From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x225K8ds8HDiJ2q8fSH7g7vID4eqFtHfhn5D41joaPF/J6rTDnGQgn+MOHO5+JrRLqVLAwuki ARC-Seal: i=1; a=rsa-sha256; t=1516610561; cv=none; d=google.com; s=arc-20160816; b=bJDkBCrmtF9i8cVf6geXVTqz7KYJn1RatYB9fxNnF2s6e4IPPcPAWLPZNlZXF3iyU5 8ELxVpGYXqVKgWhJ4fTdm4e7fLJfjibEzKrGJXM4f0n2jz2PYvHZ6/tzQYL9txAwWXOa OLJRrVhrUsYYH5P43MxNk4DFfGDyeyv4bkIbEGrgGOA3XDzrpTYU3/yAP8h7JTQcWGJd AplxHXIBmex/zfPOTHrEeeBxuDQ+bgDOiAL/eBQFUBOaIzhKtavLSytLYKJe1NULc9x7 enP1HHvbEEW3bJRzVfEnJU31Obszzs9CdVw+OV8ArVN2i1XsmWTJbhIgQHvhktESFhBc QGww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:user-agent:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=X6mSZANdaxXsB4//+YaCHUG8nmgucl3pAzmi2HVU4io=; b=Sd+DykbaoTaghixFLfjcCZwH1PEsJAO+rL8ByoEGHcadVc8BgiSoxR1KDL8qimccvV 7goXSwSzFGOxjvesPDbMosbDNoRbY6k/F6axFRefAWLOpoDCeD80UYZjs02XAsvmUgIH 7Yie33snsgceDwRQSSVCwbmGErpaoaLCrHRtGUF37eDT63GkXUACnApaMd5s8uEzm7dq 0ZtvLd5y/wA5+m5FrrK+67C5OY2Kw3jzu0nOsVIpeSTbYAGEk9vDhFeTG6AYIm9gqdSL 0JTVZ4peP53qxmUOF1o2NIT5maqantR+6EcX4MUcv9U8LUCZE6La1bRQxj5BmUIOWlKM il+Q== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning gregkh@linuxfoundation.org does not designate 90.92.71.90 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning gregkh@linuxfoundation.org does not designate 90.92.71.90 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Thomas Gleixner , Borislav Petkov , David Woodhouse Subject: [PATCH 4.4 48/53] x86/mce: Make machine check speculation protected Date: Mon, 22 Jan 2018 09:40:40 +0100 Message-Id: <20180122083912.671352467@linuxfoundation.org> X-Mailer: git-send-email 2.16.0 In-Reply-To: <20180122083910.299610926@linuxfoundation.org> References: <20180122083910.299610926@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-LABELS: =?utf-8?b?IlxcU2VudCI=?= X-GMAIL-THRID: =?utf-8?q?1590281435968326402?= X-GMAIL-MSGID: =?utf-8?q?1590281435968326402?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Thomas Gleixner commit 6f41c34d69eb005e7848716bbcafc979b35037d5 upstream. The machine check idtentry uses an indirect branch directly from the low level code. This evades the speculation protection. Replace it by a direct call into C code and issue the indirect call there so the compiler can apply the proper speculation protection. Signed-off-by: Thomas Gleixner Reviewed-by:Borislav Petkov Reviewed-by: David Woodhouse Niced-by: Peter Zijlstra Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801181626290.1847@nanos Signed-off-by: Greg Kroah-Hartman --- arch/x86/entry/entry_64.S | 2 +- arch/x86/include/asm/traps.h | 1 + arch/x86/kernel/cpu/mcheck/mce.c | 5 +++++ 3 files changed, 7 insertions(+), 1 deletion(-) --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1031,7 +1031,7 @@ idtentry async_page_fault do_async_page_ #endif #ifdef CONFIG_X86_MCE -idtentry machine_check has_error_code=0 paranoid=1 do_sym=*machine_check_vector(%rip) +idtentry machine_check do_mce has_error_code=0 paranoid=1 #endif /* --- a/arch/x86/include/asm/traps.h +++ b/arch/x86/include/asm/traps.h @@ -92,6 +92,7 @@ dotraplinkage void do_simd_coprocessor_e #ifdef CONFIG_X86_32 dotraplinkage void do_iret_error(struct pt_regs *, long); #endif +dotraplinkage void do_mce(struct pt_regs *, long); static inline int get_si_code(unsigned long condition) { --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -1672,6 +1672,11 @@ static void unexpected_machine_check(str void (*machine_check_vector)(struct pt_regs *, long error_code) = unexpected_machine_check; +dotraplinkage void do_mce(struct pt_regs *regs, long error_code) +{ + machine_check_vector(regs, error_code); +} + /* * Called for each booted CPU to set up machine checks. * Must be called with preempt off: