x86/amd: Use IBPB for firmware calls (8c7f2d63) · Commits · CodeLinaro / la / kernel / msm

Commit 8c7f2d63 authored 2 years ago by Waiman Long

x86/amd: Use IBPB for firmware calls

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2115086



commit 28a99e95
Author: Peter Zijlstra <peterz@infradead.org>
Date:   Mon, 18 Jul 2022 13:41:37 +0200

    x86/amd: Use IBPB for firmware calls

    On AMD IBRS does not prevent Retbleed; as such use IBPB before a
    firmware call to flush the branch history state.

    And because in order to do an EFI call, the kernel maps a whole lot of
    the kernel page table into the EFI page table, do an IBPB just in case
    in order to prevent the scenario of poisoning the BTB and causing an EFI
    call using the unprotected RET there.

      [ bp: Massage. ]

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
    Link: https://lore.kernel.org/r/20220715194550.793957-1-cascardo@canonical.com



Signed-off-by: Waiman Long <longman@redhat.com>

parent a1da560b

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 13 additions and 1 deletion

Please register or to comment