On Thu, 2018-01-04 at 09:56 -0800, Tim Chen wrote:
> 
> +       mutex_lock(&spec_ctrl_mutex);
> +
> +       if (enable == IBRS_DISABLED) {
> +               /* disable IBRS usage */
> +               set_ibrs_disabled();
> +               if (spec_ctrl_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
> +                       spec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL, 
> SPEC_CTRL_FEATURE_DISABLE_IBRS);
> +       } else if (enable == IBRS_ENABLED) {
> +               /* enable IBRS usage in kernel */
> +               clear_ibrs_disabled();
> +               if (spec_ctrl_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
> +                       set_ibrs_inuse();
> +               else
> +                       /* Platform don't support IBRS */
> +                       enable = IBRS_DISABLED;
> +       } else if (enable == IBRS_ENABLED_USER) {
> +               /* enable IBRS usage in both userspace and kernel */
> +               clear_ibrs_disabled();
> +               /* don't change IBRS value once we set it to always on */
> +               clear_ibrs_inuse();
> +               if (spec_ctrl_ibrs & SPEC_CTRL_IBRS_SUPPORTED)
> +                       spec_ctrl_flush_all_cpus(MSR_IA32_SPEC_CTRL, 
> SPEC_CTRL_FEATURE_ENABLE_IBRS);
> +               else
> +                       /* Platform don't support IBRS */
> +                       enable = IBRS_DISABLED;
> +       }

This doesn't take the retpoline status into account. If we have
retpoline, we don't need IBRS in the kernel.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to