Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git...

Pull x86/pti update from Thomas Gleixner:
 "Just a single change from the anti-performance departement:

   - Add a new PR_SPEC_DISABLE_NOEXEC option which allows to apply the
     speculation protections on a process without inheriting the state
     on exec.

     This remedies a situation where a Java-launcher has speculation
     protections enabled because that's the default for JVMs which
     causes the launched regular harmless processes to inherit the
     protection state which results in unintended performance
     degradation"

* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/speculation: Add PR_SPEC_DISABLE_NOEXEC

diff --combined arch/x86/kernel/cpu/bugs.c
index 01874d54f4fd955d4e16b8fcf0c76d81112eddb7,2faeaf46347ada052ceb5e8edbc6fc91d6b32101..2da82eff0eb4f8498c8cdd65bd9f9dd5fa1fa6eb
--- 1/arch/x86/kernel/cpu/bugs.c
--- 2/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@@ -71,7 -71,7 +71,7 @@@ void __init check_bugs(void
         * identify_boot_cpu() initialized SMT support information, let the
         * core code know.
         */
 -      cpu_smt_check_topology_early();
 +      cpu_smt_check_topology();
  
        if (!IS_ENABLED(CONFIG_SMP)) {
                pr_info("CPU: ");
@@@ -798,15 -798,25 +798,25 @@@ static int ssb_prctl_set(struct task_st
                if (task_spec_ssb_force_disable(task))
                        return -EPERM;
                task_clear_spec_ssb_disable(task);
+               task_clear_spec_ssb_noexec(task);
                task_update_spec_tif(task);
                break;
        case PR_SPEC_DISABLE:
                task_set_spec_ssb_disable(task);
+               task_clear_spec_ssb_noexec(task);
                task_update_spec_tif(task);
                break;
        case PR_SPEC_FORCE_DISABLE:
                task_set_spec_ssb_disable(task);
                task_set_spec_ssb_force_disable(task);
+               task_clear_spec_ssb_noexec(task);
+               task_update_spec_tif(task);
+               break;
+       case PR_SPEC_DISABLE_NOEXEC:
+               if (task_spec_ssb_force_disable(task))
+                       return -EPERM;
+               task_set_spec_ssb_disable(task);
+               task_set_spec_ssb_noexec(task);
                task_update_spec_tif(task);
                break;
        default:
@@@ -885,6 -895,8 +895,8 @@@ static int ssb_prctl_get(struct task_st
        case SPEC_STORE_BYPASS_PRCTL:
                if (task_spec_ssb_force_disable(task))
                        return PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE;
+               if (task_spec_ssb_noexec(task))
+                       return PR_SPEC_PRCTL | PR_SPEC_DISABLE_NOEXEC;
                if (task_spec_ssb_disable(task))
                        return PR_SPEC_PRCTL | PR_SPEC_DISABLE;
                return PR_SPEC_PRCTL | PR_SPEC_ENABLE;

diff --combined include/linux/sched.h
index f9b43c989577fdf50da7147ee28a7b0a8c4e24ad,fc836dc71bbad8ecd7930f3ee5dd121fbd7d0bfd..89ddece0b003ca1d2b0625aa6a162855bf719488
--- 1/include/linux/sched.h
--- 2/include/linux/sched.h
+++ b/include/linux/sched.h
@@@ -739,6 -739,12 +739,6 @@@ struct task_struct 
        unsigned                        use_memdelay:1;
  #endif
  
 -      /*
 -       * May usercopy functions fault on kernel addresses?
 -       * This is not just a single bit because this can potentially nest.
 -       */
 -      unsigned int                    kernel_uaccess_faults_ok;
 -
        unsigned long                   atomic_flags; /* Flags requiring atomic access. */
  
        struct restart_block            restart_block;
@@@ -989,7 -995,7 +989,7 @@@
        /* cg_list protected by css_set_lock and tsk->alloc_lock: */
        struct list_head                cg_list;
  #endif
 -#ifdef CONFIG_X86_RESCTRL
 +#ifdef CONFIG_X86_CPU_RESCTRL
        u32                             closid;
        u32                             rmid;
  #endif
@@@ -1453,6 -1459,7 +1453,7 @@@ static inline bool is_percpu_thread(voi
  #define PFA_SPEC_SSB_FORCE_DISABLE    4       /* Speculative Store Bypass force disabled*/
  #define PFA_SPEC_IB_DISABLE           5       /* Indirect branch speculation restricted */
  #define PFA_SPEC_IB_FORCE_DISABLE     6       /* Indirect branch speculation permanently restricted */
+ #define PFA_SPEC_SSB_NOEXEC           7       /* Speculative Store Bypass clear on execve() */
  
  #define TASK_PFA_TEST(name, func)                                     \
        static inline bool task_##func(struct task_struct *p)           \
@@@ -1481,6 -1488,10 +1482,10 @@@ TASK_PFA_TEST(SPEC_SSB_DISABLE, spec_ss
  TASK_PFA_SET(SPEC_SSB_DISABLE, spec_ssb_disable)
  TASK_PFA_CLEAR(SPEC_SSB_DISABLE, spec_ssb_disable)
  
+ TASK_PFA_TEST(SPEC_SSB_NOEXEC, spec_ssb_noexec)
+ TASK_PFA_SET(SPEC_SSB_NOEXEC, spec_ssb_noexec)
+ TASK_PFA_CLEAR(SPEC_SSB_NOEXEC, spec_ssb_noexec)
+ 
  TASK_PFA_TEST(SPEC_SSB_FORCE_DISABLE, spec_ssb_force_disable)
  TASK_PFA_SET(SPEC_SSB_FORCE_DISABLE, spec_ssb_force_disable)