From patchwork Wed Aug 9 07:12:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Zijlstra X-Patchwork-Id: 133099 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:c44e:0:b0:3f2:4152:657d with SMTP id w14csp2637146vqr; Wed, 9 Aug 2023 01:07:47 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEIXQKKQHjTcyS/Nt8/WqzTfIs+3JWxlzwgV+wkJqsD3tQTOylRM1i3HIJhOrnWTceBxeCl X-Received: by 2002:a05:6808:112:b0:3a7:6059:7fd0 with SMTP id b18-20020a056808011200b003a760597fd0mr1998984oie.15.1691568467009; Wed, 09 Aug 2023 01:07:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691568466; cv=none; d=google.com; s=arc-20160816; b=Nk+x+mTmelmjiFbeb5D6gnJaZdI9m0CWojGYu7X53P6XeKuMR0teeVu8TMlncbPl0T 3EgVTLpoM8WlsdY7T2lkeGyhApkS0M05nFLAy37hvBVhe+mdUj5txuNmvAm7bUnlnEIN Cr0uTBTiXmLire4Py4yWhUJSQ3on9dxsKH4oLcSNVIXGRoAJVXoviuSU7XTzdjiKlrnS 9HoAUHNm+d3uNke0hSFOhlRdAuRRII8qyM6ay+NH7muna1kHdj3i6jA7ZQe/WCFIVtiz XqhH/TAQX+4ZCOBdI1O52HKA8ZOLHOXFmYQNyYMNxT5AQJQH5PPt2WSUfWJ32vpE5Zxa AtJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:subject:cc:to:from:date :user-agent:message-id:dkim-signature; bh=0cNzgV7QfF46H9skhOZymYevXO8FDyoZfdqutENZD+0=; fh=o45i9bBrOE/GuAHaEwxsN59PvrZuIOmhioZFWcmA1tw=; b=miOhmLU2KbOEpiiKP9vEPdHKMPw+tfxmT/QSVo0snIBqhTMGvzfypXSI5iW44U4jWv UBwrLeaDKDOvHsffs5htxi0chCH+kwPN6M4cmQrJ9JJE190lGc3+MX3gJeNuVWQ6HZoW +gYYtIYmCMUlnZ6+DXMYT2kx13gIDsz/dWQIP5kRph2jWWM8wPRDhoUJmWsmfSMmMEXO dMzFsjMQDNCA45WBHLOCXDcCdN6bFvEg00io7KH3rZvziF69N2Tci1lYwTRpuGU7RZUi jzaaeM2zdsfA8vafHdH+8lplRJJBDsUrwnFad+5yv1BjFsSn2IT4X2UP6aC9OjVjZ06s Ujsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=IDjEIVnf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t6-20020a17090a510600b00258ee17486bsi919932pjh.160.2023.08.09.01.07.34; Wed, 09 Aug 2023 01:07:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=IDjEIVnf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231727AbjHIH1Y (ORCPT + 99 others); Wed, 9 Aug 2023 03:27:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48120 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231637AbjHIH05 (ORCPT ); Wed, 9 Aug 2023 03:26:57 -0400 Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9399A1FCE for ; Wed, 9 Aug 2023 00:26:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Type:MIME-Version:References: Subject:Cc:To:From:Date:Message-ID:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:In-Reply-To; bh=0cNzgV7QfF46H9skhOZymYevXO8FDyoZfdqutENZD+0=; b=IDjEIVnf8hRG/Z1COZptTFJDgk yTNNSXbhsucrRkTJ4rywIoG5OwS2e1MtwoycB5kudj4iWShgGyOU+7aYU/2t1d+fMAnv7POuC+3Le +6PwihufK3A+GNeMiyrk7qw21Y/dwhWyr7rmZRXAToPF3gVdCZ0i7Zg6SM37IYjlQhdxfUbeTic2u spKNe+54j68MRpBwGH84T7o/De1YfYXI5zpWvNbfThUpl85Tt/7vdTmEmS9x9NaA7XL2dn5gTWAgi xMsDgu1WTUHDUBV+nhfpqXMYGQKMwtg6DXaNNSGEUvSLv2iaXK9k6Kcj84XEd+aNwYD/lPwMA9DM0 q9dIiqNQ==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.96 #2 (Red Hat Linux)) id 1qTdaf-005TeN-2L; Wed, 09 Aug 2023 07:26:46 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 96CAF301188; Wed, 9 Aug 2023 09:26:44 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 0) id 6475F2CEBEB0D; Wed, 9 Aug 2023 09:26:44 +0200 (CEST) Message-ID: <20230809072200.990061113@infradead.org> User-Agent: quilt/0.66 Date: Wed, 09 Aug 2023 09:12:26 +0200 From: Peter Zijlstra To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, peterz@infradead.org, David.Kaplan@amd.com, Andrew.Cooper3@citrix.com, jpoimboe@kernel.org, gregkh@linuxfoundation.org Subject: [RFC][PATCH 08/17] x86/cpu: Add IBPB on VMEXIT to retbleed= References: <20230809071218.000335006@infradead.org> MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773738097301638932 X-GMAIL-MSGID: 1773738097301638932 Since IBPB-on-VMEXIT is an obvious variant of retbleed=ibpb, add it as an such. Signed-off-by: Peter Zijlstra (Intel) --- arch/x86/kernel/cpu/bugs.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -751,6 +751,7 @@ enum retbleed_mitigation { RETBLEED_MITIGATION_UNRET_SRSO, RETBLEED_MITIGATION_UNRET_SRSO_ALIAS, RETBLEED_MITIGATION_IBPB, + RETBLEED_MITIGATION_IBPB_VMEXIT, RETBLEED_MITIGATION_IBRS, RETBLEED_MITIGATION_EIBRS, RETBLEED_MITIGATION_STUFF, @@ -763,6 +764,7 @@ enum retbleed_mitigation_cmd { RETBLEED_CMD_UNRET_SRSO, RETBLEED_CMD_UNRET_SRSO_ALIAS, RETBLEED_CMD_IBPB, + RETBLEED_CMD_IBPB_VMEXIT, RETBLEED_CMD_STUFF, }; @@ -772,6 +774,7 @@ static const char * const retbleed_strin [RETBLEED_MITIGATION_UNRET_SRSO] = "Mitigation: srso untrained return thunk", [RETBLEED_MITIGATION_UNRET_SRSO_ALIAS] = "Mitigation: srso alias untrained return thunk", [RETBLEED_MITIGATION_IBPB] = "Mitigation: IBPB", + [RETBLEED_MITIGATION_IBPB_VMEXIT] = "Mitigation: IBPB on VMEXIT only", [RETBLEED_MITIGATION_IBRS] = "Mitigation: IBRS", [RETBLEED_MITIGATION_EIBRS] = "Mitigation: Enhanced IBRS", [RETBLEED_MITIGATION_STUFF] = "Mitigation: Stuffing", @@ -808,6 +811,8 @@ static int __init retbleed_parse_cmdline retbleed_cmd = RETBLEED_CMD_UNRET_SRSO_ALIAS; } else if (!strcmp(str, "ibpb")) { retbleed_cmd = RETBLEED_CMD_IBPB; + } else if (!strcmp(str, "ibpb_vmexit")) { + retbleed_cmd = RETBLEED_CMD_IBPB_VMEXIT; } else if (!strcmp(str, "stuff")) { retbleed_cmd = RETBLEED_CMD_STUFF; } else if (!strcmp(str, "nosmt")) { @@ -881,13 +886,17 @@ static void __init retbleed_select_mitig break; case RETBLEED_CMD_IBPB: + case RETBLEED_CMD_IBPB_VMEXIT: if (!boot_cpu_has(X86_FEATURE_IBPB)) { pr_err("WARNING: CPU does not support IBPB.\n"); goto do_cmd_auto; } else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { if (boot_cpu_has_bug(X86_BUG_SRSO) && !has_microcode) pr_err("IBPB-extending microcode not applied; SRSO NOT mitigated\n"); - retbleed_mitigation = RETBLEED_MITIGATION_IBPB; + if (retbleed_cmd == RETBLEED_CMD_IBPB) + retbleed_mitigation = RETBLEED_MITIGATION_IBPB; + if (retbleed_cmd == RETBLEED_CMD_IBPB_VMEXIT) + retbleed_mitigation = RETBLEED_MITIGATION_IBPB_VMEXIT; } else { pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); goto do_cmd_auto; @@ -961,6 +970,12 @@ static void __init retbleed_select_mitig case RETBLEED_MITIGATION_IBPB: setup_force_cpu_cap(X86_FEATURE_ENTRY_IBPB); + setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); + mitigate_smt = true; + break; + + case RETBLEED_MITIGATION_IBPB_VMEXIT: + setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); mitigate_smt = true; break;