diff mbox series

[v3,2/7] x86/smp: Dont access non-existing CPUID leaf

Message ID	20230615193330.322186388@linutronix.de
State	New
Headers	Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Message-ID: <20230615193330.322186388@linutronix.de> From: Thomas Gleixner <tglx@linutronix.de> To: LKML <linux-kernel@vger.kernel.org> Cc: x86@kernel.org, Mario Limonciello <mario.limonciello@amd.com>, Tom Lendacky <thomas.lendacky@amd.com>, Tony Battersby <tonyb@cybernetics.com>, Ashok Raj <ashok.raj@linux.intel.com>, Tony Luck <tony.luck@intel.com>, Arjan van de Veen <arjan@linux.intel.com>, Eric Biederman <ebiederm@xmission.com> Subject: [patch v3 2/7] x86/smp: Dont access non-existing CPUID leaf References: <20230615190036.898273129@linutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Date: Thu, 15 Jun 2023 22:33:52 +0200 (CEST) Precedence: bulk
Series	x86/smp: Cure stop_other_cpus() and kexec() troubles \| [v3,0/7] x86/smp: Cure stop_other_cpus() and kexec() troubles [v3,1/7] x86/smp: Make stop_other_cpus() more robust [v3,2/7] x86/smp: Dont access non-existing CPUID leaf [v3,3/7] x86/smp: Remove pointless wmb()s from native_stop_other_cpus() [v3,4/7] x86/smp: Use dedicated cache-line for mwait_play_dead() [v3,5/7] x86/smp: Cure kexec() vs. mwait_play_dead() breakage [v3,6/7] x86/smp: Split sending INIT IPI out into a helper function [v3,7/7] x86/smp: Put CPUs into INIT on shutdown if possible

Commit Message

Thomas Gleixner June 15, 2023, 8:33 p.m. UTC

  From: Tony Battersby <tonyb@cybernetics.com>

stop_this_cpu() tests CPUID leaf 0x8000001f::EAX unconditionally. CPUs
return the content of the highest supported leaf when a non-existing leaf
is read. So the result of the test is lottery except on AMD CPUs which
support that leaf.

While harmless it's incorrect and causes the conditional wbinvd() to be
issued where not required.

Check whether the leaf is supported before reading it.

[ tglx: Adjusted changelog ]

Fixes: 08f253ec3767 ("x86/cpu: Clear SME feature flag when not in use")
Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/3817d810-e0f1-8ef8-0bbd-663b919ca49b@cybernetics.com
---
 arch/x86/kernel/process.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Comments

Mario Limonciello June 19, 2023, 5:02 p.m. UTC | #1

On 6/15/2023 3:33 PM, Thomas Gleixner wrote:
> From: Tony Battersby <tonyb@cybernetics.com>
>
> stop_this_cpu() tests CPUID leaf 0x8000001f::EAX unconditionally. CPUs
> return the content of the highest supported leaf when a non-existing leaf
> is read. So the result of the test is lottery except on AMD CPUs which
> support that leaf.
>
> While harmless it's incorrect and causes the conditional wbinvd() to be
> issued where not required.
>
> Check whether the leaf is supported before reading it.
>
> [ tglx: Adjusted changelog ]
>
> Fixes: 08f253ec3767 ("x86/cpu: Clear SME feature flag when not in use")

Thanks for this fix.
This particular patch should probably also CC to stable.

Reviewed-by: Mario Limonciello <mario.limonciello@amd.com>

> Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> Link: https://lore.kernel.org/r/3817d810-e0f1-8ef8-0bbd-663b919ca49b@cybernetics.com
> ---
>   arch/x86/kernel/process.c |    5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
>
> --- a/arch/x86/kernel/process.c
> +++ b/arch/x86/kernel/process.c
> @@ -763,6 +763,7 @@ struct cpumask cpus_stop_mask;
>   
>   void __noreturn stop_this_cpu(void *dummy)
>   {
> +	struct cpuinfo_x86 *c = this_cpu_ptr(&cpu_info);
>   	unsigned int cpu = smp_processor_id();
>   
>   	local_irq_disable();
> @@ -777,7 +778,7 @@ void __noreturn stop_this_cpu(void *dumm
>   	 */
>   	set_cpu_online(cpu, false);
>   	disable_local_APIC();
> -	mcheck_cpu_clear(this_cpu_ptr(&cpu_info));
> +	mcheck_cpu_clear(c);
>   
>   	/*
>   	 * Use wbinvd on processors that support SME. This provides support
> @@ -791,7 +792,7 @@ void __noreturn stop_this_cpu(void *dumm
>   	 * Test the CPUID bit directly because the machine might've cleared
>   	 * X86_FEATURE_SME due to cmdline options.
>   	 */
> -	if (cpuid_eax(0x8000001f) & BIT(0))
> +	if (c->extended_cpuid_level >= 0x8000001f && (cpuid_eax(0x8000001f) & BIT(0)))
>   		native_wbinvd();
>   
>   	/*
>

Thomas Gleixner June 19, 2023, 5:15 p.m. UTC | #2

On Mon, Jun 19 2023 at 12:02, Limonciello, Mario wrote:
> On 6/15/2023 3:33 PM, Thomas Gleixner wrote:
>> From: Tony Battersby <tonyb@cybernetics.com>
>>
>> stop_this_cpu() tests CPUID leaf 0x8000001f::EAX unconditionally. CPUs
>> return the content of the highest supported leaf when a non-existing leaf
>> is read. So the result of the test is lottery except on AMD CPUs which
>> support that leaf.
>>
>> While harmless it's incorrect and causes the conditional wbinvd() to be
>> issued where not required.
>>
>> Check whether the leaf is supported before reading it.
>>
>> [ tglx: Adjusted changelog ]
>>
>> Fixes: 08f253ec3767 ("x86/cpu: Clear SME feature flag when not in use")
>
> Thanks for this fix.
> This particular patch should probably also CC to stable.

It's pretty much all stable material.

Borislav Petkov June 20, 2023, 8:20 a.m. UTC | #3

On Thu, Jun 15, 2023 at 10:33:52PM +0200, Thomas Gleixner wrote:

> Subject: Re: [patch v3 2/7] x86/smp: Dont access non-existing CPUID leaf

"Do not access a non-existing... "

> From: Tony Battersby <tonyb@cybernetics.com>
> 
> stop_this_cpu() tests CPUID leaf 0x8000001f::EAX unconditionally. CPUs
> return the content of the highest supported leaf when a non-existing leaf
> is read.

This should be:

"On Intel, querying an invalid extended CPUID leaf returns the values of the
maximum basic CPUID leaf. On AMD, invalid CPUID leafs return zeros."

Other than that:

Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>

diff mbox series

Patch

--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -763,6 +763,7 @@  struct cpumask cpus_stop_mask;
 
 void __noreturn stop_this_cpu(void *dummy)
 {
+	struct cpuinfo_x86 *c = this_cpu_ptr(&cpu_info);
 	unsigned int cpu = smp_processor_id();
 
 	local_irq_disable();
@@ -777,7 +778,7 @@  void __noreturn stop_this_cpu(void *dumm
 	 */
 	set_cpu_online(cpu, false);
 	disable_local_APIC();
-	mcheck_cpu_clear(this_cpu_ptr(&cpu_info));
+	mcheck_cpu_clear(c);
 
 	/*
 	 * Use wbinvd on processors that support SME. This provides support
@@ -791,7 +792,7 @@  void __noreturn stop_this_cpu(void *dumm
 	 * Test the CPUID bit directly because the machine might've cleared
 	 * X86_FEATURE_SME due to cmdline options.
 	 */
-	if (cpuid_eax(0x8000001f) & BIT(0))
+	if (c->extended_cpuid_level >= 0x8000001f && (cpuid_eax(0x8000001f) & BIT(0)))
 		native_wbinvd();
 
 	/*