To reflect the recent change that moved LFENCE to the caller side. Suggested-by: Borislav Petkov Reviewed-by: Nikolay Borisov Tested-by: Jon Kohler Signed-off-by: Pawan Gupta --- arch/x86/entry/entry_64.S | 8 ++++---- arch/x86/include/asm/nospec-branch.h | 6 +++--- arch/x86/net/bpf_jit_comp.c | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index bbd4b1c7ec04..1f56d086d312 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1532,7 +1532,7 @@ SYM_CODE_END(rewind_stack_and_make_dead) * Note, callers should use a speculation barrier like LFENCE immediately after * a call to this function to ensure BHB is cleared before indirect branches. */ -SYM_FUNC_START(clear_bhb_loop) +SYM_FUNC_START(clear_bhb_loop_nofence) ANNOTATE_NOENDBR push %rbp mov %rsp, %rbp @@ -1570,6 +1570,6 @@ SYM_FUNC_START(clear_bhb_loop) 5: pop %rbp RET -SYM_FUNC_END(clear_bhb_loop) -EXPORT_SYMBOL_FOR_KVM(clear_bhb_loop) -STACK_FRAME_NON_STANDARD(clear_bhb_loop) +SYM_FUNC_END(clear_bhb_loop_nofence) +EXPORT_SYMBOL_FOR_KVM(clear_bhb_loop_nofence) +STACK_FRAME_NON_STANDARD(clear_bhb_loop_nofence) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 87b83ae7c97f..157eb69c7f0f 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -331,11 +331,11 @@ #ifdef CONFIG_X86_64 .macro CLEAR_BRANCH_HISTORY - ALTERNATIVE "", "call clear_bhb_loop; lfence", X86_FEATURE_CLEAR_BHB_LOOP + ALTERNATIVE "", "call clear_bhb_loop_nofence; lfence", X86_FEATURE_CLEAR_BHB_LOOP .endm .macro CLEAR_BRANCH_HISTORY_VMEXIT - ALTERNATIVE "", "call clear_bhb_loop; lfence", X86_FEATURE_CLEAR_BHB_VMEXIT + ALTERNATIVE "", "call clear_bhb_loop_nofence; lfence", X86_FEATURE_CLEAR_BHB_VMEXIT .endm #else #define CLEAR_BRANCH_HISTORY @@ -389,7 +389,7 @@ extern void entry_untrain_ret(void); extern void write_ibpb(void); #ifdef CONFIG_X86_64 -extern void clear_bhb_loop(void); +extern void clear_bhb_loop_nofence(void); #endif extern void (*x86_return_thunk)(void); diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c index 63d6c9fa5e80..f40e88f87273 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -1619,7 +1619,7 @@ static int emit_spectre_bhb_barrier(u8 **pprog, u8 *ip, EMIT1(0x51); /* push rcx */ ip += 2; - func = (u8 *)clear_bhb_loop; + func = (u8 *)clear_bhb_loop_nofence; ip += x86_call_depth_emit_accounting(&prog, func, ip); if (emit_call(&prog, func, ip)) -- 2.34.1