From ba6fbe6af8aac5100b00804b68efe48143fcc262 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 28 Jun 2018 11:09:03 +0900 Subject: [PATCH] 4.4-stable patches added patches: x86-spectre_v1-disable-compiler-optimizations-over-array_index_mask_nospec.patch --- ...zations-over-array_index_mask_nospec.patch | 81 +++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 queue-4.4/x86-spectre_v1-disable-compiler-optimizations-over-array_index_mask_nospec.patch diff --git a/queue-4.4/x86-spectre_v1-disable-compiler-optimizations-over-array_index_mask_nospec.patch b/queue-4.4/x86-spectre_v1-disable-compiler-optimizations-over-array_index_mask_nospec.patch new file mode 100644 index 00000000000..73532bddf35 --- /dev/null +++ b/queue-4.4/x86-spectre_v1-disable-compiler-optimizations-over-array_index_mask_nospec.patch @@ -0,0 +1,81 @@ +From eab6870fee877258122a042bfd99ee7908c40280 Mon Sep 17 00:00:00 2001 +From: Dan Williams +Date: Thu, 7 Jun 2018 09:13:48 -0700 +Subject: x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() + +From: Dan Williams + +commit eab6870fee877258122a042bfd99ee7908c40280 upstream. + +Mark Rutland noticed that GCC optimization passes have the potential to elide +necessary invocations of the array_index_mask_nospec() instruction sequence, +so mark the asm() volatile. + +Mark explains: + +"The volatile will inhibit *some* cases where the compiler could lift the + array_index_nospec() call out of a branch, e.g. where there are multiple + invocations of array_index_nospec() with the same arguments: + + if (idx < foo) { + idx1 = array_idx_nospec(idx, foo) + do_something(idx1); + } + + < some other code > + + if (idx < foo) { + idx2 = array_idx_nospec(idx, foo); + do_something_else(idx2); + } + + ... since the compiler can determine that the two invocations yield the same + result, and reuse the first result (likely the same register as idx was in + originally) for the second branch, effectively re-writing the above as: + + if (idx < foo) { + idx = array_idx_nospec(idx, foo); + do_something(idx); + } + + < some other code > + + if (idx < foo) { + do_something_else(idx); + } + + ... if we don't take the first branch, then speculatively take the second, we + lose the nospec protection. + + There's more info on volatile asm in the GCC docs: + + https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html#Volatile + " + +Reported-by: Mark Rutland +Signed-off-by: Dan Williams +Acked-by: Mark Rutland +Acked-by: Thomas Gleixner +Acked-by: Linus Torvalds +Cc: +Cc: Peter Zijlstra +Fixes: babdde2698d4 ("x86: Implement array_index_mask_nospec") +Link: https://lkml.kernel.org/lkml/152838798950.14521.4893346294059739135.stgit@dwillia2-desk3.amr.corp.intel.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/include/asm/barrier.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/include/asm/barrier.h ++++ b/arch/x86/include/asm/barrier.h +@@ -38,7 +38,7 @@ static inline unsigned long array_index_ + { + unsigned long mask; + +- asm ("cmp %1,%2; sbb %0,%0;" ++ asm volatile ("cmp %1,%2; sbb %0,%0;" + :"=r" (mask) + :"r"(size),"r" (index) + :"cc"); -- 2.47.3