UBUNTU: SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code

CVE-2018-3639 (x86)

Now that we have generic, vendor-agnostic support of IBPB/IBRS feature
detection in common code, move the code to enable/disable it from the
vendor-specifc init_<vendor> functions to the common code.

Except for the AMD special case where we need to write an MSR on every CPU.
Keep that in init_amd() which runs on every CPU, whereas the common code
mentioned above only runs once when CPU 0 is being onlined.
Signed-off-by: Juerg Haefliger <juergh@canonical.com>

arch/x86/kernel/cpu/amd.c

@@ -794,42 +794,24 @@ static void init_amd(struct cpuinfo_x86 *c)
 	/* AMD CPUs don't reset SS attributes on SYSRET */
 	set_cpu_bug(c, X86_BUG_SYSRET_SS_ATTRS);
 
-	/* AMD speculative control support */
-	if (cpu_has(c, X86_FEATURE_SPEC_CTRL)) {
-		pr_info_once("FEATURE SPEC_CTRL Present\n");
-		set_ibrs_supported();
-		set_ibpb_supported();
-		if (ibrs_inuse)
-			sysctl_ibrs_enabled = 1;
-		if (ibpb_inuse)
-			sysctl_ibpb_enabled = 1;
-	} else if (cpu_has(c, X86_FEATURE_IBPB)) {
-		pr_info_once("FEATURE SPEC_CTRL Not Present\n");
-		pr_info_once("FEATURE IBPB Present\n");
-		set_ibpb_supported();
-		if (ibpb_inuse)
-			sysctl_ibpb_enabled = 1;
-	} else {
-		pr_info_once("FEATURE SPEC_CTRL Not Present\n");
-		pr_info_once("FEATURE IBPB Not Present\n");
-		/*
-		 * On AMD processors that do not support the speculative
-		 * control features, IBPB type support can be achieved by
-		 * disabling indirect branch predictor support.
-		 */
-		if (!ibpb_disabled) {
-			u64 val;
-
-			switch (c->x86) {
-			case 0x10:
-			case 0x12:
-			case 0x16:
-				pr_info_once("Disabling indirect branch predictor support\n");
-				rdmsrl(MSR_F15H_IC_CFG, val);
-				val |= MSR_F15H_IC_CFG_DIS_IND;
-				wrmsrl(MSR_F15H_IC_CFG, val);
-				break;
-			}
+	/*
+	 * On AMD family 0x10, 0x12 and 0x16 processors that do not support the
+	 * speculative control features, IBPB type support can be achieved by
+	 * disabling indirect branch predictor support.
+	 */
+	if (!ibpb_disabled && !cpu_has(c, X86_FEATURE_SPEC_CTRL) &&
+	    !cpu_has(c, X86_FEATURE_IBPB)) {
+		u64 val;
+
+		switch (c->x86) {
+		case 0x10:
+		case 0x12:
+		case 0x16:
+			pr_info_once("Disabling Indirect Branch Predictor Support\n");
+			rdmsrl(MSR_F15H_IC_CFG, val);
+			val |= MSR_F15H_IC_CFG_DIS_IND;
+			wrmsrl(MSR_F15H_IC_CFG, val);
+			break;
 		}
 	}
 }

arch/x86/kernel/cpu/bugs.c

@@ -284,8 +284,21 @@ static void __init spectre_v2_select_mitigation(void)
 	if (boot_cpu_has(X86_FEATURE_IBPB)) {
 		setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
 		pr_info("Enabling Indirect Branch Prediction Barrier\n");
+
+		set_ibpb_supported();
+		if (ibpb_inuse)
+			sysctl_ibpb_enabled = 1;
 	}
 
+	/* Initialize Indirect Branch Restricted Speculation if supported */
+	if (boot_cpu_has(X86_FEATURE_IBRS)) {
+		pr_info("Enabling Indirect Branch Restricted Speculation\n");
+
+		set_ibrs_supported();
+		if (ibrs_inuse)
+			sysctl_ibrs_enabled = 1;
+        }
+
 	pr_info("Speculation control IBPB %s IBRS %s",
 	        ibpb_supported ? "supported" : "not-supported",
 	        ibrs_supported ? "supported" : "not-supported");

arch/x86/kernel/cpu/intel.c

@@ -594,20 +594,6 @@ static void init_intel(struct cpuinfo_x86 *c)
 		detect_vmx_virtcap(c);
 
 	init_intel_energy_perf(c);
-
-	if (!c->cpu_index) {
-		if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) {
-			printk(KERN_INFO "FEATURE SPEC_CTRL Present\n");
-			set_ibrs_supported();
-			set_ibpb_supported();
-			if (ibrs_inuse)
-				sysctl_ibrs_enabled = 1;
-			if (ibpb_inuse)
-				sysctl_ibpb_enabled = 1;
-		} else {
-			printk(KERN_INFO "FEATURE SPEC_CTRL Not Present\n");
-		}
-	}
 }
 
 #ifdef CONFIG_X86_32