On Thu, 2018-01-18 at 16:28 +0100, Thomas Gleixner wrote:
> The machine check idtentry uses an indirect branch directly from the low
> level code. This evades the speculation protection.
>
> Replace it by a direct call into C code and issue the indirect call there
> so the compiler can apply the proper speculation protection.
>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: stable for at least 4.9.
> ---
> arch/x86/entry/entry_64.S | 2 +-
> arch/x86/include/asm/traps.h | 1 +
> arch/x86/kernel/cpu/mcheck/mce.c | 5 +++++
> 3 files changed, 7 insertions(+), 1 deletion(-)
>
> --- a/arch/x86/entry/entry_64.S
> +++ b/arch/x86/entry/entry_64.S
> @@ -1264,7 +1264,7 @@ idtentry async_page_fault do_async_page_
> #endif
>
> #ifdef CONFIG_X86_MCE
> -idtentry machine_check has_error_code=0 paranoid=1 do_sym=*machine_check_vector(%rip)
> +idtentry machine_check do_mce has_error_code=0 paranoid=1
> #endif
>
> /*
> --- a/arch/x86/include/asm/traps.h
> +++ b/arch/x86/include/asm/traps.h
> @@ -88,6 +88,7 @@ dotraplinkage void do_simd_coprocessor_e
> #ifdef CONFIG_X86_32
> dotraplinkage void do_iret_error(struct pt_regs *, long);
> #endif
> +dotraplinkage void do_mce(struct pt_regs *, long);
>
> static inline int get_si_code(unsigned long condition)
> {
> --- a/arch/x86/kernel/cpu/mcheck/mce.c
> +++ b/arch/x86/kernel/cpu/mcheck/mce.c
> @@ -1785,6 +1785,11 @@ static void unexpected_machine_check(str
> void (*machine_check_vector)(struct pt_regs *, long error_code) =
> unexpected_machine_check;
>
> +dotraplinkage void do_mce(struct pt_regs *regs, long error_code)
> +{
> + machine_check_vector(regs, error_code);
> +}
> +
> /*
> * Called for each booted CPU to set up machine checks.
> * Must be called with preempt off:
> Attachment:
smime.p7s
Description: S/MIME cryptographic signature