x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs

The BHI mitigation logic can enable unnecessary extra BHI mitigation
in virtual machines when the host server is using an Intel CPU
without eIBRS. Enabling this extra mitigation has a performance
impact on every syscall and impact VMs running on OCI and Exadata
servers based on Intel Haswell, Broadwell and Skylake CPUs.

To avoid the impact on OCI and Exadata servers, make sure no extra
BHI mitigation is enabled on Haswell, Broadwell and Skylake servers.

Note that this change is not present in upstream kernel as no consensus
has been reached on how to handle this issue. It should eventually be
replaced by the upstream fix if one is ever integrated. In the meantime,
this fix is used to provide a quick and simple relief for OCI and
Exadata VMs.

Signed-off-by: Alexandre Chartre <[email protected]>
Reviewed-by: Boris Ostrovsky <[email protected]>

(cherry picked from LUCI commit 092a3a1db1273baf2f453d6da49d11bac6e09f27)

Changes:
  - arch/x86/kernel/cpu/common.c: straight backport is not working because
    commit b24e466 ("x86/bugs: Switch to new Intel CPU model defines")
    is not present and it changes macros for matching Intel CPU model.

Orabug: 36672479

Signed-off-by: Alexandre Chartre <[email protected]>
Reviewed-by: William Roche <[email protected]>
Signed-off-by: Brian Maly <[email protected]>

Author: achartre

arch/x86/kernel/cpu/common.c

@@ -1179,6 +1179,28 @@ static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
 	VULNWL_INTEL(ATOM_TREMONT_L,		NO_EIBRS_PBRSB),
 	VULNWL_INTEL(ATOM_TREMONT_D,		NO_ITLB_MULTIHIT | NO_EIBRS_PBRSB),
 
+	/*
+	 * CPUs without eIBRS can be impacted by BHI. However, the default
+	 * Spectre v2 mitigations will also mitigate BHI. So X86_BUG_BHI is
+	 * not set on these CPUs and no extra BHI mitigation is applied.
+	 *
+	 * However, this logic is not applied in a vitual machine because the
+	 * VM can't know if the CPU doesn't effectively have eIBRS, or if eIBRS
+	 * was hidden by the hypervisor. So the VM might apply extra BHI
+	 * mitigation while this is not needed.
+	 *
+	 * To avoid OCI and Exadata VMs from using unnecessary BHI mitigation
+	 * (and avoid the associated performance impact), we explicitly mark the
+	 * Intel CPUs used by OCI and Exadata which do not have eIBRS with NO_BHI
+	 * so that no extra BHI mitigation is used even in VMs.
+	 *
+	 * Intel CPUs without eIBRS used by OCI and Exadata are Haswell Server,
+	 * Broadwell Server and Skylake Server.
+	 */
+	VULNWL_INTEL(HASWELL_X,			NO_BHI),
+	VULNWL_INTEL(BROADWELL_X,		NO_BHI),
+	VULNWL_INTEL(SKYLAKE_X,			NO_BHI),
+
 	/* AMD Family 0xf - 0x12 */
 	VULNWL_AMD(0x0f,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI),
 	VULNWL_AMD(0x10,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI),