x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES

PlaidCat · PlaidCat · commit 27aa4d50a317 · 2024-11-01T14:16:19.000-04:00
jira LE-2015 cve CVE-2024-2201 Rebuild_History Non-Buildable kernel-5.14.0-427.42.1.el9_4 commit-author Josh Poimboeuf <jpoimboe@kernel.org> commit cb2db5b Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-5.14.0-427.42.1.el9_4/cb2db5bb.failed There's no need to keep reading MSR_IA32_ARCH_CAPABILITIES over and over. It's even read in the BHI sysfs function which is a big no-no. Just read it once and cache it. Fixes: ec9404e ("x86/bhi: Add BHI mitigation knob") Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Ingo Molnar <mingo@kernel.org> Reviewed-by: Nikolay Borisov <nik.borisov@suse.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Sean Christopherson <seanjc@google.com> Link: https://lore.kernel.org/r/9592a18a814368e75f8f4b9d74d3883aa4fd1eaf.1712813475.git.jpoimboe@kernel.org (cherry picked from commit cb2db5b) Signed-off-by: Jonathan Maple <jmaple@ciq.com> # Conflicts: # arch/x86/kernel/cpu/bugs.c
diff --git a/ciq/ciq_backports/kernel-5.14.0-427.42.1.el9_4/cb2db5bb.failed b/ciq/ciq_backports/kernel-5.14.0-427.42.1.el9_4/cb2db5bb.failed
@@ -0,0 +1,59 @@
+x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES
+
+jira LE-2015
+cve CVE-2024-2201
+Rebuild_History Non-Buildable kernel-5.14.0-427.42.1.el9_4
+commit-author Josh Poimboeuf <jpoimboe@kernel.org>
+commit cb2db5bb04d7f778fbc1a1ea2507aab436f1bff3
+Empty-Commit: Cherry-Pick Conflicts during history rebuild.
+Will be included in final tarball splat. Ref for failed cherry-pick at:
+ciq/ciq_backports/kernel-5.14.0-427.42.1.el9_4/cb2db5bb.failed
+
+There's no need to keep reading MSR_IA32_ARCH_CAPABILITIES over and
+over.  It's even read in the BHI sysfs function which is a big no-no.
+Just read it once and cache it.
+
+Fixes: ec9404e40e8f ("x86/bhi: Add BHI mitigation knob")
+	Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
+	Signed-off-by: Ingo Molnar <mingo@kernel.org>
+	Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
+	Cc: Linus Torvalds <torvalds@linux-foundation.org>
+	Cc: Sean Christopherson <seanjc@google.com>
+Link: https://lore.kernel.org/r/9592a18a814368e75f8f4b9d74d3883aa4fd1eaf.1712813475.git.jpoimboe@kernel.org
+(cherry picked from commit cb2db5bb04d7f778fbc1a1ea2507aab436f1bff3)
+	Signed-off-by: Jonathan Maple <jmaple@ciq.com>
+
+# Conflicts:
+#	arch/x86/kernel/cpu/bugs.c
+diff --cc arch/x86/kernel/cpu/bugs.c
+index d1c0c8f6898b,ff59fa8bb610..000000000000
+--- a/arch/x86/kernel/cpu/bugs.c
++++ b/arch/x86/kernel/cpu/bugs.c
+@@@ -2814,6 -2801,23 +2806,26 @@@ static char *pbrsb_eibrs_state(void
+  	}
+  }
+  
+++<<<<<<< HEAD
+++=======
++ static const char *spectre_bhi_state(void)
++ {
++ 	if (!boot_cpu_has_bug(X86_BUG_BHI))
++ 		return "; BHI: Not affected";
++ 	else if  (boot_cpu_has(X86_FEATURE_CLEAR_BHB_HW))
++ 		return "; BHI: BHI_DIS_S";
++ 	else if  (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP))
++ 		return "; BHI: SW loop, KVM: SW loop";
++ 	else if (boot_cpu_has(X86_FEATURE_RETPOLINE) &&
++ 		 !(ia32_cap & ARCH_CAP_RRSBA))
++ 		return "; BHI: Retpoline";
++ 	else if  (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT))
++ 		return "; BHI: Syscall hardening, KVM: SW loop";
++ 
++ 	return "; BHI: Vulnerable (Syscall hardening enabled)";
++ }
++ 
+++>>>>>>> cb2db5bb04d7 (x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES)
+  static ssize_t spectre_v2_show_state(char *buf)
+  {
+  	if (spectre_v2_enabled == SPECTRE_V2_LFENCE)
+* Unmerged path arch/x86/kernel/cpu/bugs.c
