summaryrefslogtreecommitdiffstats
path: root/security/device_cgroup.c
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw@amazon.co.uk>2018-02-19 10:50:54 +0000
committerIngo Molnar <mingo@kernel.org>2018-02-20 09:38:33 +0100
commitdd84441a797150dcc49298ec95c459a8891d8bb1 (patch)
tree4ee6744c6d1a764f80d4c6829c5f322ce05dece0 /security/device_cgroup.c
parentd1c99108af3c5992640aa2afa7d2e88c3775c06e (diff)
downloadlinux-dd84441a797150dcc49298ec95c459a8891d8bb1.tar.gz
linux-dd84441a797150dcc49298ec95c459a8891d8bb1.tar.bz2
linux-dd84441a797150dcc49298ec95c459a8891d8bb1.zip
x86/speculation: Use IBRS if available before calling into firmware
Retpoline means the kernel is safe because it has no indirect branches. But firmware isn't, so use IBRS for firmware calls if it's available. Block preemption while IBRS is set, although in practice the call sites already had to be doing that. Ignore hpwdt.c for now. It's taking spinlocks and calling into firmware code, from an NMI handler. I don't want to touch that with a bargepole. Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: arjan.van.de.ven@intel.com Cc: bp@alien8.de Cc: dave.hansen@intel.com Cc: jmattson@google.com Cc: karahmed@amazon.de Cc: kvm@vger.kernel.org Cc: pbonzini@redhat.com Cc: rkrcmar@redhat.com Link: http://lkml.kernel.org/r/1519037457-7643-2-git-send-email-dwmw@amazon.co.uk Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'security/device_cgroup.c')
0 files changed, 0 insertions, 0 deletions