From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tglx@linutronix.de>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 20 Feb
  2019 15:19:25 -0000
Received: from localhost ([127.0.0.1] helo=nanos.tec.linutronix.de)
	by Galois.linutronix.de with esmtp (Exim 4.80)
	(envelope-from <tglx@linutronix.de>)
	id 1gwTdJ-00063Z-3i
	for speck@linutronix.de; Wed, 20 Feb 2019 16:18:01 +0100
Message-Id: <20190220151400.875795519@linutronix.de>
Date: Wed, 20 Feb 2019 16:08:03 +0100
From: Thomas Gleixner <tglx@linutronix.de>
References: <20190220150753.665964899@linutronix.de>
MIME-Version: 1.0
Subject: [patch V2 10/10] MDS basics+ 10
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

Utilize the already existing information in switch_mm_irqs_off() to request
CPU buffer clearing on return to user space for conditional MDS mitigation:

  - Switching between two processes

  - Switching back and forth between process and kernel thread. This
    utilizes the lazy mm mechanism, which already provides all required
    conditionals.

In both cases the flush is requested to prevent potential leakage of data
either from the previous process or the kernel thread.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/mm/tlb.c |   18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

--- a/arch/x86/mm/tlb.c
+++ b/arch/x86/mm/tlb.c
@@ -351,6 +351,16 @@ void switch_mm_irqs_off(struct mm_struct
 			return;
 
 		/*
+		 * The context switch sequence was: USER -> KERNEL -> USER.
+		 *
+		 * For CPUs which are affected by MDS this is a condition
+		 * to enforce flushing of CPU buffers before returning
+		 * to user space to prevent potential leakage of data which
+		 * was touched by the kernel thread.
+		 */
+		mds_request_buffer_clear();
+
+		/*
 		 * Read the tlb_gen to check whether a flush is needed.
 		 * If the TLB is up to date, just use it.
 		 * The barrier synchronizes with the tlb_gen increment in
@@ -376,6 +386,14 @@ void switch_mm_irqs_off(struct mm_struct
 		 */
 		cond_ibpb(tsk);
 
+		/*
+		 * Switching to a different process triggers flushing of
+		 * CPU buffers before returning to user space to prevent
+		 * potential leakage of data which was touched by the
+		 * previous process or by a kernel thread.
+		 */
+		mds_request_buffer_clear();
+
 		if (IS_ENABLED(CONFIG_VMAP_STACK)) {
 			/*
 			 * If our current stack is in vmalloc space and isn't