2_IBRS;
- setup_force_cpu_cap(X86_FEATURE_USE_IBRS);
- goto specv2_set_mode;
- }
/* fall through */
case SPECTRE_V2_CMD_RETPOLINE:
if (IS_ENABLED(CONFIG_RETPOLINE))