From patchwork Mon Aug 21 01:18:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136322 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2781513vqi; Sun, 20 Aug 2023 21:35:36 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH3Gy/5KfbaaNUrnIzcBJYvYjUBaKIn6PmNCUrfwtf95DQfCyWyebsoZC6KvAhKVqkALixG X-Received: by 2002:a05:6512:304d:b0:4fb:be3c:d8b7 with SMTP id b13-20020a056512304d00b004fbbe3cd8b7mr4421498lfb.51.1692592535918; Sun, 20 Aug 2023 21:35:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692592535; cv=none; d=google.com; s=arc-20160816; b=TDGxbtBx6v6MLqtwK4AO0E0ijFZ/PbIe9ELFHidOUCks+uFS9lkfKrOVa3VvcTArG6 w9CxVP8a0V13A3dfTXJBL3OcUb9QPbiGBwraTyP5Zflyu0Ih9m12rc/FxhGD82NJ4Td8 wZroT+qvZmxSuHz0bEJQdBJ0rkHg9AYADRx6M6Z3GuWVlGtpcfe70MZCZWlMDeITugB9 dybjPwxBl6LWAp3a6kKVJ7HHCGcg834Qmndbk1JwPj39hM9OSZ7qKxmwJSrZNVOGdi/k hJ3LHZe0VFPiHiL4WUeBTcr1fS+cwQ5TCZNKAYQLZpAXMGVJa4+a0BP3gyoxLqB00Xg9 1QRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=WpYnraIgbpbJGAAYEIQCz7RidN8m0w8NOh8GTMtxyHw=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=ScRK10bHhsY7PpHDaq9HiRm/j7rJPEZvzJ68p+GRc5tQBLP/Pap2cedX1WLlVkGb3L xvfjFHm1rhQ8xZu6ljHgpcxS4b7Qp4IM1Wo5mw2cvEOOu3UazTSBJwtctZU8tM2DRSfQ 38bEFZNoUt1BlzXqobTYzPlfNcauXnhXQP0a/KGbauZ6kh/FaD0WasboAG04zulhMNdT psjibyxH6yaorHF/cSKAX02t8PYvYYmV7CYeJAqIHNaI5AwOex3w9PkvA6Qc5/1WUiEV qP1YspwCsHzHt3L2pVVzsAaHbSGbJ1/w2lsjkuUIAJqiWo35v/nhZRpEwysTAa2/0JJQ jvZg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=oGTzd7iR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v13-20020aa7d80d000000b005288947eebasi5066029edq.171.2023.08.20.21.35.12; Sun, 20 Aug 2023 21:35:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=oGTzd7iR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232279AbjHUBTb (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231990AbjHUBTa (ORCPT ); Sun, 20 Aug 2023 21:19:30 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7396A0 for ; Sun, 20 Aug 2023 18:19:28 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 4E4C8625FD for ; Mon, 21 Aug 2023 01:19:28 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 429C3C433C7; Mon, 21 Aug 2023 01:19:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580767; bh=tZ4Q8jjAOGCCPRfVNc3rr+aMQROmytBONCwejjFqKCk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=oGTzd7iRf/KPOJw0aXefKaYcg8H6TV5xkkITQZwWCdz/IBieIjDZ3b9OcfkhMjGtZ V2abQsFrOYW+v8OYpnMkELoen6RT6Y/ZVwuRUqB6pfgrBvahjo7bnv/GlmDzX35LeG TJo55qbD7gekM5AiVxQqShYQQQ9KAUb+0EvgauRUThuSWDf/+cpsbAKu51VGOX131f 2Vs09GZFnyadGVT/64GC3mY+Kqazu3ZiaYuiLQGwYUbofZ4REnhILiv4C2aBGL9CUx K9o/Swr+FjhmzO8+M6oL8VRF0i0YO2r6+IgjryOvdvraP1zIMV9GsBj+Hs146t2EAT ppu/1Da+Mflaw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 01/22] x86/srso: Fix srso_show_state() side effect Date: Sun, 20 Aug 2023 18:18:58 -0700 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774811911006138209 X-GMAIL-MSGID: 1774811911006138209 Reading the 'spec_rstack_overflow' sysfs file can trigger an unnecessary MSR write, and possibly even a (handled) exception if the microcode hasn't been updated. Avoid all that by just checking X86_FEATURE_IBPB_BRTYPE instead, which gets set by srso_select_mitigation() if the updated microcode exists. Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation") Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index f081d26616ac..bdd3e296f72b 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2717,7 +2717,7 @@ static ssize_t srso_show_state(char *buf) return sysfs_emit(buf, "%s%s\n", srso_strings[srso_mitigation], - (cpu_has_ibpb_brtype_microcode() ? "" : ", no microcode")); + boot_cpu_has(X86_FEATURE_IBPB_BRTYPE) ? "" : ", no microcode"); } static ssize_t gds_show_state(char *buf) From patchwork Mon Aug 21 01:18:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136315 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2766225vqi; Sun, 20 Aug 2023 20:39:34 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEPivROxXHW/QMwzMpTx8aLbiOrSAP4fWX9MAMbRKMjS+YLJmZvX85P5G0q0wSLpdTYeUom X-Received: by 2002:a05:6512:2354:b0:4ff:a8c6:d1aa with SMTP id p20-20020a056512235400b004ffa8c6d1aamr4248700lfu.48.1692589174193; Sun, 20 Aug 2023 20:39:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692589174; cv=none; d=google.com; s=arc-20160816; b=UnELGEHAjfEU0ThjCQHPiNEJaoqrPVtas5RtG8smHWukd8reb78oEEI8xI6wEJr7L/ Kgx1/ZKC4+/F2wWliyLZe5LYLnmtiyu4BX61INMAJHvOEEMXFv0EHXvGnkOBb0fhcDZC sipbxYSipg6qBaGjvWMIhePGpvi9xgxgTCLUauc9QNhlQ4Su/FzO5ldu5Jbt5A4eR6jj NQtCoVRo6e4nQ6oWcPYqMpIjggM+H6Wu/P2IyRpS4CJnAtkfAcQ/rNwpAmxVZcvacnY4 PECpR2seVzagRRpdZyujlbKeC2U/7Uayza8XKcMCwSd9lJeXAnjOfx7PSpy3UoNXtaSs QGXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LpzBKxWYJUM++g9pNJdf36cSUnovC+0Hv35G/RO69GQ=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=k0F51myTMTbEBnDSX9uBCffHOeRE4cLbkjbiqjTSURKYaVTp1zjHtggrTmZCUiTXxh y0oIFZ/eDR9m+LpPx0hvfqynyzQmskiPxsnkdmeX5kyFGn49LJv83pSyxiCG6nA7RbwQ N76O8fwoJ9kGTICO7xoFEDwpzpNMgpMvavHG1Q4PbzXD4xfJ0JamO9lweH8Sr7DunXv0 CrYNn9IwEzUSYaOo/ctvkjjbByfSZggB4XM214uSYrfrpQ6TOuoILmma6KlI3GuKBKjm cffZ0jvs4FNiQG5cZy6ACeSyCIfYfPcAinc/C0I/Z5H0ZgTwHGtiMxpt2zO4+nzonv3k d2+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=uVHww6Tb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k8-20020aa7c048000000b00525433cce6bsi4510370edo.521.2023.08.20.20.39.11; Sun, 20 Aug 2023 20:39:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=uVHww6Tb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232288AbjHUBTe (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50674 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232269AbjHUBTa (ORCPT ); Sun, 20 Aug 2023 21:19:30 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 636FC9C for ; Sun, 20 Aug 2023 18:19:29 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id DB07762605 for ; Mon, 21 Aug 2023 01:19:28 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D164FC433D9; Mon, 21 Aug 2023 01:19:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580768; bh=hlfPMB76muHx2zFyaDw6ambZjeXjtNStPq4AfGznGPA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=uVHww6TbCRJe7oSuQNr0dsihjR5BCV7N9tGZhwO5cw0NP+FAeBkqIqf97N2yKnK21 5JDdNVzZ4qiDZ0Q6/K5xfoHvif7cDXKLCffYkMVxup/D/et1QT1GKSBbwg7oC8U2Jt XZ3VPjYSt/5Aww6q2VOTzPML20CcSCK6fjiBGh8puMOHoIyutLU8ZHi835YAZyHv3b JM40H0J7OHWOYdL8y4KMUbM15gqoigiFqSygJ37BfjO7BsZssEP/ON78qeY9Vsl9w7 0QQhU+zJZ+yVby28nEtMk5N/Nf9GPjjFltwa0aAsJTKe2kzP815K7sTUVDQ+izMMuA nq39x1Jj9qzNQ== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status Date: Sun, 20 Aug 2023 18:18:59 -0700 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774808385926941485 X-GMAIL-MSGID: 1774808385926941485 Booting with mitigations=off incorrectly prevents the X86_FEATURE_{IBPB_BRTYPE,SBPB} CPUID bits from getting set. Also, future CPUs without X86_BUG_SRSO might still have IBPB with branch type prediction flushing, in which case SBPB should be used instead of IBPB. The current code doesn't allow for that. Also, cpu_has_ibpb_brtype_microcode() has some surprising side effects and the setting of these feature bits really doesn't belong in the mitigation code anyway. Move it to earlier. Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation") Signed-off-by: Josh Poimboeuf --- arch/x86/include/asm/processor.h | 2 -- arch/x86/kernel/cpu/amd.c | 28 +++++++++------------------- arch/x86/kernel/cpu/bugs.c | 13 +------------ 3 files changed, 10 insertions(+), 33 deletions(-) diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h index fd750247ca89..9e26294e415c 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -676,12 +676,10 @@ extern u16 get_llc_id(unsigned int cpu); #ifdef CONFIG_CPU_SUP_AMD extern u32 amd_get_nodes_per_socket(void); extern u32 amd_get_highest_perf(void); -extern bool cpu_has_ibpb_brtype_microcode(void); extern void amd_clear_divider(void); #else static inline u32 amd_get_nodes_per_socket(void) { return 0; } static inline u32 amd_get_highest_perf(void) { return 0; } -static inline bool cpu_has_ibpb_brtype_microcode(void) { return false; } static inline void amd_clear_divider(void) { } #endif diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index 7eca6a8abbb1..b08af929135d 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -766,6 +766,15 @@ static void early_init_amd(struct cpuinfo_x86 *c) if (cpu_has(c, X86_FEATURE_TOPOEXT)) smp_num_siblings = ((cpuid_ebx(0x8000001e) >> 8) & 0xff) + 1; + + if (!cpu_has(c, X86_FEATURE_IBPB_BRTYPE)) { + if (c->x86 == 0x17 && boot_cpu_has(X86_FEATURE_AMD_IBPB)) + setup_force_cpu_cap(X86_FEATURE_IBPB_BRTYPE); + else if (c->x86 >= 0x19 && !wrmsrl_safe(MSR_IA32_PRED_CMD, PRED_CMD_SBPB)) { + setup_force_cpu_cap(X86_FEATURE_IBPB_BRTYPE); + setup_force_cpu_cap(X86_FEATURE_SBPB); + } + } } static void init_amd_k8(struct cpuinfo_x86 *c) @@ -1301,25 +1310,6 @@ void amd_check_microcode(void) on_each_cpu(zenbleed_check_cpu, NULL, 1); } -bool cpu_has_ibpb_brtype_microcode(void) -{ - switch (boot_cpu_data.x86) { - /* Zen1/2 IBPB flushes branch type predictions too. */ - case 0x17: - return boot_cpu_has(X86_FEATURE_AMD_IBPB); - case 0x19: - /* Poke the MSR bit on Zen3/4 to check its presence. */ - if (!wrmsrl_safe(MSR_IA32_PRED_CMD, PRED_CMD_SBPB)) { - setup_force_cpu_cap(X86_FEATURE_SBPB); - return true; - } else { - return false; - } - default: - return false; - } -} - /* * Issue a DIV 0/1 insn to clear any division data from previous DIV * operations. diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index bdd3e296f72b..b0ae985aa6a4 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2404,26 +2404,15 @@ early_param("spec_rstack_overflow", srso_parse_cmdline); static void __init srso_select_mitigation(void) { - bool has_microcode; + bool has_microcode = boot_cpu_has(X86_FEATURE_IBPB_BRTYPE); if (!boot_cpu_has_bug(X86_BUG_SRSO) || cpu_mitigations_off()) goto pred_cmd; - /* - * The first check is for the kernel running as a guest in order - * for guests to verify whether IBPB is a viable mitigation. - */ - has_microcode = boot_cpu_has(X86_FEATURE_IBPB_BRTYPE) || cpu_has_ibpb_brtype_microcode(); if (!has_microcode) { pr_warn("IBPB-extending microcode not applied!\n"); pr_warn(SRSO_NOTICE); } else { - /* - * Enable the synthetic (even if in a real CPUID leaf) - * flags for guests. - */ - setup_force_cpu_cap(X86_FEATURE_IBPB_BRTYPE); - /* * Zen1/2 with SMT off aren't vulnerable after the right * IBPB microcode has been applied. From patchwork Mon Aug 21 01:19:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136399 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp3036176vqi; Mon, 21 Aug 2023 07:18:14 -0700 (PDT) X-Google-Smtp-Source: AGHT+IErK5Vh1+E9xPZcTCz+hVKZpys3UE2oBYHtF/ShVFNQzX8iwO58+RcopCkqt8oVxv1Jbv/a X-Received: by 2002:a17:906:cc4c:b0:99d:dce8:41d7 with SMTP id mm12-20020a170906cc4c00b0099ddce841d7mr5160883ejb.12.1692627494035; Mon, 21 Aug 2023 07:18:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692627494; cv=none; d=google.com; s=arc-20160816; b=K8d5EYlT+PJueMLNOOdr/+tr8wKNE8iOV/zWfd/Cs6Ia93f5z5vrWNYxK6h61aQUVL 2gVCDIVwHv/KzlX/V6Zmnu6eiLnFMZZpdhqMoxx2cen7v2LowxzmoSZQ8eykLRvN/zUR +aMRxMz+5VecG7roPNekfqJ6wYCs5fSQgX8SGGZYUVFtHc5yYNHcF/Jcrm9krmaXMLZV nLOlsTw+26SpIDFmdUvjup2EbyftqB5TQimNH9NRm/4i5MzXsiXlYlTetDTf1EWef5hF xh5ZTnvimwiqqRnVadvljWje7+Ur8rL+D+sTEMBYoVg2OVyYUAyY2Iv3LDj5V1Pdv/mg Osaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=L/dzgkxQA+In6HfB9p0CxR1u0ZUKsUyMntA+nVc6ASY=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=SvQslYox/zaRMTe6IUJYZHUv7z5Qal7U9NdPdP9JOZqqfQgOjUVnX6mdniiVbG7dYZ NqGlgGOWuWQ26QO2QMGMjrfXIVdrjRv6G0TVjvxrfLDwhTFtkqqKjnQ/1UhOR/54Whew rJVrn05+RphUq3whSe6cva20wXKlR7eDH45JIoxXDn5nA08d06a1VK57tOO82xkB9eCd GINctsYDqHYhf7n3qLgGsNvrapkkouYifYTCfyERS+TvdvhTXczFz/Wl6Adxc6zw9EQM 7P3V1r5kTGpU/iR2HNnNsR0kR40RXvoAyG7qg6vnbB+xhI0V1jnhBarynoCl8MOgLbAs Naug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rXszqG9h; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h16-20020a1709063c1000b0098da7ffc5a2si5576370ejg.222.2023.08.21.07.17.49; Mon, 21 Aug 2023 07:18:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rXszqG9h; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232299AbjHUBTg (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50688 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232273AbjHUBTb (ORCPT ); Sun, 20 Aug 2023 21:19:31 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E51D8A0 for ; Sun, 20 Aug 2023 18:19:29 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 7719C62600 for ; Mon, 21 Aug 2023 01:19:29 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 72EF5C433C7; Mon, 21 Aug 2023 01:19:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580768; bh=DW3Rkm64vuwtwMBbIqCA2GpSEy3gnsoalKuEuFJJaWA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rXszqG9hnuzM5B5aORpcJM5tFbtP47DwlBt7MX4jqQcPs1Vi0T7hd151utynjdkf8 P+TF4obMZ7dlEgLmkl5eh+zDf/ySNWvOmoCauwHrJ0ZL55i9Yo8xLvzsEpdO32RY/k oCzenoJe+M77+MIVT+m0McZil227wB+kjSqQZGne3I93oqWuqan16w2/9jHwf5kiFP Wj9oK3wXDHuL/QDHs+9XXwhs1az1c+HWXtojP8LXX2tjNk7ISgBBYTPiHX3U0wgdt6 HrxwmiIqoesxLDA942+qurp0XondanfqJTFPyad0g1WH5FRMBsRHyM6IEejydodvVl bcW9O0sdSQ5iw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 03/22] KVM: x86: Support IBPB_BRTYPE and SBPB Date: Sun, 20 Aug 2023 18:19:00 -0700 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774848567167145441 X-GMAIL-MSGID: 1774848567167145441 The IBPB_BRTYPE and SBPB CPUID bits aren't set by HW. From the AMD SRSO whitepaper: "Hypervisor software should synthesize the value of both the IBPB_BRTYPE and SBPB CPUID bits on these platforms for use by guest software." These bits are already set during kernel boot. Manually propagate them to the guest. Also, propagate PRED_CMD_SBPB writes. Signed-off-by: Josh Poimboeuf --- arch/x86/kvm/cpuid.c | 4 ++++ arch/x86/kvm/x86.c | 9 +++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index d3432687c9e6..cdf703eec42d 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -729,6 +729,10 @@ void kvm_set_cpu_caps(void) F(NULL_SEL_CLR_BASE) | F(AUTOIBRS) | 0 /* PrefetchCtlMsr */ ); + if (cpu_feature_enabled(X86_FEATURE_SBPB)) + kvm_cpu_cap_set(X86_FEATURE_SBPB); + if (cpu_feature_enabled(X86_FEATURE_IBPB_BRTYPE)) + kvm_cpu_cap_set(X86_FEATURE_IBPB_BRTYPE); if (cpu_feature_enabled(X86_FEATURE_SRSO_NO)) kvm_cpu_cap_set(X86_FEATURE_SRSO_NO); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index c381770bcbf1..dd7472121142 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3676,12 +3676,13 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (!msr_info->host_initiated && !guest_has_pred_cmd_msr(vcpu)) return 1; - if (!boot_cpu_has(X86_FEATURE_IBPB) || (data & ~PRED_CMD_IBPB)) + if (boot_cpu_has(X86_FEATURE_IBPB) && data == PRED_CMD_IBPB) + wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); + else if (boot_cpu_has(X86_FEATURE_SBPB) && data == PRED_CMD_SBPB) + wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_SBPB); + else if (data) return 1; - if (!data) - break; - wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); break; case MSR_IA32_FLUSH_CMD: if (!msr_info->host_initiated && From patchwork Mon Aug 21 01:19:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136402 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp3057628vqi; Mon, 21 Aug 2023 07:53:23 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHMxJKSGBreFAGTv6EP7KOMFfbpXu6NmmLUavspJvSxpnZLgaPYA+eGDtCYeCdqG2Thp0gH X-Received: by 2002:a17:90b:4381:b0:263:4815:cb9a with SMTP id in1-20020a17090b438100b002634815cb9amr6187250pjb.41.1692629603519; Mon, 21 Aug 2023 07:53:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692629603; cv=none; d=google.com; s=arc-20160816; b=fOGfxZRjbQ76Jes00KXm5CY+E3wLiVD8MAshWOzAQrWNlbzcT+ndktWJuEnC9Ixrz5 xhHRshucl3Z6ibjtccUQRLnNlC+i2gY8Uh2hwRe2yunfk5Xp+v4hHcCj/DYD6TiRMwkt nQYljBI+YijpfjcE6DnTAVah8QsE4kefyzSJtOUdzZAXpdwPqSA3GkmkuWGWTZZIyY5K AW4uYoW/tWegP7HsgGGrkclL+PsHDB001sIjJ4U24Yn3vmwT4DxL4s8xD5bw6Fb4VqNR CB1eybu8/OtyZcHqbPtKQWqgVKK4C5+Xi6TlgbDvOc+0QZx7W7XFKt15r7ZFpExLRyDY x7eA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LR1WuO7Rd11jdpaoxMTVIscNHd/g6pPAM0I8qNb/xC4=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=JXgEdXykLg5qgZ825X/TUqgrvBWpWbEH+OBTB8qbuatjDNMIYnN9ZbG2gNFzlgd2M9 k4kgvsJ6zlC+dj3G/K23DFQHXZoQcQjG52VscsQDWLzR7p6DgjmkOpwtgOE3clkSgLbF zEtBGEUddmWDQ9/nLMY8M95i8xQci2YTF6iy9deiJ6qy3+9Joc2eiF8QB4aaMl275B3n n+swwwp573+vMI0jQptekWS0pB84axTav6VF0LlUpLXQqu+d66OgjU4qAtE/f3nfJf7+ 25HXhdv1RrnX3gRSSG5fGzA6uYWXoXHvt5CM7H3fDQIxINig69YDaqHjzLgCvhXhYQFT Evwg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=DFLMKfTy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id js23-20020a17090b149700b0026390b4a4e0si8999688pjb.124.2023.08.21.07.53.09; Mon, 21 Aug 2023 07:53:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=DFLMKfTy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232308AbjHUBTi (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232276AbjHUBTb (ORCPT ); Sun, 20 Aug 2023 21:19:31 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 46B60A1 for ; Sun, 20 Aug 2023 18:19:30 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 270FB6260A for ; Mon, 21 Aug 2023 01:19:30 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 11528C433C9; Mon, 21 Aug 2023 01:19:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580769; bh=wseebdWJGAG73aEf4oxCFFQ8XYhFMGqIJFkJEq0d3CE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=DFLMKfTyvmgfnWU15SexbYLc/zp8Rh6RZFrJdG+wh44jKu8nu78reOnXMBf7S6R6x DVDvl5Gz+FfL0AOjtsglr9Y41+A/T43NvyF8QSXAv8ohejPea4faN4Z5cRnIhBCLkU x0505HAbqP/g5Ix1OFB2gF+nDzA9nkatLKU2JfT/4/6YOVh5Z5LfwTd6kKVPZYPpNb 4uCY30PcXeTd9OvxSsMLbvb1hkvyY99OKK/7Qqqvlcz440trlJslhgwtcpLZOjdLI0 Gv5bm6F4zk5ri6h3dLHs9YS4PTNf58Szah9G497rkCJrxag92CPZkjMPa0hlBni9he i98CohRGFBX3g== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 04/22] x86/srso: Fix SBPB enablement for spec_rstack_overflow=off Date: Sun, 20 Aug 2023 18:19:01 -0700 Message-ID: <23a121e309d5e880eb35c441d9bdfa642d6d59f4.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774850779019500510 X-GMAIL-MSGID: 1774850779019500510 If the user has requested no SRSO mitigation, other mitigations can use the lighter-weight SBPB instead of IBPB. Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation") Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b0ae985aa6a4..10499bcd4e39 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2433,7 +2433,7 @@ static void __init srso_select_mitigation(void) switch (srso_cmd) { case SRSO_CMD_OFF: - return; + goto pred_cmd; case SRSO_CMD_MICROCODE: if (has_microcode) { From patchwork Mon Aug 21 01:19:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136317 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2773771vqi; Sun, 20 Aug 2023 21:07:40 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE6uPnyJTogT9R4EA3HMH1reVLiB8XJ7KZbHpDRWA/xyiqtUTM7gNDJTnWMGmeWspgtPXPr X-Received: by 2002:a05:6870:5608:b0:1bd:55be:5880 with SMTP id m8-20020a056870560800b001bd55be5880mr7803904oao.42.1692590860590; Sun, 20 Aug 2023 21:07:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692590860; cv=none; d=google.com; s=arc-20160816; b=AHLNHPehWci0AhpHDOSdlbIxNqo45cmBKENyLDTrvQS9VPj2S5IlatqeXlthKs77/v cPWNuvDAEge6OQrXgrTXrg4rmvuWtsCD4If3GoWuFlqaoQK7aGHkLAG6pj1jTjRECzeh b0ZsZt694p987TS0NEG/zLBjj6HcqDUpMeySWDzH91IsIcnZy/2xZKIvHdHsMV3uae6w Vt18PjmmItjpdjVea2BodvFNX00+qysCdgjHXrz9OAjFeaLTt29LWD9IyAjgDa83cuN6 orRlZdKSAGKnorYfWGlv0dbuzAD5bpkQEoMEC851LN96F5i5PSkY7pX4P6N9oQAflEQj ZTpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Q9+zy2SRPuRmibaN2flqwDs7CA6eGS+zSAAhtpT3NZw=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=05UJqDQiEsrdheW4dsZuHdc4gLrISgb6mqVnPi24jFE2i3Nv6oiJBPrAV7OO4iYLXa 8t8b++t9Dp6EL8eg4SW8byfCmdTU7+hTSwtU6aCXxk77RWLny0YczU8TaV0hkBZgyBie vKq2h8GP5JnKPltzmiMQbMvkO+A1j7seQ2rqaMl3PtComuQDGjvvnoku2a3clO0+Y3AC zqHGqFjcyRnfq1DNluiYEf0oU+ouIYHRmy7QJhdZoxoqT26r0M/3+StM97yFkNT5wm0U 07fXdM32wHIQZtfrKIWdC2EDJI2zE6kE9FclI8I3MYEfVjWQyGUxxbNhXB9V3lmwKvD4 08Hg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KFfuS7gl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mv22-20020a17090b199600b002632a1243dbsi7744307pjb.104.2023.08.20.21.07.26; Sun, 20 Aug 2023 21:07:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KFfuS7gl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232314AbjHUBTj (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232280AbjHUBTc (ORCPT ); Sun, 20 Aug 2023 21:19:32 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF7BF9C for ; Sun, 20 Aug 2023 18:19:30 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id AFAA762600 for ; Mon, 21 Aug 2023 01:19:30 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id AAC1BC433C8; Mon, 21 Aug 2023 01:19:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580770; bh=1JVPtgGBWI8sOMGshKa4etXbpP/NdE2A1szA4ieQYNk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KFfuS7glWuB7Z2a4DrXLRwBdhw4LYC7XgZB020eMoUN/861t1bqyK8TDkfN4PfKfx 0e3+jDBLlBLZlXKV00lAyvmGJSsyDlV0ix4cm467fYgNWHRwya23LDr56yvEYVJpBS kBAa0OZFOwwDMsoa9eTq9Pc+ErWD+utTnJQ5VfUngbeLk0S+eLucJkKEdjsRUvz7eZ j4zkjZ6tJQAxM7rOLtmTXMwPivQuI6hBBgMoTfzqKsl4CXeys1rUPpcUL5ZQoCsWED n+eorHqQLuSbYXV2IDzPggmRM8i7YBv1PPugTlNR2HlVd+XZSsCexu5fsDfZFAUp/7 rQGyBL+YfS3vQ== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 05/22] x86/srso: Fix SBPB enablement for mitigations=off Date: Sun, 20 Aug 2023 18:19:02 -0700 Message-ID: <141c92f20ab46cf0c028e86b946134cd702d0ea5.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774810154348005942 X-GMAIL-MSGID: 1774810154348005942 If the user has requested no mitigations with mitigations=off, use the lighter-weight SBPB instead of IBPB for other mitigations. Note that even with mitigations=off, IBPB/SBPB may still be used for Spectre v2 user <-> user protection. Whether that makes sense is a question for another day. Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation") Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 10499bcd4e39..ff5bfe8f0ee9 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2496,8 +2496,7 @@ static void __init srso_select_mitigation(void) pr_info("%s%s\n", srso_strings[srso_mitigation], (has_microcode ? "" : ", no microcode")); pred_cmd: - if ((boot_cpu_has(X86_FEATURE_SRSO_NO) || srso_cmd == SRSO_CMD_OFF) && - boot_cpu_has(X86_FEATURE_SBPB)) + if (boot_cpu_has(X86_FEATURE_SBPB) && srso_mitigation == SRSO_MITIGATION_NONE) x86_pred_cmd = PRED_CMD_SBPB; } From patchwork Mon Aug 21 01:19:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136339 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2835659vqi; Mon, 21 Aug 2023 00:22:11 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGP6YmRoaN/BnIneQbjBPC049DUwmDdweg98QKSxcy5g3/p8zZCkUn2QwAFDjSu4ZBgIwC7 X-Received: by 2002:a17:907:7623:b0:99d:f0e8:5623 with SMTP id jy3-20020a170907762300b0099df0e85623mr3995058ejc.54.1692602531627; Mon, 21 Aug 2023 00:22:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692602531; cv=none; d=google.com; s=arc-20160816; b=b2TRM64GG5Lbj5V5igWNMIUVh429PVu2ghELNHYenBZyh+PvF0sF/zEd5GhCnmrTow EELOna+93O8YqRfuyk/o7sEw2e348js/vjQ2VXqzQxuoWZzSNHZCW5Y9EMMQb82rsTjK f/XJ791LncWi5yRtPXP4/t2YM70p3zNlh4JZhYoKqLfec7uENh7uEn+3VqSsVFEdIbO7 MgxcMYR79M8psBioaVsdv755jeRV3MmiIujiJhOA9muM/gKyq9V3cjWpUzxnZw5WFe0r jBRYLOTRFq/ypwYT2DxJFjraHxUd+HwOS9JvFE7TjIAy572Tf4OZIFmBmb/qiQZ9cfpI JydQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=s0MyYfbr/zSpDGwWfNM+i44fvpgkz/Dn8Ju/FDoOLXk=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=bg8XioPhgDbY0KyguZ6jaMEVxbwY8JHGCVxlhCkQ7OIwOJl5BxyHb9JpttTFWEwJMx QuHPfUTTrC2uNsi9E6FAdxeqxaSNUcrYfzW9G6y9Gtk83KBiz2S4Gcyb/Vt50A0f6Ibj yORXRljmMmAD82hQsk3sURX8uccWOSq8hEkIqEY5+j+6+Pret2Fg610fXaB4IHe5BRKt rZ7hO3I5POyuw4wFxHYm3oLoZxuzDh2DuUGmh0osHWi1CO7hduPPMo7Dv1hNAMrWqlwD rThlzqbwqlbrdEAsC9wbBG2C1hgPbFuHSjtNIXW1gmg1N7IgWWtUgEWD0tGXMA0YeFD4 MMTg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=twdOzBuS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c5-20020a170906154500b00987d66e6d26si5105474ejd.250.2023.08.21.00.21.48; Mon, 21 Aug 2023 00:22:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=twdOzBuS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232303AbjHUBTm (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50708 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232282AbjHUBTc (ORCPT ); Sun, 20 Aug 2023 21:19:32 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 69B0BA0 for ; Sun, 20 Aug 2023 18:19:31 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 499FA6260A for ; Mon, 21 Aug 2023 01:19:31 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 467B2C433C7; Mon, 21 Aug 2023 01:19:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580770; bh=KnSxGMkMYqvVYSB4k0ly/1z4B47bW+EAymF48KXoKGs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=twdOzBuSlNbaNUhUJKLguFajHFuYhRj99egxZUqQbBAN93TX5JeOXCF+7NfpHI1f0 yUkLU2fn9rKUryEVu3QwMIsjJ5yftsBx3N/sgun+62ND9HOoFeTgNxqdiY2+LVXWjq I99XYW6BVnmek0yhxCMRGAFkT7o2bWmxa1gjy4JYCBEF6lvUqtQUmilBG2KqyLphD8 okqCa3QIfTNP38JH1G6C9erGMuxtYt0ItSDBtTSqge0nLX/NKpxQRJaB/0WhuOv8e4 2FrUGKda3ISIVPzQAN3qq3lrUcoGabfd3m5Ui3pwYy5uwW4wUPhuQGFCQBauwqYEaX 38bAZBjyow4+Q== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 06/22] x86/srso: Print actual mitigation if requested mitigation isn't possible Date: Sun, 20 Aug 2023 18:19:03 -0700 Message-ID: <6eaaf0680dc8c57a5c61e9445b589169371f50a8.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774822392357223676 X-GMAIL-MSGID: 1774822392357223676 If the kernel wasn't compiled to support the requested option, print the actual option that ends up getting used. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index ff5bfe8f0ee9..579e06655613 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2461,7 +2461,6 @@ static void __init srso_select_mitigation(void) srso_mitigation = SRSO_MITIGATION_SAFE_RET; } else { pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); - goto pred_cmd; } break; @@ -2473,7 +2472,6 @@ static void __init srso_select_mitigation(void) } } else { pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); - goto pred_cmd; } break; @@ -2485,7 +2483,6 @@ static void __init srso_select_mitigation(void) } } else { pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); - goto pred_cmd; } break; From patchwork Mon Aug 21 01:19:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136351 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2872491vqi; Mon, 21 Aug 2023 02:02:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHLxVJRkYjsLCO3K++1gsXj5Kypkm+1SDCWZZrcwnH3cE6/SI8pv+C2S0DtErCsg6fPkHPl X-Received: by 2002:a05:6358:9995:b0:139:bbae:1f3 with SMTP id j21-20020a056358999500b00139bbae01f3mr5791597rwb.3.1692608540309; Mon, 21 Aug 2023 02:02:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692608540; cv=none; d=google.com; s=arc-20160816; b=R1PO8Sy65fF0vqdgnE6KzMAVB6JcTZSPcI6PgKsYyVvtG7WergMVZUR61N2mGn0JjZ Ib8piwqTFmclbUpXFcrUGF4nRlVs3npx357BXNMtdoKdSNYPCKFi7evOcdVJEbMEv1pA AT8bhetK1xgYRdDFLozEnX7bmgw+KWzjY9Psc3+n6enPey4Ma3ROXm6ZvQ5nryX5UBkM EnNaIFfepXyb3w/E0PalSYOvZOxEM/KcTDxTWQmBcPZfRapp65iM3ZhyYt3B7HWlBcqv f27IOfR+jd8RdAWvjE96SdjSNu+PwCWQO/xSUBBDG/oGa5Jgj9bf5PAyvxyKEEfOM724 ucKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=z0/rY5B4XZUfsGhO18u+SSDC6llrrhTh+sGPNS59CpM=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=e/0RFw6FxidNSW58/UkZte/NXxGZsT7B3tAhq1wISmoIt975FXAfiPOoSy9O66Y0Jn vVz/gOYl2aVz+27muk8/h1u6pVKCFLLLY+qRcKh7iksL4/7rC2M6XlcN30z0sSmsEtDo 3JBe9OHTujELlG5J+JlzwDs0PQiVEO1NizPAXhLv7LFZk0RDfywsL0p6BGa0Cb07/KGv d6tHkNNe9Tmt+sPXtIvjiRXrEybRmjArukEPR+6ZqxuLH4YcTgi45My0osElkehnBC44 9QF3z9ZSKx/SzzJrobyaoxE5CcG8rEF4g14nnIJJuuplhrvKYjrpErCnD7xzTFHashz0 kLpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=F59GOysq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bg26-20020a056a02011a00b005649974da2bsi7108290pgb.526.2023.08.21.02.01.52; Mon, 21 Aug 2023 02:02:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=F59GOysq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232322AbjHUBTo (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50724 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231990AbjHUBTd (ORCPT ); Sun, 20 Aug 2023 21:19:33 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 52B4FA2 for ; Sun, 20 Aug 2023 18:19:32 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E3CAA62600 for ; Mon, 21 Aug 2023 01:19:31 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D4D69C433C8; Mon, 21 Aug 2023 01:19:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580771; bh=7OD1zp7lr2PeEyb0O+J7TBAKnhNO6d4kRxvr1UurTik=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=F59GOysqAGXkeXnL9vWGqNksVL1+q5aWBxtkN2TbI5k/4dOczZ6gZ/Fwtr7oUAms1 B7kPx6ahvKp1ZOt9BY+ncB1OayolammlpJ9PcUmb6fzYKFDsW8IRHLksK1eTLpyZn1 Y7ocf0BSyvXfbavZc3/PeR2jB6DyCabXybUuiuk1WbVG8vCxjQr7D2aoVqrFMnjarw OIOOXBIEgm3lz+tz3kAyBexX1od7rgNME6nzSecq0wL/5C6A/iEVMuXdDceZaiBbYv Zz5AVsH5SK3DSAuZDpvcsU8oFvz7H98k0r8HPcDkhMdXSiNbqSmL4uixEpKj8YvqRQ R5Zx5N2NKC5Mw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 07/22] x86/srso: Remove default case in srso_select_mitigation() Date: Sun, 20 Aug 2023 18:19:04 -0700 Message-ID: <9e913c461707372017d8b9a53491dc8dcaff07dd.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774828692757347893 X-GMAIL-MSGID: 1774828692757347893 Remove the default case so a compiler warning gets printed if we forget one of the enums. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 579e06655613..cda4b5e6a362 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2485,9 +2485,6 @@ static void __init srso_select_mitigation(void) pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); } break; - - default: - break; } pr_info("%s%s\n", srso_strings[srso_mitigation], (has_microcode ? "" : ", no microcode")); From patchwork Mon Aug 21 01:19:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136417 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp3159579vqi; Mon, 21 Aug 2023 10:34:29 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGSQM8t1fS8A6nEZOHLtWNhJaOUlSlHwrj3jkn7NSEFSzYCaU2x/yi670ilA3tah1xiZCDH X-Received: by 2002:a05:6402:328:b0:523:d51:bb2 with SMTP id q8-20020a056402032800b005230d510bb2mr4794101edw.15.1692639268826; Mon, 21 Aug 2023 10:34:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692639268; cv=none; d=google.com; s=arc-20160816; b=lBGCWzEOVJ05pGD8saOmYFnbX/T14h+IDNm8zt3bt1eWrR7YgPv0dPVm9GWFIR5LwV hqU5HFyQ+PRZYwMO+2SLAiEK3fpQlYHgFDxVHdJTkibSH19MxCMDSoTyq8BFoD4vd5C3 KPVQKn+jotftfAJHHrHVZvV+rftzHOtq9Q150aVvkSRlZu74RegO36znLZobglLQGcZU UO6We0+ged11j4KUH8/UVBDwJBQwEt6TFTBPQI4hIXdSC5T5rdo2pXcnDCoKibH9AGiK AkJ5RaGzpzTvDuUeC4X1SbX8/zZK5jIhOA+ii9erooIqnXHfEzQibXQfaHUXR2NeA7mu tIrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=MCKjOZWpTkOnGePvn4jNiH4WETnMuoNtrl9uo5cwUoE=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=pxap7yWA2yNepky2Jbag0f+CKNESv5iQF3aFYt089taQBjZSUAoRAbqjOD/4c0RB0A QT7CSr61L/UCMKaCpOtcXng6XiZeHklZXCPmyDMFK1uGpJME7WR6J2okCu+5zo9jX8x8 9WzPRa5TeY/zNhOce2XKnRlki7mOTRqN2nFbjR6ba6FMF8SE70twzQy8jcHSbTE/Y9/Q GMy0Cuw8nIlFs9HLG73s1MGSahXR7srsyluOWy3hNrcjyKhVFSYgdoG14BDDV45d1Ohy DHKe+PAe3MKIGRWzGPaB71kea+2+NmL0TV3OhdUNsqdQNtNQVvfGl9Jm1hFYJ+8ZxYh9 dudA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=m99+o8lR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r26-20020aa7cfda000000b005256a490778si6224145edy.477.2023.08.21.10.34.04; Mon, 21 Aug 2023 10:34:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=m99+o8lR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232338AbjHUBTn (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50732 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232289AbjHUBTe (ORCPT ); Sun, 20 Aug 2023 21:19:34 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01F78A4 for ; Sun, 20 Aug 2023 18:19:33 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 8D27562615 for ; Mon, 21 Aug 2023 01:19:32 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 79C6BC433CA; Mon, 21 Aug 2023 01:19:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580772; bh=NTl9fdPPfPDx8+1IGrlnxPkd/+/wfToU8TRoq+9rVe8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=m99+o8lR6uGYFUrOy2rSvW7qagnSCow80eFcsbu5nVPZ7aLr1uZIZ4ywNY9BfB4gl B9qkfLjMb6OutWgdviC/DMtHPZyvEmLC5MVOUPYgvdaJZWx2e9dWPjJ2eeDCHPMMAU LAWjELmOXaoWSZuCZ92HIIlhb7qiyBpo+KiVjhVGzVtpT1b/v8EvaGB/kzPSei/NKA h1zmB9T9c/9k46ruYuu3oy1+LzyEm7QDS6ijFT0U6jdFylDk1V28ve3INlZIvQngjA E5yEcWtlGd7c74NaWtG9XhGhRsGutRZyAbXzNJkRfDc0AxSndPXKH20jAO4LiRqRZA hKT8QRUQQQd5w== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 08/22] x86/srso: Downgrade retbleed IBPB warning to informational message Date: Sun, 20 Aug 2023 18:19:05 -0700 Message-ID: <49b321ad997bce6068c694a6cd0ecdcd5cd2a1e4.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774860913929024680 X-GMAIL-MSGID: 1774860913929024680 This warning is nothing to get excited over. Downgrade to pr_info(). Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index cda4b5e6a362..e59e09babf8f 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2425,7 +2425,7 @@ static void __init srso_select_mitigation(void) if (retbleed_mitigation == RETBLEED_MITIGATION_IBPB) { if (has_microcode) { - pr_err("Retbleed IBPB mitigation enabled, using same for SRSO\n"); + pr_info("Retbleed IBPB mitigation enabled, using same for SRSO\n"); srso_mitigation = SRSO_MITIGATION_IBPB; goto pred_cmd; } From patchwork Mon Aug 21 01:19:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136392 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2995094vqi; Mon, 21 Aug 2023 06:13:40 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF6sFBYVbBIlwCOaXtRXbqepTrF3j47fDjVLYbvbeNe9iPzECtRP17Re1s3M8knTHseHG5w X-Received: by 2002:a17:907:2c6a:b0:991:d05c:f065 with SMTP id ib10-20020a1709072c6a00b00991d05cf065mr5295164ejc.52.1692623620087; Mon, 21 Aug 2023 06:13:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692623620; cv=none; d=google.com; s=arc-20160816; b=RA6HBNkfXNRwMYM3fid1ecngvQrSYxIOndhJzTgfC5tFif9JpRk10j1DNh+1vh7Vvw ps7Syw3LwK0nAK6TPUUWJovimTvAldOvNyq+KZYHBa4PLo5QtJ2Df611FMGpl26AdaM0 Kzm0htIENlOGJrCr9KP3PNUFofVVTEnKFguYHmfyeJW4KHUZbuPugyC3SNbdprW86yv9 5mg7xU0okqGOeA7Np3ZwUUcQ3dc2imad2RwEaDPN6jMURvPW5Om5KNET4dX+L2P1SeAv yUe9cD62xI5Lp3dXuOhHw/U8PfqzR2MOZXyXUJWGKeQvRaihtdUAAN9zRi51xVq9eD5i pPjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=sii0Fn+Jdl/cvsXJcDvZwWn+CSDAJMUyhkzWsYocDUQ=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=qILBlR3ukalHjgDCYfkoG7odpJncHDNy2vEK5IwXZkkJTHgM87K9dmEKZGyU+jv51E biTr945q20CcAa7E0p3wRfKyQB5UeAKkNRPfO6VT6BGoZLgR719rUWWW6Ea/tiA68zkl NBF22yg1xAOTvHfa4hKHjXql2YPOlpYO4Jdy4D5yaiHrB0j9yl3z1Q+68j8K0tNwxbuI t14ttPSpRnY+r0YBzrRjp/KdC5x5nqvDeY+hrLOCsEa+qz8P02WV46hBNPeGGGJefp3L fYQ5UkTYm8WtKQTe8F5Czw8zm4Y7H9G63g7uQbL+6HmkACRJfMJ1uyqTnbxuko3c4+3Z xsuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fDhgXkcU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e2-20020a170906374200b00982818cbb54si5820636ejc.593.2023.08.21.06.13.14; Mon, 21 Aug 2023 06:13:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fDhgXkcU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232359AbjHUBTq (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50744 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232269AbjHUBTf (ORCPT ); Sun, 20 Aug 2023 21:19:35 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3330A7 for ; Sun, 20 Aug 2023 18:19:33 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 29F5E6262C for ; Mon, 21 Aug 2023 01:19:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 22FF5C433C7; Mon, 21 Aug 2023 01:19:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580772; bh=cKXSzs/GUEvs26+fpizGrJrw9SNStmp/8vwJrE4ZCdU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fDhgXkcUW+RwnhthW7e0QlBAsWoDwl4x02V7AbBr9W5iHbVqPx00zYESASaq82EUH /13iJ8fBI4vjnsnfi8X3SSr6AzPX1lNk2Z/zyMXigZQCJUvPzORWXa06P1UufDRImA wVmTNfqgbZ/ZgSwrrSt66e90CVUKRlKaCOCVMZSSwn6kSOhQw76TpGz63hjluZMaCr o6a7G7Z4l5BWcFZh8+750eRs2C15QeD9H+7vbKSPnqmS+cp8uszYEMQ3/4TTXcAcOZ pg7qE19QGOm8/YcRKg1+7T5e3BCmZH6kBdeymsJtkE/vlDDhO0LGqvV/jtijeHN9z/ gfwTt4e9sFy+A== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 09/22] x86/srso: Simplify exit paths Date: Sun, 20 Aug 2023 18:19:06 -0700 Message-ID: <7ca5ccd02ba4a6fcf95d34764be79ded4d88c1b9.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774844505003671071 X-GMAIL-MSGID: 1774844505003671071 Send all function exit paths through the pred_cmd check to simplify the control flow and make it more future-proof. While at it, rename the 'pred_cmd' label to 'out' to make it clear that it's the exit. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index e59e09babf8f..da480c089739 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2407,7 +2407,7 @@ static void __init srso_select_mitigation(void) bool has_microcode = boot_cpu_has(X86_FEATURE_IBPB_BRTYPE); if (!boot_cpu_has_bug(X86_BUG_SRSO) || cpu_mitigations_off()) - goto pred_cmd; + goto out; if (!has_microcode) { pr_warn("IBPB-extending microcode not applied!\n"); @@ -2419,7 +2419,7 @@ static void __init srso_select_mitigation(void) */ if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) { setup_force_cpu_cap(X86_FEATURE_SRSO_NO); - return; + goto out; } } @@ -2427,13 +2427,13 @@ static void __init srso_select_mitigation(void) if (has_microcode) { pr_info("Retbleed IBPB mitigation enabled, using same for SRSO\n"); srso_mitigation = SRSO_MITIGATION_IBPB; - goto pred_cmd; + goto out; } } switch (srso_cmd) { case SRSO_CMD_OFF: - goto pred_cmd; + goto out; case SRSO_CMD_MICROCODE: if (has_microcode) { @@ -2489,7 +2489,7 @@ static void __init srso_select_mitigation(void) pr_info("%s%s\n", srso_strings[srso_mitigation], (has_microcode ? "" : ", no microcode")); -pred_cmd: +out: if (boot_cpu_has(X86_FEATURE_SBPB) && srso_mitigation == SRSO_MITIGATION_NONE) x86_pred_cmd = PRED_CMD_SBPB; } From patchwork Mon Aug 21 01:19:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136312 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2742200vqi; Sun, 20 Aug 2023 19:11:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFXhkSojc/mqTORaxpHyg0seG94SWVLGMZHXDrYqo9jW0FjFs16wKwqyD7C6BY9hFt44fnV X-Received: by 2002:a17:90a:708f:b0:268:13e2:fc91 with SMTP id g15-20020a17090a708f00b0026813e2fc91mr2722049pjk.31.1692583880247; Sun, 20 Aug 2023 19:11:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692583880; cv=none; d=google.com; s=arc-20160816; b=J/+II+mvDTFuyk78bcx2SK1EvKN7+gRUtvEwFLYtgAVoz5ZoxwpwJGbQDy2Use/Mhz 0+t3QEjMvR3aoWGG9ifu+kRuF7EaOpdRDbEtE2si6UnX4eV4qqG8UJmT6ZgXlZBk1HeL 628vEdAGmx4Agwld+Gzp/+CH9yyIF528ji/W8/o3j7x9gNR49Hfoe3mQB6EoeKLR6lZH qAwF/hF0csr1cAM60cnuu36uChVpaozGEvSQsQ3VkWvm6KQE0BLbo1b0jcqgi/fjvbp4 mBFkS1xY7HtEs0T0+/9hzjkNnHY+bCRnueHsbwaFf8scWQrnx5L5ydgPUNJAoqa/JO3T aczw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=S4HaWZn1/rhEF5sgIsF6cDMNQYa/3qC43R+TOrUCEfA=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=KNEdpxpsm81mLUM0RST441hTC9GzIiiiSx0EC4psh6OnS1kfz25PP2B4+jzYilEJ+q 1tiUYDce6VLzXhsbxpIAZUQ4yiO2AhjcLD2aHTuz96oPEe4fOtz/VgsQoMudvEg2pc1F IAPbnEnIGdl+bQoZlBqWqCP+WQSjoa6OYQfnQ7JfrzYAAYwNobSWZ5mmMSeJbaOOhBXZ HfEy8XEo1l0aT62HqfNQCKxTQmC05twxUigbi2WNSjpT7mqP0K26/4eg59+8I4kcW6J/ NsV6xkgh7eddOYZDwMpRucUqbxm/xyc6q1Ctj/gkVWX1hUIzMo4uFZ1bHee1e5O8v3hj zgMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=K7nvPO6Q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d3-20020a17090ad98300b0026d42d35d5csi5925494pjv.78.2023.08.20.19.11.00; Sun, 20 Aug 2023 19:11:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=K7nvPO6Q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232127AbjHUBTs (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50758 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232298AbjHUBTg (ORCPT ); Sun, 20 Aug 2023 21:19:36 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 26B51AB for ; Sun, 20 Aug 2023 18:19:34 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id B918962625 for ; Mon, 21 Aug 2023 01:19:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B17D4C433D9; Mon, 21 Aug 2023 01:19:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580773; bh=sQtvE37xPNADIY4OH0L1Ahw3y/Y1U2QJcyLmdprUEYM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=K7nvPO6QyQ4FnLPVo6C33788s2jlyehOdGQ6J5bjIlgOiRPV7F8CeVEr0gKiLAgsz gqICzXsnPAXNcI4gj1XgJ7qlLHlo2+IiLEETpaE1WzTa2dT1QW7iuY6F5vMy5mMcTp rwagEeKPpgA2jmVtKmvW5xOQmcrb+zfdLKN/towjobDAjqXkFIpu7ymmY20lVhH4Se SJxWoe3l+sHJYmnk3m+2O5GHmmUJY7N/0talOUh0o3ObGMQuvK9nVaOYye8BoAMzpX HQJb3FJ0HctEp5I6qN7NoKCw10XiV/akk7XUFApKBw424thH8PHsg5W2m/q9YLo4rc PK3vcoIUaHITA== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 10/22] x86/srso: Print mitigation for retbleed IBPB case Date: Sun, 20 Aug 2023 18:19:07 -0700 Message-ID: <3836b2e27c9537d95ecce2a1e33e53315176ebc1.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774802834963893186 X-GMAIL-MSGID: 1774802834963893186 When overriding the requested mitigation with IBPB due to retbleed=ibpb, print the actual mitigation. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index da480c089739..4e332707a343 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2427,7 +2427,7 @@ static void __init srso_select_mitigation(void) if (has_microcode) { pr_info("Retbleed IBPB mitigation enabled, using same for SRSO\n"); srso_mitigation = SRSO_MITIGATION_IBPB; - goto out; + goto out_print; } } @@ -2487,7 +2487,8 @@ static void __init srso_select_mitigation(void) break; } - pr_info("%s%s\n", srso_strings[srso_mitigation], (has_microcode ? "" : ", no microcode")); +out_print: + pr_info("%s%s\n", srso_strings[srso_mitigation], has_microcode ? "" : ", no microcode"); out: if (boot_cpu_has(X86_FEATURE_SBPB) && srso_mitigation == SRSO_MITIGATION_NONE) From patchwork Mon Aug 21 01:19:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136346 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2843024vqi; Mon, 21 Aug 2023 00:43:04 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHpG2Rh3rCL7G1YHy/QwvlSRtVlYdFcf1/QwWOgZIwAiWt1OR4A49sgeUBLW8gCLX6tbmZM X-Received: by 2002:a1f:e684:0:b0:48d:3983:24b3 with SMTP id d126-20020a1fe684000000b0048d398324b3mr1007867vkh.8.1692603783818; Mon, 21 Aug 2023 00:43:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692603783; cv=none; d=google.com; s=arc-20160816; b=U93zwG0lHsP/0jBFRBTSGe0vOUjvFpK9adey7DdEAatAYFaIDPmGhu3deChOxfq0Iu 9RtDMXN9Gx7fo8kjIn+qyrbGrMgAcd1EKJhZkHwzAJKhDblela+OCtQwYjpDU8v7i0SQ EhGu+hwssURFSItm+2M+JSJmmCzq2IgapV8+BBz1kDNuzkwScB5jq3LA6Kg7U4lXx+Bv OS27HuekvEKaPpTKlZuxuD5s25mGq0bvFEFhl8jPaWZfrv29oQnJHsAJZ0gvuN9gNvIR YSLjz+uvqsDLmGv0qYdlNaOiivr4iJtvBC6zjhEe3BYzOmshAHqEYqGEh0AlfSJdCWoz j1RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=eXxLkEREKIIciizRc0xe2bswr2sIK4wGoXKgwgRqRak=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=D852sk9MI308MXotwPVEmCX3eTXxiVrg38rOMAy2LJlr8BB+v+ufVKhQIyE6XIkbtF Cb5owRTyVdE3uEcobB8lhdN4KZ2KPQoOlINQXEdXSpypetYB2u47q/0WQkIx4lZ4Pf+7 PDgjV4aWj/Ab5lluKduRu35RUg04GyN/rFNz7aImfe8XMxG6CDE58VMZZoWFqvRZxOcP u19MK3f8NAjpBNaFLF4KvF1D7tUjABhnNMMh9cCRd7Tn8JS7zvMzZANYpqU1HtuTrxcq 8whjrmqPfpm4OBNAgj68+Nww5sTB3g/uXlLtRQ0ZlGeqWyzk5JxLOP+u5c3aMxKoo/47 CU0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UNSLVO+x; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g130-20020a636b88000000b00564bcae8b4dsi3793pgc.61.2023.08.21.00.42.50; Mon, 21 Aug 2023 00:43:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UNSLVO+x; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232331AbjHUBTv (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50782 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232302AbjHUBTg (ORCPT ); Sun, 20 Aug 2023 21:19:36 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 21741A3 for ; Sun, 20 Aug 2023 18:19:35 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 5E1996262F for ; Mon, 21 Aug 2023 01:19:34 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4CF0EC433C7; Mon, 21 Aug 2023 01:19:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580773; bh=EpkqZFYNSyZGV6nHO1Oxkdk31qPtS0UZWhnMgeIshmw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UNSLVO+xGzJj5z8TBvOnbkzLRAMDktwW0uiqRJk9thQ66Jp94Rxj+8+sixXrk91Sd hOSDngcwsz2qZqilN/1LVTOb/8pAQrde6MUx4/VCg/dhbnxGNwpmQuxp2I96PsD0sH tkWdQHEzYrz0ksUmegxHV9/xpT2KcpKB1FrwAe1HmlwiFEBmk0DM0Ms0oEHFcEq3NB 2vHxly6VIaIou6QKCkfldr4VmbFRtRW3bNGFINpUw6dUmZSO0n8tS0wcGrhvvVbRzf Y0nh7RlNCzqnqhaRLhwYSGEPrVcgrC2c/TuvzhSVPo3HSsgq7e36VskWuPLASDQ3X5 bWRUhXtHbG6EA== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 11/22] x86/srso: Slight simplification Date: Sun, 20 Aug 2023 18:19:08 -0700 Message-ID: <18b18b8709b72625b60156545a705b052646667c.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774823705111049241 X-GMAIL-MSGID: 1774823705111049241 Simplify the code flow a bit by moving the retbleed IBPB check into the existing 'has_microcode' block. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 4e332707a343..b27aeb86ed7a 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2421,10 +2421,8 @@ static void __init srso_select_mitigation(void) setup_force_cpu_cap(X86_FEATURE_SRSO_NO); goto out; } - } - if (retbleed_mitigation == RETBLEED_MITIGATION_IBPB) { - if (has_microcode) { + if (retbleed_mitigation == RETBLEED_MITIGATION_IBPB) { pr_info("Retbleed IBPB mitigation enabled, using same for SRSO\n"); srso_mitigation = SRSO_MITIGATION_IBPB; goto out_print; From patchwork Mon Aug 21 01:19:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136314 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2766187vqi; Sun, 20 Aug 2023 20:39:28 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHeBPfZW6gUVq3X0CBFqXepUdYXYdtYutSWtbXyDc30wNfcYggQzIdwy3es0Bj+c0JFZ3eG X-Received: by 2002:a17:907:2d0e:b0:99b:4867:5e1c with SMTP id gs14-20020a1709072d0e00b0099b48675e1cmr5519356ejc.28.1692589167860; Sun, 20 Aug 2023 20:39:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692589167; cv=none; d=google.com; s=arc-20160816; b=LeyR7SnZKl0DYbuSlRxCYTzpqeX3aWTgdQpt5HwO2I/gu9yqtEBNsoVoSPLj6WaYD1 jBiXeW5Yb4MUZkCoXouD7fvKWa8+ee9R5ivzO29kbcnB03EM6JtjPbTJ46rpU3NHDJJu m1A0zd+LMFz3TUh1V6RAF8xwya/YxGnS755NS86EGZdko+IuxoPVw3rb4c2tPYPQm+V/ uFNI9aOCOA5i0GeqhKHNSGqij9HBCGHMyaWYbseuEhgO/tXGypZDKvhy1gOG40D7qACA F6l83fROaFeUANs/MwPJCg/OokJUtIjLzP4l6JV08PabVzWkLhAM9u3a2zzuQPKPKgap sw1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=nk+u/Lcn54RzFEP0LBJp0QdU3sgUiVph5fmEyJ3Efus=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=P0rumt6fr2LqEH85wdVdspK8XJ6YdDPL+2/AbpUpFpe57t72iPfwwQh0VPqtVwh9ao bbIlcLq2VRRnHbfsJXtallyYcXMS3sm7TK1vz6nT2YYY3y0DVFzAjXAvOIHBfQX3KSS7 Z8e/v1LBqyUq+RCqusKlt1V0V0v7EJ55fMlwVkRbK2kqUnuLi7XFOCcIrAuboxCDYV1+ +Yqh9zROLJPgndz95O7IUG9SBiQqvnnb0Q6zN4QwZ6+ayZ/vNCTQER6vmaurTpiTGw5W 20DDU4xwphrgaHM1RMsTLjoK9Z/TSlt87FvoDOT9pC58caGlfBSrOWEQglldGMUujBqn He3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MaW4jMTE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k20-20020a1709063e1400b0099b6becb10fsi4627356eji.449.2023.08.20.20.39.04; Sun, 20 Aug 2023 20:39:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MaW4jMTE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232366AbjHUBTt (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232301AbjHUBTg (ORCPT ); Sun, 20 Aug 2023 21:19:36 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A17B99C for ; Sun, 20 Aug 2023 18:19:34 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 8182B6263B for ; Mon, 21 Aug 2023 01:19:34 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id DCD81C433C9; Mon, 21 Aug 2023 01:19:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580774; bh=+kH/vW1/0PRsTr3iUIGO8h94X0Xqn63vyQGLo/1oKrk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MaW4jMTE1TxgyOxgMgG/ogBAE0BrWr62wcLtNyv7r9dPJQ7Xa7riO00u1LJ+g/Vio ycBm0dQ657gT18X/tBSbqcdWWmIUrXSsZTTYDeHDxgkdAQ8WqiiM+djSb9sc78LA8E +xhxVIuZ2NDO3YFlVFDV16ZJKtVrJunznSkTEneQmN++NSvU6SLKhb3h+MLwGff8/2 PHK6F+0kMSJsIJwRGKFQpZxcJAv8fPR8ahHdx8THq+NOL5TR0wGSYMmYbSD5pThRph n8S0FIYNQaM1v6FaME8qKcpmIsLhIOdpZqmVoc6yNmvbTie7LZbvM1vga9bY/rKf/Y MUmMpgZNKT84Q== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 12/22] x86/srso: Remove redundant X86_FEATURE_ENTRY_IBPB check Date: Sun, 20 Aug 2023 18:19:09 -0700 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774808379331009856 X-GMAIL-MSGID: 1774808379331009856 The X86_FEATURE_ENTRY_IBPB check is redundant here due to the above RETBLEED_MITIGATION_IBPB check. RETBLEED_MITIGATION_IBPB already implies X86_FEATURE_ENTRY_IBPB. So if we got here and 'has_microcode' is true, it means X86_FEATURE_ENTRY_IBPB is not set. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b27aeb86ed7a..aeddd5ce9f34 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2475,7 +2475,7 @@ static void __init srso_select_mitigation(void) case SRSO_CMD_IBPB_ON_VMEXIT: if (IS_ENABLED(CONFIG_CPU_SRSO)) { - if (!boot_cpu_has(X86_FEATURE_ENTRY_IBPB) && has_microcode) { + if (has_microcode) { setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); srso_mitigation = SRSO_MITIGATION_IBPB_ON_VMEXIT; } From patchwork Mon Aug 21 01:19:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136400 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp3041204vqi; Mon, 21 Aug 2023 07:26:57 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHex0XKg8obVFquOP3xNh1PHsl5M5MufMyPM1T0aZAzVOD4T6E7u0Fnj20/f6IJ/tE7iWO4 X-Received: by 2002:a54:4515:0:b0:3a7:b011:8960 with SMTP id l21-20020a544515000000b003a7b0118960mr8587569oil.40.1692628017334; Mon, 21 Aug 2023 07:26:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692628017; cv=none; d=google.com; s=arc-20160816; b=q+djw/g02vLwshPc93vFdGY936FHcjR0klcY5YU0xeAjjbbBnJOymJfOtXBcbVro8+ iXOrx58x5AI4K2nhpAdWCiKVyGy+zLstXXnp/0hFmnE6555EiOdU1GenbJPIEE9k14K7 BQVvdzVklQcRG7DjD9e9VDPIJF+/XiFUUypplbxQI+EyZke0fAT2MnuK0pKZ98CiQ8jA 1xS71fo2cDhHuWnsjpQeJTZcRDninqOLBUS7roHo7yo/Hg8QoMNMq7LYCrsV+7KyXF+6 v6ladpHpDrkW59ru2LWEdz71djwP4TtfmOu1uYB1XunzLfBDYpTUsB2S/tNZENpiW7yT ILNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=2oQyuFqcNWTWvYoeXdOO9zAQhyNBhidiKegrzrcovjI=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=NU9NkGfA3xSAUtMAfDQpOutrpM10BhSqkwqE4cqo7KrkEPZ8LZZTwJtcYqcJOIY8gH KVNT896AwthRsWT3v2NFaXJLu1XqBnwlAMQvrQ1VQFbgs2ZptJxg82nMLMzZG3mvHhta 6SK3PTbeXVu/1eOQtY7+S9w0+igpS1AuPkxBLm/s7rdsvBQ6ELBhrhEklJQlZ+tUn6HF fuDlx861cyiHx+MapYvaVAkq1HfkCsxWclSnVnupJGdChCROQlaYVcfBUEQuJC/6lmR2 2g+BgDsGveqEVwjT46TYsNuKSCqxHtD93TNPhPSsQG6qrjNBwWvs9SDEMuaexhTDaj8L Q8hA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GnLGpssL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n25-20020a637219000000b0056a290addadsi4428957pgc.787.2023.08.21.07.26.43; Mon, 21 Aug 2023 07:26:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GnLGpssL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232345AbjHUBTw (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50744 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232280AbjHUBTk (ORCPT ); Sun, 20 Aug 2023 21:19:40 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA75EA0 for ; Sun, 20 Aug 2023 18:19:35 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 81601625E7 for ; Mon, 21 Aug 2023 01:19:35 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 771CAC433C7; Mon, 21 Aug 2023 01:19:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580774; bh=VITXRxzmYd+x/eSRYov7MGSe9fadUUYm+SsVHZIsK90=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GnLGpssLnig19O7XuSvdqyualyIfVZTWxLdMDmAAacwE+GksIRYECU8G7PQslNpbK d6oCA8KNuFpFq3VATCubAtmsAKmBk2NxTrojDL5nd1iFqvISpn4+w7FAo3LDlKYtWR UcP1OVJmK56gMEZPq/A/5nmiI2NovhEel36iKEWx1xohExLur1nEJjQAI6GbuaiyIG IKSyv/Md+WFfSif6c5kFykUcW56oatRIPlCwOi1whRLTu00j7NBotuXEwgckCA8DOs PxapRxvuGyPIuHX46fwMyE430CCwrQ/KOxewOJC0Ol8rSjxo3xWU1Jr2ZMjouP9LQ4 vNzbMmLyEdQvg== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 13/22] x86/srso: Fix vulnerability reporting for missing microcode Date: Sun, 20 Aug 2023 18:19:10 -0700 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774849115835062347 X-GMAIL-MSGID: 1774849115835062347 The SRSO default safe-ret mitigation is reported as "mitigated" even if microcode hasn't been updated. That's wrong because userspace may still be vulnerable to SRSO attacks due to IBPB not flushing branch type predictions. Report the safe-ret + !microcode case as vulnerable. Also report the microcode-only case as vulnerable as it leaves the kernel open to attacks. Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation") Signed-off-by: Josh Poimboeuf --- Documentation/admin-guide/hw-vuln/srso.rst | 22 +++++++++---- arch/x86/kernel/cpu/bugs.c | 36 +++++++++++++--------- 2 files changed, 38 insertions(+), 20 deletions(-) diff --git a/Documentation/admin-guide/hw-vuln/srso.rst b/Documentation/admin-guide/hw-vuln/srso.rst index b6cfb51cb0b4..4516719e00b5 100644 --- a/Documentation/admin-guide/hw-vuln/srso.rst +++ b/Documentation/admin-guide/hw-vuln/srso.rst @@ -46,12 +46,22 @@ The possible values in this file are: The processor is not vulnerable - * 'Vulnerable: no microcode': +* 'Vulnerable': + + The processor is vulnerable and no mitigations have been applied. + + * 'Vulnerable: No microcode': The processor is vulnerable, no microcode extending IBPB functionality to address the vulnerability has been applied. - * 'Mitigation: microcode': + * 'Vulnerable: Safe RET, no microcode': + + The "Safe Ret" mitigation (see below) has been applied to protect the + kernel, but the IBPB-extending microcode has not been applied. User + space tasks may still be vulnerable. + + * 'Vulnerable: Microcode, no safe RET': Extended IBPB functionality microcode patch has been applied. It does not address User->Kernel and Guest->Host transitions protection but it @@ -72,11 +82,11 @@ The possible values in this file are: (spec_rstack_overflow=microcode) - * 'Mitigation: safe RET': + * 'Mitigation: Safe RET': - Software-only mitigation. It complements the extended IBPB microcode - patch functionality by addressing User->Kernel and Guest->Host - transitions protection. + Combined microcode/software mitigation. It complements the + extended IBPB microcode patch functionality by addressing + User->Kernel and Guest->Host transitions protection. Selected by default or by spec_rstack_overflow=safe-ret diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index aeddd5ce9f34..f24c0f7e3e8a 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2353,6 +2353,8 @@ early_param("l1tf", l1tf_cmdline); enum srso_mitigation { SRSO_MITIGATION_NONE, + SRSO_MITIGATION_UCODE_NEEDED, + SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED, SRSO_MITIGATION_MICROCODE, SRSO_MITIGATION_SAFE_RET, SRSO_MITIGATION_IBPB, @@ -2368,11 +2370,13 @@ enum srso_mitigation_cmd { }; static const char * const srso_strings[] = { - [SRSO_MITIGATION_NONE] = "Vulnerable", - [SRSO_MITIGATION_MICROCODE] = "Mitigation: microcode", - [SRSO_MITIGATION_SAFE_RET] = "Mitigation: safe RET", - [SRSO_MITIGATION_IBPB] = "Mitigation: IBPB", - [SRSO_MITIGATION_IBPB_ON_VMEXIT] = "Mitigation: IBPB on VMEXIT only" + [SRSO_MITIGATION_NONE] = "Vulnerable", + [SRSO_MITIGATION_UCODE_NEEDED] = "Vulnerable: No microcode", + [SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED] = "Vulnerable: Safe RET, no microcode", + [SRSO_MITIGATION_MICROCODE] = "Vulnerable: Microcode, no safe RET", + [SRSO_MITIGATION_SAFE_RET] = "Mitigation: Safe RET", + [SRSO_MITIGATION_IBPB] = "Mitigation: IBPB", + [SRSO_MITIGATION_IBPB_ON_VMEXIT] = "Mitigation: IBPB on VMEXIT only" }; static enum srso_mitigation srso_mitigation __ro_after_init = SRSO_MITIGATION_NONE; @@ -2406,13 +2410,10 @@ static void __init srso_select_mitigation(void) { bool has_microcode = boot_cpu_has(X86_FEATURE_IBPB_BRTYPE); - if (!boot_cpu_has_bug(X86_BUG_SRSO) || cpu_mitigations_off()) + if (!boot_cpu_has_bug(X86_BUG_SRSO) || cpu_mitigations_off() || srso_cmd == SRSO_CMD_OFF) goto out; - if (!has_microcode) { - pr_warn("IBPB-extending microcode not applied!\n"); - pr_warn(SRSO_NOTICE); - } else { + if (has_microcode) { /* * Zen1/2 with SMT off aren't vulnerable after the right * IBPB microcode has been applied. @@ -2427,6 +2428,12 @@ static void __init srso_select_mitigation(void) srso_mitigation = SRSO_MITIGATION_IBPB; goto out_print; } + } else { + pr_warn("IBPB-extending microcode not applied!\n"); + pr_warn(SRSO_NOTICE); + + /* may be overwritten by SRSO_CMD_SAFE_RET below */ + srso_mitigation = SRSO_MITIGATION_UCODE_NEEDED; } switch (srso_cmd) { @@ -2456,7 +2463,10 @@ static void __init srso_select_mitigation(void) setup_force_cpu_cap(X86_FEATURE_SRSO); x86_return_thunk = srso_return_thunk; } - srso_mitigation = SRSO_MITIGATION_SAFE_RET; + if (has_microcode) + srso_mitigation = SRSO_MITIGATION_SAFE_RET; + else + srso_mitigation = SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED; } else { pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); } @@ -2696,9 +2706,7 @@ static ssize_t srso_show_state(char *buf) if (boot_cpu_has(X86_FEATURE_SRSO_NO)) return sysfs_emit(buf, "Mitigation: SMT disabled\n"); - return sysfs_emit(buf, "%s%s\n", - srso_strings[srso_mitigation], - boot_cpu_has(X86_FEATURE_IBPB_BRTYPE) ? "" : ", no microcode"); + return sysfs_emit(buf, "%s\n", srso_strings[srso_mitigation]); } static ssize_t gds_show_state(char *buf) From patchwork Mon Aug 21 01:19:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136364 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2906620vqi; Mon, 21 Aug 2023 03:28:53 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFHiCDrRkkb/17eA05EFHkWItPXXthl0X/b8sD/loWVeklHAGG3u86jnzlAiZCiweZ9zBeN X-Received: by 2002:a17:902:db0e:b0:1bc:224a:45c1 with SMTP id m14-20020a170902db0e00b001bc224a45c1mr4755459plx.55.1692613733138; Mon, 21 Aug 2023 03:28:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692613733; cv=none; d=google.com; s=arc-20160816; b=wO/xFT3kc00ipZD61l7ujg9zhYazqvfETZgyH+Rb7nPEGKG1I3e8VKl4pTUH4KlTF6 06iJSlqXUBdFL0zcuIel82MXAqoMl4KObqh2MFaE68msUIItQ2PO8M4eH2hcydT539kO GK4+0j8m+wSbNTTOpCrHfYoTxqMGpxxW58gYAO/XL5XatqS9fPCKqvvyT6p25NV78Dr3 DbfsMj67hF574CLvh/Ujsv/6XJe59l+oY2Lu1aWvO/C34RzC5WO4fZ2o5zE1l1xhskFW GS7xzokw+/0jETqfvrgAX7zKLJu4jyhrDtVjB6Qlw7hlAwU90Io7T2CDbrkTBW3EUwy3 TCVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=qyMbTVVDN6g2ZTSNefL8VxrKPSnq+vkMr6H30dP/rLU=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=jVK145j2Grjg2bwDtpIid/pnLYZui+GK7FKGkfEzymLf4+VRfEkboDiu4/hmeOy/oJ 2SoVVwqWmCqCpVUiUARvTigNGZGCEV7Rms60vY5jVcsCi8V/dVE/ra17RFWjQVVL5fPW u/BwDdQ6sYbhoqKvLr3hSqeJ3CPNGx9DIX+ltPXBqHuPZTd3PE02ftjkDOVMH4HSTnFj 9bIlpRyli4uQZcpk/20DGh0SMaWEdINEqBA62R6dR7xg1HPD6SOVirbEZNxF+ikRK28A T+gbceU2xeLDtRf1GHD3rdNzhUA4rbugVsPjM6/wjZvQbekxWlYgvooSeWx8kyeSb0Gh LmAA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TgQqsDKn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a3-20020a170902ecc300b001b85ab48092si7345872plh.499.2023.08.21.03.28.39; Mon, 21 Aug 2023 03:28:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TgQqsDKn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232403AbjHUBTx (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232317AbjHUBTk (ORCPT ); Sun, 20 Aug 2023 21:19:40 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 424C5A7 for ; Sun, 20 Aug 2023 18:19:36 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 225AD62656 for ; Mon, 21 Aug 2023 01:19:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 16BAFC433C9; Mon, 21 Aug 2023 01:19:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580775; bh=vKe6g7DJFD+sOe7LW8LR2j3xCIXy2maEKLpUAkuZCqk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=TgQqsDKnDmHtsRZF3oUHDf/yfoAfdZnAkGT8FNzNcJqvEBAnkPnMtPcQq7NEQmATw UcADyqtnf/s/OjicDNRRcaKikjzfIyJA6BVCtgAyDELo3CXeNvwnFn13inDa6UJbwx 5xXxYm9oVpOMcUmey472VWup/up60iW++XUHPFmVQzTYWLoJDhYCqEPB1Wpo7bBmuj 0xon5XfBizve3jNyEvkWmbw/pgYlnTVbNCrNZIftuLbh398Zk3fkKLwK5M0lka3ajh EguRaGKco3FUQs272lKviQ4sGhiDrCZm1Fcwd6kdtuDFSGJl6ZOx91qaONrJyP7FHq Rrcacc7ll0+0Q== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 14/22] x86/srso: Fix unret validation dependencies Date: Sun, 20 Aug 2023 18:19:11 -0700 Message-ID: <0defc3c027db91a6349d4d8a638245212854dddf.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774834137953229872 X-GMAIL-MSGID: 1774834137953229872 CONFIG_CPU_SRSO isn't dependent on CONFIG_CPU_UNRET_ENTRY (AMD Retbleed), so the two features are independently configurable. Fix several issues for the (presumably rare) case where CONFIG_CPU_SRSO is enabled but CONFIG_CPU_UNRET_ENTRY isn't. Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation") Signed-off-by: Josh Poimboeuf --- arch/x86/include/asm/nospec-branch.h | 4 ++-- include/linux/objtool.h | 3 ++- scripts/Makefile.vmlinux_o | 3 ++- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index c55cc243592e..197ff4f4d1ce 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -271,7 +271,7 @@ .Lskip_rsb_\@: .endm -#ifdef CONFIG_CPU_UNRET_ENTRY +#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) #define CALL_UNTRAIN_RET "call entry_untrain_ret" #else #define CALL_UNTRAIN_RET "" @@ -312,7 +312,7 @@ .macro UNTRAIN_RET_FROM_CALL #if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_IBPB_ENTRY) || \ - defined(CONFIG_CALL_DEPTH_TRACKING) + defined(CONFIG_CALL_DEPTH_TRACKING) || defined(CONFIG_CPU_SRSO) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ diff --git a/include/linux/objtool.h b/include/linux/objtool.h index 03f82c2c2ebf..b5440e7da55b 100644 --- a/include/linux/objtool.h +++ b/include/linux/objtool.h @@ -130,7 +130,8 @@ * it will be ignored. */ .macro VALIDATE_UNRET_BEGIN -#if defined(CONFIG_NOINSTR_VALIDATION) && defined(CONFIG_CPU_UNRET_ENTRY) +#if defined(CONFIG_NOINSTR_VALIDATION) && \ + (defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) .Lhere_\@: .pushsection .discard.validate_unret .long .Lhere_\@ - . diff --git a/scripts/Makefile.vmlinux_o b/scripts/Makefile.vmlinux_o index 0edfdb40364b..25b3b587d37c 100644 --- a/scripts/Makefile.vmlinux_o +++ b/scripts/Makefile.vmlinux_o @@ -37,7 +37,8 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION)) vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y) vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable -vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr $(if $(CONFIG_CPU_UNRET_ENTRY), --unret) +vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \ + $(if $(or $(CONFIG_CPU_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) objtool-args = $(vmlinux-objtool-args-y) --link From patchwork Mon Aug 21 01:19:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136347 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2845299vqi; Mon, 21 Aug 2023 00:49:40 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHOqeBWFnGOLetjZOG2VjJaEz2JwXIcFiiS18p7ZpgzFCcn7n5OSWDL/3wWYBCyPn+1iDeD X-Received: by 2002:a05:6a00:2d1c:b0:676:8fac:37 with SMTP id fa28-20020a056a002d1c00b006768fac0037mr8746020pfb.4.1692604180163; Mon, 21 Aug 2023 00:49:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692604180; cv=none; d=google.com; s=arc-20160816; b=MEySs0Kbh2jmHUUGRm/etd++sj5CL+QTnIcwawiXKfAllnUfIdeD8izk+mlM0nvV5h Nsnmzr/cXZ0aI7lSF6GZEeFq+wZhphKOsNtEv9hOcN/TPHG3SjwKxye3xsB0MaxmV09I XUYdu5EH9MjE3VuFwvGqFIKltgicdHNOolPE9lbpXStJLwbwsCicHntLetWMolOzaFrK C+bJQS353igCkxlj9pANpr/+kiN7Lgwuw/tRP3oTSGdtVIGggTZHG5vKEAkyo0oSjjig PkB6BQCBPMaDpxsSN1Ld1Ubvp9AtIsb9HOSflUuNUB9/2SP/jiB2c6e+lGDMeYwuJWWz cDZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=nBr9QRbTFY9REBZE0zhNoOMuGRel1GeFTAwUlMVAg6k=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=Lo0dwB2GJI53zJX+fXz4vtYKVZsySsvPXwOW2G1kLtl5SMaXnhKMWua63cCF/l5F79 BCtf2bJh7L77twiCSpUVuROim7EDMJpe8NKALU1F6ER7lT+DLo6v3BhEGqhC70BWxTET kYrlkVB/g8DmX/sFWL5xtSQzy+J4b5tbJkcHfORD8/XZUo6lzJtzfw/kYa816gThT5mL Aw2DPzq5ZIEJ75cE66kbiJSDAmD+/otcrmJNxiUZG31NRLFkLaoTdLzLglQuFIYjmycl OgkfIH61pZRUzGhc9Qy7sVZ7wjwI8c82vuBtSK4N5o0Mx5x9JaLfD560IkezHPn+ELN8 7siw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=kHOSMxip; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m4-20020a056a00080400b00686db9a11bbsi7146121pfk.61.2023.08.21.00.49.26; Mon, 21 Aug 2023 00:49:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=kHOSMxip; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232319AbjHUBT6 (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34426 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232297AbjHUBTk (ORCPT ); Sun, 20 Aug 2023 21:19:40 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 778CCBB for ; Sun, 20 Aug 2023 18:19:37 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 5007D62656 for ; Mon, 21 Aug 2023 01:19:37 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 48445C433CA; Mon, 21 Aug 2023 01:19:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580776; bh=Rh6jVE627xOscRDx5dqwSk4xoZ7NqUVdoeif7QYfiIU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kHOSMxip3/QqUYd1m5/BLbDmsTpT/F9Prp4TIfTL8TfCODSnLJq3YG00YoDaSEh/z I/psGJ4yR5FH+/bg32mE/1xGIMBLUNVXza9RzrTZIQ9LltFno8+fXRtRfqr3PppS/q 8Z2TcdcEaM9zieB0Qd5MLpKWhBFADWOrN3Ne7cCGyWZ8682HcQC8QYo+VIYJ1jzOgK vtJlz6zqg9eV3C1TYLC1S/zSayYYE5R2xA6Vyj43OovHJrK67AlG7t4ZF9w/V104TA 9uifkOzTIi3TJjucoX0scP4eEz1gbS+D7BzrzN9aUtO1wIGcso6Y0TwVo2uaCJP1f4 7ih/O7ITBMeUw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 16/22] x86/srso: Unexport untraining functions Date: Sun, 20 Aug 2023 18:19:13 -0700 Message-ID: <3f72ac3b503c69ab65d86b4372ca54909d730d7a.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774824121030588009 X-GMAIL-MSGID: 1774824121030588009 These functions aren't called outside of retpoline.S. Signed-off-by: Josh Poimboeuf --- arch/x86/include/asm/nospec-branch.h | 4 ---- arch/x86/lib/retpoline.S | 7 ++----- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 197ff4f4d1ce..6c14fd1f5912 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -352,10 +352,6 @@ extern void retbleed_return_thunk(void); extern void srso_return_thunk(void); extern void srso_alias_return_thunk(void); -extern void retbleed_untrain_ret(void); -extern void srso_untrain_ret(void); -extern void srso_alias_untrain_ret(void); - extern void entry_untrain_ret(void); extern void entry_ibpb(void); diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index cd86aeb5fdd3..5e3b016c6d3e 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -157,7 +157,6 @@ SYM_START(srso_alias_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) lfence jmp srso_alias_return_thunk SYM_FUNC_END(srso_alias_untrain_ret) -__EXPORT_THUNK(srso_alias_untrain_ret) .section .text..__x86.rethunk_safe #else @@ -216,7 +215,7 @@ SYM_CODE_END(srso_alias_return_thunk) */ .align 64 .skip 64 - (retbleed_return_thunk - retbleed_untrain_ret), 0xcc -SYM_START(retbleed_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) +SYM_START(retbleed_untrain_ret, SYM_L_LOCAL, SYM_A_NONE) ANNOTATE_NOENDBR /* * As executed from retbleed_untrain_ret, this is: @@ -264,7 +263,6 @@ SYM_CODE_END(retbleed_return_thunk) jmp retbleed_return_thunk int3 SYM_FUNC_END(retbleed_untrain_ret) -__EXPORT_THUNK(retbleed_untrain_ret) /* * SRSO untraining sequence for Zen1/2, similar to retbleed_untrain_ret() @@ -278,7 +276,7 @@ __EXPORT_THUNK(retbleed_untrain_ret) */ .align 64 .skip 64 - (srso_safe_ret - srso_untrain_ret), 0xcc -SYM_START(srso_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) +SYM_START(srso_untrain_ret, SYM_L_LOCAL, SYM_A_NONE) ANNOTATE_NOENDBR .byte 0x48, 0xb8 @@ -299,7 +297,6 @@ SYM_INNER_LABEL(srso_safe_ret, SYM_L_GLOBAL) ud2 SYM_CODE_END(srso_safe_ret) SYM_FUNC_END(srso_untrain_ret) -__EXPORT_THUNK(srso_untrain_ret) SYM_CODE_START(srso_return_thunk) UNWIND_HINT_FUNC From patchwork Mon Aug 21 01:19:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136345 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2841926vqi; Mon, 21 Aug 2023 00:39:52 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEKqLbhhsK7PEcAUtCOWDQVtp1fGmcxzKFtxOHsu2nLZG/qxtK6E+ToKHHxDF5l45s63MFY X-Received: by 2002:a05:6a20:5495:b0:125:928d:6745 with SMTP id i21-20020a056a20549500b00125928d6745mr9032947pzk.15.1692603592084; Mon, 21 Aug 2023 00:39:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692603592; cv=none; d=google.com; s=arc-20160816; b=ZXwaF4eBfiZjDXdbtomxSS5+K52tAOWXBgAS/S0gAJiyLNNHxllqUvJob5dH0q9v9W lKZA6KpR+VcLGPuXIHhFPE7g5cdMkF7sScFI69LRCxgcN2ytztNyjO0e6WLCPwNl5YYX pFnBJrsDS+RteS5BZm0b8EbEpYgMIaywyj258qv30ySBImVUB3/fBg2IK52a/unSmZKa 30g5/xITV0J5gj+uGfsfLoNEGRaSjk5RWGM0cXXyvIwMQeCDOV+hHtpSQrC48DVeFOaI x9IfPMsS9QrOjk6oKkOuVt2OMkcf572VuwLH27/eZ0m6AcYV58twuRuBTSSwdqisJlma UtbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=mReeIQ8CqnA2M/yzbK3XqI8bJAi/dRxpqS9webRF5sE=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=gCfOknW0oPVjNBxkiAsxzsfEPbSap99D+gV6NIIw3XLOuLKyKfk5JW+56+8am67t5f Imy8nKK7KefYhaZALfEaP7PtjtuMgOSoyjtLoagvaXJ7bH7Ac0AQaFm0F6OC0kbIzIJA w1pblj9fVLjKEtDvMlY/V6MRUJAgFy44lLfxWj5o57tLgWroEu0TpgCEAUwkK6Exu7az WRI5PHkdA+N+gYFqtVTFdCbx4E2HhBJltTiyAyi5nxDJvv7hs8yJGVlRojaVwTqcBiFk JSaDbiJIRtOtFCAnn2gh7EzzOCSJKnwfVWqTBuvssgnP2b8lH/WRDIoz+yXnnsU2PK5W MArg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UFeiiWTB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n1-20020a638f01000000b005650ad0d543si6182510pgd.113.2023.08.21.00.39.38; Mon, 21 Aug 2023 00:39:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UFeiiWTB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232425AbjHUBT7 (ORCPT + 99 others); Sun, 20 Aug 2023 21:19:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232348AbjHUBTo (ORCPT ); Sun, 20 Aug 2023 21:19:44 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A12AC0 for ; Sun, 20 Aug 2023 18:19:38 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id D9DCC6262F for ; Mon, 21 Aug 2023 01:19:37 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D9BC8C433C9; Mon, 21 Aug 2023 01:19:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580777; bh=BvMRiV/I3ycoueek5OPrp1o8u7p0RoZeY2rNyzhiscg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UFeiiWTBL/22BKGbx9AsPrhNA6obzfa/EYVcfLjmBto1DBEb8kKTvdyy/zns2Hzcm J2qx/6J5eZuWnHtGJiyL6RX1DlHwmeaaHfwLUXLB/DV9VUCgmZaAYbBs/E6sFGmnap GTfm60JTZOI9yaxGWvovVboTjzGZa9ZpPY5KNn+xBk4+iXUf2d2Alz8wuai9pch1q4 4/J22COYodd6UnnOUJS5EEMyLrX7+ADM/LOg30oRfTtgHnVMwpJgMnKd1zD38ycnfz 7nRceeHdOepsObDcdA+onccvZGD/kbx6tW7Wn9bRIpQ7yqktEE6Kpedj84fTL8Jop3 VnrGCzsbaT7Mw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 17/22] x86/srso: Disentangle rethunk-dependent options Date: Sun, 20 Aug 2023 18:19:14 -0700 Message-ID: <58449e5b95c192d076cb02bc1ee20b5713cd3c02.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774823503831418715 X-GMAIL-MSGID: 1774823503831418715 CONFIG_RETHUNK, CONFIG_CPU_UNRET_ENTRY and CONFIG_CPU_SRSO are all tangled up. De-spaghettify the code a bit. Some of the rethunk-related code has been shuffled around within the '.text..__x86.return_thunk' section, but otherwise there are no functional changes. srso_alias_untrain_ret() and srso_alias_safe_ret() ((which are very address-sensitive) haven't moved. Signed-off-by: Josh Poimboeuf --- arch/x86/include/asm/nospec-branch.h | 25 +++-- arch/x86/kernel/cpu/bugs.c | 5 +- arch/x86/kernel/vmlinux.lds.S | 7 +- arch/x86/lib/retpoline.S | 158 +++++++++++++++------------ 4 files changed, 109 insertions(+), 86 deletions(-) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 6c14fd1f5912..51e3f1a287d2 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -289,19 +289,17 @@ * where we have a stack but before any RET instruction. */ .macro UNTRAIN_RET -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_IBPB_ENTRY) || \ - defined(CONFIG_CALL_DEPTH_TRACKING) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ "call entry_ibpb", X86_FEATURE_ENTRY_IBPB, \ - __stringify(RESET_CALL_DEPTH), X86_FEATURE_CALL_DEPTH + __stringify(RESET_CALL_DEPTH), X86_FEATURE_CALL_DEPTH #endif .endm .macro UNTRAIN_RET_VM -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_IBPB_ENTRY) || \ - defined(CONFIG_CALL_DEPTH_TRACKING) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ @@ -311,8 +309,7 @@ .endm .macro UNTRAIN_RET_FROM_CALL -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_IBPB_ENTRY) || \ - defined(CONFIG_CALL_DEPTH_TRACKING) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ @@ -348,6 +345,20 @@ extern void __x86_return_thunk(void); static inline void __x86_return_thunk(void) {} #endif +#ifdef CONFIG_CPU_UNRET_ENTRY +extern void retbleed_return_thunk(void); +#else +static inline void retbleed_return_thunk(void) {} +#endif + +#ifdef CONFIG_CPU_SRSO +extern void srso_return_thunk(void); +extern void srso_alias_return_thunk(void); +#else +static inline void srso_return_thunk(void) {} +static inline void srso_alias_return_thunk(void) {} +#endif + extern void retbleed_return_thunk(void); extern void srso_return_thunk(void); extern void srso_alias_return_thunk(void); diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index f24c0f7e3e8a..73d10e54fc1f 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -63,7 +63,7 @@ EXPORT_SYMBOL_GPL(x86_pred_cmd); static DEFINE_MUTEX(spec_ctrl_mutex); -void (*x86_return_thunk)(void) __ro_after_init = &__x86_return_thunk; +void (*x86_return_thunk)(void) __ro_after_init = __x86_return_thunk; /* Update SPEC_CTRL MSR and its cached copy unconditionally */ static void update_spec_ctrl(u64 val) @@ -1042,8 +1042,7 @@ static void __init retbleed_select_mitigation(void) setup_force_cpu_cap(X86_FEATURE_RETHUNK); setup_force_cpu_cap(X86_FEATURE_UNRET); - if (IS_ENABLED(CONFIG_RETHUNK)) - x86_return_thunk = retbleed_return_thunk; + x86_return_thunk = retbleed_return_thunk; if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD && boot_cpu_data.x86_vendor != X86_VENDOR_HYGON) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 83d41c2601d7..9188834e56c9 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -139,10 +139,7 @@ SECTIONS STATIC_CALL_TEXT ALIGN_ENTRY_TEXT_BEGIN -#ifdef CONFIG_CPU_SRSO *(.text..__x86.rethunk_untrain) -#endif - ENTRY_TEXT #ifdef CONFIG_CPU_SRSO @@ -520,12 +517,12 @@ INIT_PER_CPU(irq_stack_backing_store); "fixed_percpu_data is not at start of per-cpu area"); #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_CPU_UNRET_ENTRY . = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned"); -. = ASSERT((srso_safe_ret & 0x3f) == 0, "srso_safe_ret not cacheline-aligned"); #endif #ifdef CONFIG_CPU_SRSO +. = ASSERT((srso_safe_ret & 0x3f) == 0, "srso_safe_ret not cacheline-aligned"); /* * GNU ld cannot do XOR until 2.41. * https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=f6f78318fca803c4907fb8d7f6ded8295f1947b1 diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 5e3b016c6d3e..e5be0ecf3ce0 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -126,12 +126,13 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) #include #undef GEN #endif -/* - * This function name is magical and is used by -mfunction-return=thunk-extern - * for the compiler to generate JMPs to it. - */ + #ifdef CONFIG_RETHUNK + .section .text..__x86.return_thunk + +#ifdef CONFIG_CPU_SRSO + /* * srso_alias_untrain_ret() and srso_alias_safe_ret() are placed at * special addresses: @@ -147,9 +148,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) * * As a result, srso_alias_safe_ret() becomes a safe return. */ -#ifdef CONFIG_CPU_SRSO - .section .text..__x86.rethunk_untrain - + .pushsection .text..__x86.rethunk_untrain SYM_START(srso_alias_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) UNWIND_HINT_FUNC ANNOTATE_NOENDBR @@ -157,17 +156,9 @@ SYM_START(srso_alias_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) lfence jmp srso_alias_return_thunk SYM_FUNC_END(srso_alias_untrain_ret) + .popsection - .section .text..__x86.rethunk_safe -#else -/* dummy definition for alternatives */ -SYM_START(srso_alias_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) - ANNOTATE_UNRET_SAFE - ret - int3 -SYM_FUNC_END(srso_alias_untrain_ret) -#endif - + .pushsection .text..__x86.rethunk_safe SYM_START(srso_alias_safe_ret, SYM_L_GLOBAL, SYM_A_NONE) lea 8(%_ASM_SP), %_ASM_SP UNWIND_HINT_FUNC @@ -175,8 +166,7 @@ SYM_START(srso_alias_safe_ret, SYM_L_GLOBAL, SYM_A_NONE) ret int3 SYM_FUNC_END(srso_alias_safe_ret) - - .section .text..__x86.return_thunk + .popsection SYM_CODE_START(srso_alias_return_thunk) UNWIND_HINT_FUNC @@ -185,6 +175,56 @@ SYM_CODE_START(srso_alias_return_thunk) ud2 SYM_CODE_END(srso_alias_return_thunk) +/* + * SRSO untraining sequence for Zen1/2, similar to retbleed_untrain_ret() + * above. On kernel entry, srso_untrain_ret() is executed which is a + * + * movabs $0xccccc30824648d48,%rax + * + * and when the return thunk executes the inner label srso_safe_ret() + * later, it is a stack manipulation and a RET which is mispredicted and + * thus a "safe" one to use. + */ + .align 64 + .skip 64 - (srso_safe_ret - srso_untrain_ret), 0xcc +SYM_START(srso_untrain_ret, SYM_L_LOCAL, SYM_A_NONE) + ANNOTATE_NOENDBR + .byte 0x48, 0xb8 + +/* + * This forces the function return instruction to speculate into a trap + * (UD2 in srso_return_thunk() below). This RET will then mispredict + * and execution will continue at the return site read from the top of + * the stack. + */ +SYM_INNER_LABEL(srso_safe_ret, SYM_L_GLOBAL) + lea 8(%_ASM_SP), %_ASM_SP + ret + int3 + int3 + /* end of movabs */ + lfence + call srso_safe_ret + ud2 +SYM_CODE_END(srso_safe_ret) +SYM_FUNC_END(srso_untrain_ret) + +SYM_CODE_START(srso_return_thunk) + UNWIND_HINT_FUNC + ANNOTATE_NOENDBR + call srso_safe_ret + ud2 +SYM_CODE_END(srso_return_thunk) + +#define JMP_SRSO_UNTRAIN_RET "jmp srso_untrain_ret" +#define JMP_SRSO_ALIAS_UNTRAIN_RET "jmp srso_alias_untrain_ret" +#else /* !CONFIG_CPU_SRSO */ +#define JMP_SRSO_UNTRAIN_RET "ud2" +#define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2" +#endif /* CONFIG_CPU_SRSO */ + +#ifdef CONFIG_CPU_UNRET_ENTRY + /* * Some generic notes on the untraining sequences: * @@ -264,64 +304,21 @@ SYM_CODE_END(retbleed_return_thunk) int3 SYM_FUNC_END(retbleed_untrain_ret) -/* - * SRSO untraining sequence for Zen1/2, similar to retbleed_untrain_ret() - * above. On kernel entry, srso_untrain_ret() is executed which is a - * - * movabs $0xccccc30824648d48,%rax - * - * and when the return thunk executes the inner label srso_safe_ret() - * later, it is a stack manipulation and a RET which is mispredicted and - * thus a "safe" one to use. - */ - .align 64 - .skip 64 - (srso_safe_ret - srso_untrain_ret), 0xcc -SYM_START(srso_untrain_ret, SYM_L_LOCAL, SYM_A_NONE) - ANNOTATE_NOENDBR - .byte 0x48, 0xb8 +#define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret" +#else /* !CONFIG_CPU_UNRET_ENTRY */ +#define JMP_RETBLEED_UNTRAIN_RET "ud2" +#endif /* CONFIG_CPU_UNRET_ENTRY */ -/* - * This forces the function return instruction to speculate into a trap - * (UD2 in srso_return_thunk() below). This RET will then mispredict - * and execution will continue at the return site read from the top of - * the stack. - */ -SYM_INNER_LABEL(srso_safe_ret, SYM_L_GLOBAL) - lea 8(%_ASM_SP), %_ASM_SP - ret - int3 - int3 - /* end of movabs */ - lfence - call srso_safe_ret - ud2 -SYM_CODE_END(srso_safe_ret) -SYM_FUNC_END(srso_untrain_ret) - -SYM_CODE_START(srso_return_thunk) - UNWIND_HINT_FUNC - ANNOTATE_NOENDBR - call srso_safe_ret - ud2 -SYM_CODE_END(srso_return_thunk) +#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) SYM_FUNC_START(entry_untrain_ret) - ALTERNATIVE_2 "jmp retbleed_untrain_ret", \ - "jmp srso_untrain_ret", X86_FEATURE_SRSO, \ - "jmp srso_alias_untrain_ret", X86_FEATURE_SRSO_ALIAS + ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \ + JMP_SRSO_UNTRAIN_RET, X86_FEATURE_SRSO, \ + JMP_SRSO_ALIAS_UNTRAIN_RET, X86_FEATURE_SRSO_ALIAS SYM_FUNC_END(entry_untrain_ret) __EXPORT_THUNK(entry_untrain_ret) -SYM_CODE_START(__x86_return_thunk) - UNWIND_HINT_FUNC - ANNOTATE_NOENDBR - ANNOTATE_UNRET_SAFE - ret - int3 -SYM_CODE_END(__x86_return_thunk) -EXPORT_SYMBOL(__x86_return_thunk) - -#endif /* CONFIG_RETHUNK */ +#endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */ #ifdef CONFIG_CALL_DEPTH_TRACKING @@ -356,3 +353,22 @@ SYM_FUNC_START(__x86_return_skl) SYM_FUNC_END(__x86_return_skl) #endif /* CONFIG_CALL_DEPTH_TRACKING */ + +/* + * This function name is magical and is used by -mfunction-return=thunk-extern + * for the compiler to generate JMPs to it. + * + * This code is only used during kernel boot or module init. All + * 'JMP __x86_return_thunk' sites are changed to something else by + * apply_returns(). + */ +SYM_CODE_START(__x86_return_thunk) + UNWIND_HINT_FUNC + ANNOTATE_NOENDBR + ANNOTATE_UNRET_SAFE + ret + int3 +SYM_CODE_END(__x86_return_thunk) +EXPORT_SYMBOL(__x86_return_thunk) + +#endif /* CONFIG_RETHUNK */ From patchwork Mon Aug 21 01:19:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136355 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2877943vqi; Mon, 21 Aug 2023 02:15:32 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGW/LOQ5XHkbmK+uL8qA26SXVSrqBoG2KcPqEFYSEuW2Rt6X5SzjUqS5/Rjj3tq7uZ3lctk X-Received: by 2002:a17:906:5198:b0:99d:de25:89b3 with SMTP id y24-20020a170906519800b0099dde2589b3mr3649955ejk.26.1692609331700; Mon, 21 Aug 2023 02:15:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692609331; cv=none; d=google.com; s=arc-20160816; b=rZmIJuntbQG/9a1Ntm4cc/hceU0XM23mWErotMnsg3wi/i6zYCg/NGvrVKU3uCbxOT l5kncJT4EGh+HJ4hS1CWH0sHfptdQGBVxdC82U5HFGXiRJ9FCj8/e6L8tqXao6kuMgrY bX1M6AtrfXMNE0evVSNRiHz4OTqfgZffDNHYB+VgTh54KCI+87lEZEPQY4apwlMTxTjt QGmzdwdEukMXaYIUq60Nx4BL6yMpihfLvH/eM5wBioEQkaKo0jb/ttcuELdp1KTsUwZF EbWzTjlHDz2t1xcNi+xCn1NPn8V+zZ1bNMRsKYA8KjAtuG+omTnfBqTeDoq9Ji6k+btF J3Ww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=dQ5MU2kYtzsWmO3+NWqvPh9mSzIuSrk3TYWuuAeLHVQ=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=nva1j8B+nEInaj4+Qb6xmdgoqGdrJa6c90LOJMuRAeTDP0tLHto4OTu8zdNZ16l+DO xPvTTbV3YuS7bOWWFlAk+uP4Ht7wnbnLzaY4XtKHpQqSV46yy6Gs6IC61PKeMWatZ9pk o1gIqQEYG07wIbMv7JQ4AzD4IMW3lx5hixsZMkqClMooxJheemY7Qk2WpOrBTCA0GOFO 2ApEuUWlUNyy2W7RApD9xbH3/AhkRUJgIXU5FaKynXeQde2cErVFByXHyLdNKde/vJZP DCxH+L02Dhx3QyA3sbGULEvfv2BJAfpKe7YJnveroMr1pNxh2mbNwe57PCDeo5nNsQlX IFTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TLFc6PUE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dc11-20020a170906c7cb00b00988a9273633si5272850ejb.344.2023.08.21.02.15.07; Mon, 21 Aug 2023 02:15:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TLFc6PUE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232431AbjHUBUB (ORCPT + 99 others); Sun, 20 Aug 2023 21:20:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50752 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232346AbjHUBTo (ORCPT ); Sun, 20 Aug 2023 21:19:44 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8AD81C5 for ; Sun, 20 Aug 2023 18:19:38 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1B9C962600 for ; Mon, 21 Aug 2023 01:19:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 78351C433BC; Mon, 21 Aug 2023 01:19:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580777; bh=/KwWNgSYPkUd1BQwjMGaME6UyYfycSaI0h8YlDU3UQ0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=TLFc6PUE0KYjVA7Hw//4qd4fhfK0GfvqceS+T76cxUjcVCTGQd9vF4KPeO1wDPKil /PTO3QmqAQWHbXT3NgZ9YYAOfs6eZpGNmKFpT3H2bZDLDXtCGqTcdGkpCNW6USJhEf 7DM1qWXADpuqKUqxS0WXNX+hrJZYfTOoYId0glwLXOY6aZjN9nV/BUoGkPBtECXH5y o7Pf3O5yHOHkMstIDNni9GnojPzcr6jxwHS639nNI0ftqvxkyZEfygU0GUAk0x9FKu 2j7r9S3oUqLLmys73+3pjex3ERQew9Jwv+B0jOH2NnrqBPwaDS/srw8XXYZchCpKov gpLLWDU6QwGng== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 18/22] x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros Date: Sun, 20 Aug 2023 18:19:15 -0700 Message-ID: <319d14f7bb8303bbc51eba782ed94279720eb156.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774829522403346564 X-GMAIL-MSGID: 1774829522403346564 Macros already exist for unaligned code block symbols. Use them. Signed-off-by: Josh Poimboeuf --- arch/x86/lib/retpoline.S | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index e5be0ecf3ce0..af3c1f0e4fb8 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -149,7 +149,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) * As a result, srso_alias_safe_ret() becomes a safe return. */ .pushsection .text..__x86.rethunk_untrain -SYM_START(srso_alias_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE) +SYM_CODE_START_NOALIGN(srso_alias_untrain_ret) UNWIND_HINT_FUNC ANNOTATE_NOENDBR ASM_NOP2 @@ -159,7 +159,7 @@ SYM_FUNC_END(srso_alias_untrain_ret) .popsection .pushsection .text..__x86.rethunk_safe -SYM_START(srso_alias_safe_ret, SYM_L_GLOBAL, SYM_A_NONE) +SYM_CODE_START_NOALIGN(srso_alias_safe_ret) lea 8(%_ASM_SP), %_ASM_SP UNWIND_HINT_FUNC ANNOTATE_UNRET_SAFE @@ -187,7 +187,7 @@ SYM_CODE_END(srso_alias_return_thunk) */ .align 64 .skip 64 - (srso_safe_ret - srso_untrain_ret), 0xcc -SYM_START(srso_untrain_ret, SYM_L_LOCAL, SYM_A_NONE) +SYM_CODE_START_LOCAL_NOALIGN(srso_untrain_ret) ANNOTATE_NOENDBR .byte 0x48, 0xb8 @@ -255,7 +255,7 @@ SYM_CODE_END(srso_return_thunk) */ .align 64 .skip 64 - (retbleed_return_thunk - retbleed_untrain_ret), 0xcc -SYM_START(retbleed_untrain_ret, SYM_L_LOCAL, SYM_A_NONE) +SYM_CODE_START_LOCAL_NOALIGN(retbleed_untrain_ret) ANNOTATE_NOENDBR /* * As executed from retbleed_untrain_ret, this is: From patchwork Mon Aug 21 01:19:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136316 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2771735vqi; Sun, 20 Aug 2023 21:01:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFoVzrbdjL63NbNmtNMuzC3UqGqPjZ5cbFT9Nzsnz0NCng9tpK7FADryoJG+ZRNP7t83lFA X-Received: by 2002:a17:906:311b:b0:99c:ae06:918f with SMTP id 27-20020a170906311b00b0099cae06918fmr3643515ejx.38.1692590491240; Sun, 20 Aug 2023 21:01:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692590491; cv=none; d=google.com; s=arc-20160816; b=EGU/c338Y2qFHfgEab8u1BO6NGLk9wUh4q3QJCu90zlZfmjL5/T9s056KdroGshwwO oB9nk3ZaGoIOPX3/Qv1aAPhSf4B3AucrY6emGHCbXFt7DrBTJ3ke9Jtxy5t8n01Mjyix z2375im3rsI/sDqDYfiBRQD2+4r4n0WnpGbc3elkw4cwmiWXB6BPeAAO1K713meRb7jn 9AgDzx088+0ScwCz96osVuBJtiU3OhgtugzUysi8yAgWKV5kEixdOwM00x6u/LKVjl6t arhbHNkOdPR3AA7SqdnlIKjBfPpjJYjkLPuSCdZjaZzqfyMb9d9Kig9ZIAFr84uQ6NLl ZOlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=bIcP2UEwxzFdZ/5256bnQnxfabhkbM/HmdaVI2wOaEY=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=LTftKV6Nsr3DnibvM7nMzFDXMQsSZEySBdC+rBmvUq3vBM+xdTInIQeX44L47FJ+gJ LeYz0mszpOFyecre4QL74FU/X8QzebaXidKZiiNep7pBjXDrdHgz0HQW91HOSF6tpTFg noh9F9XTvt+wbBJtfDHcTSrD5qL22cM59l7faL8h1keeB5NU5k8j/j/cxpRTr2gTlQPN 1hp3foxnH/DWZSebOZRN4Qw9+EMCc9Y6D+gimjWY7GW5NSJx6NZ9qf0kNwRcF1A9U0a5 0oFRWyO8eXrKzNtMe4MKcPpdUXl3RvTRRTLLRgqX7NwVD5TjfMubhukz64y11x1wCYSS Cf6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gjPPfc3X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gr19-20020a170906e2d300b0099cd8eb7328si5013155ejb.637.2023.08.20.21.00.56; Sun, 20 Aug 2023 21:01:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gjPPfc3X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231428AbjHUBUE (ORCPT + 99 others); Sun, 20 Aug 2023 21:20:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34502 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232320AbjHUBTo (ORCPT ); Sun, 20 Aug 2023 21:19:44 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3EDC2CF for ; Sun, 20 Aug 2023 18:19:39 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1753A6260C for ; Mon, 21 Aug 2023 01:19:39 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 16867C433C9; Mon, 21 Aug 2023 01:19:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580778; bh=jFyALynF3no3jKDUUWb3xTWvMt/cZ/Q1OkgRNreEts4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gjPPfc3XNmsWXQoOsImxTwxJ0V9KL6VY2R1rcLaKSZOwhtsVSlHY7V3W8pFcTHEqT fMNH2oTZGJNLJeqwgwtPmGaRRedLI2HS6p0hWDLEqqlpc1Qjn7iUFI4RNhFZEeCDvv HrdimRMey1UBdvSAHdgbpr+9rDYI5Bt6hiZDv60hzIjDWIc2MqRaNuxXuiiccGZq50 9iEYGEDzT7+2P5Xek1nPvOvZFdNBPnun14M4Hv7tym1Ae6tqmD9mjqbmD48u1W9YMi pz5D8VizwoyapGSZYBcOhQ/sveapLkb88so7us2k3aJr0S5MRqpUcoj1Bn1EPjvuyc 4YEYlXDcbt9Gw== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 19/22] x86/srso: Improve i-cache locality for alias mitigation Date: Sun, 20 Aug 2023 18:19:16 -0700 Message-ID: <61b4147837d1e0273d094f3d11384fcdcf9b637f.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774809766868892719 X-GMAIL-MSGID: 1774809766868892719 Move srso_alias_return_thunk() to the same section as srso_alias_safe_ret() so they can share a cache line. Signed-off-by: Josh Poimboeuf --- arch/x86/lib/retpoline.S | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index af3c1f0e4fb8..415521dbe15e 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -166,14 +166,14 @@ SYM_CODE_START_NOALIGN(srso_alias_safe_ret) ret int3 SYM_FUNC_END(srso_alias_safe_ret) - .popsection -SYM_CODE_START(srso_alias_return_thunk) +SYM_CODE_START_NOALIGN(srso_alias_return_thunk) UNWIND_HINT_FUNC ANNOTATE_NOENDBR call srso_alias_safe_ret ud2 SYM_CODE_END(srso_alias_return_thunk) + .popsection /* * SRSO untraining sequence for Zen1/2, similar to retbleed_untrain_ret() From patchwork Mon Aug 21 01:19:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136309 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2737055vqi; Sun, 20 Aug 2023 18:55:54 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEtIWxsgZKoJSYW3YaIcfxelXWRzm6s9ZHHesrGfO4IlkLNIQmaLj5KHhVFk4Uzk30o3oBl X-Received: by 2002:a05:6358:949f:b0:134:c4dc:9e28 with SMTP id i31-20020a056358949f00b00134c4dc9e28mr5859131rwb.17.1692582954341; Sun, 20 Aug 2023 18:55:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692582954; cv=none; d=google.com; s=arc-20160816; b=KTYtOcEPJr77JqWXjot2Zs3hzsj+A071YjqYv4w9sE+4XfdBBFGSUQNhkSrcJZfx9H W6RTLsb9n9bHfBpUbPWVEesW/pIHkWvdy/7FyHlsigti6JIXRR7/l/0xmcYtVvhnxLJ9 mV1+MxoZp0QZggjLXM/Z2Pg8aJ4PLldtpPBIxocIv9iyQnTD+6gMeptqDMPFY3A4vTSr SKz27YixguBof3QeK65f5Q6YNGLPNKfBHqimFe9rd5waJzwZKRp0kx4brTpUhP7nswGh a/aDGc13hhU0A3n4oMH7iukq06GpDK8iVAprfO2ihCCIQTBt9fZj2u4JNM9mfAOyx497 MCng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=aOBMicZEz7Ljg63be/MngVcmadEK9dPurRpNMNjlTRU=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=ffqj1jA0N1iNU9un3VU1ZEwLv6TKvatu69w9smMs9njYzlQxHhuSJKywKjBgqA1P1Z 3QT5EnctSWm88EXAjSeuvUl7zpt15j4P4RpvRlNw07tMfIDOolveHJyWhOjipuqetTjX 4umGYVWp6HuqgU82dX49s5nI8A8BrblmuB9wO3qhL7pzQnkwS70IToHsr2DeILqUJ7gJ Qmue05M+HPUYo+rIFFHuMS+b/nDFV89qxmzfu8+boup7hRRI/UPKs/MuESP5AvHsnbql xUJPxLcaagDhIqKeZ9yw9ilzRzcFscAjllq4XnD+MTdqpFZy4P0MxDjWcucDtvVf1L/U DgGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=W6JM0y6V; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h184-20020a6383c1000000b00543e36736d3si6299289pge.628.2023.08.20.18.55.32; Sun, 20 Aug 2023 18:55:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=W6JM0y6V; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232466AbjHUBUN (ORCPT + 99 others); Sun, 20 Aug 2023 21:20:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44788 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232380AbjHUBTu (ORCPT ); Sun, 20 Aug 2023 21:19:50 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 00C79E2 for ; Sun, 20 Aug 2023 18:19:39 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id AD2DB62656 for ; Mon, 21 Aug 2023 01:19:39 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A833DC433C7; Mon, 21 Aug 2023 01:19:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580779; bh=vc/fpVk3bxy2ex4nbxSxEwbS+F8Y//JwnGv+3rBD+Rs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=W6JM0y6Va98w8Ku9RhzPIsJPh1GKZZwvBoNGv9Ghd+p75eCKzSAeS+bvkGig4j5kz em4QeLq0a15Z4rrcy7a5l6zeFftY3LH/5/dZUVoho6PFl965C1ItVatuPtwvyoRAdJ bKLrxxwesWLNjIqVN4ET5fIfMzlQeuVqkUB96bsDp9BBz/c/4vm/c8zcq2LD/NzAds nfANx9DmEW3znSW8aA761+Q47chkPMXdHAHVDja8g+VuhmYZ8BpxdCAPxghmfiW2Z9 AG7fhMg1GRuKtKCrZE2U3xc0xxv6ICMUlW0MCErVFrl3us9LU5WxwIsN4q5pS9LDj8 kvT7tfQvPzpNA== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 20/22] x86/retpoline: Remove .text..__x86.return_thunk section Date: Sun, 20 Aug 2023 18:19:17 -0700 Message-ID: <5325966e6bdbaea6ffd79720cfeb44abe9a88513.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774801863951698491 X-GMAIL-MSGID: 1774801863951698491 The '.text..__x86.return_thunk' section has no purpose. Remove it and let the return thunk code live in '.text..__x86.indirect_thunk'. Signed-off-by: Josh Poimboeuf --- arch/x86/kernel/vmlinux.lds.S | 3 --- arch/x86/lib/retpoline.S | 2 -- 2 files changed, 5 deletions(-) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 9188834e56c9..f1c3516d356d 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -132,10 +132,7 @@ SECTIONS LOCK_TEXT KPROBES_TEXT SOFTIRQENTRY_TEXT -#ifdef CONFIG_RETPOLINE *(.text..__x86.indirect_thunk) - *(.text..__x86.return_thunk) -#endif STATIC_CALL_TEXT ALIGN_ENTRY_TEXT_BEGIN diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 415521dbe15e..49f2be7c7b35 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -129,8 +129,6 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) #ifdef CONFIG_RETHUNK - .section .text..__x86.return_thunk - #ifdef CONFIG_CPU_SRSO /* From patchwork Mon Aug 21 01:19:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136344 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2841697vqi; Mon, 21 Aug 2023 00:39:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFbnViLOtH8zp1l0d1VQwSExayiZ+DsT+NKAQtOyGa9o6hte9iTCI16ZSmBjXAiH6JoErDH X-Received: by 2002:aca:110d:0:b0:3a7:2022:c4fc with SMTP id 13-20020aca110d000000b003a72022c4fcmr6238764oir.9.1692603555303; Mon, 21 Aug 2023 00:39:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692603555; cv=none; d=google.com; s=arc-20160816; b=D53wA/2Q4YBCZhve4Hb9/SrayUFudlqDJssHv1dp+B9bHwF0tsTC+Y+8pZYAUu/FlU AyS+NDPHAt23PimoY92EA3oIchJzjPGSKmXH+9X4hTLsYnGWuXPBYR7riC7qkyO9axMO TC8CiqQPZ4j31DH31wyI1R3uy2EpjvMraaCClUocQy33zat2ZoAqyi8JdMS09+7AuAEo boqG1omGQFUZrZIIjirVj/KeMjOJVgdHrN3g+MJvrlCd9S7Owo3u70VA4Xyy4P3fQGOW K/8opCnPzQ9+SWHP8sTkFQtR6fPCvYAFpGahpDJEVVazr2Gv4RIng/OItVqcPGewtRHL cMLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=WYhYomtoKb+dBpcccC3ApeW5khmLI2zP5wGR9wjr5qo=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=cZLko9Y2stcyljNegRJEJOaglYrAPw2j8S2OtNbHBElwUrj7Ghd/6vcYm3JA9sm6OO fiEJuvgxkZvsvkVXXuH2hY8jfRMIqNS6ofHYn2cJpSUc/eh9xh8QDO8Ipxvkqnh+KJuY +csjrWeW8Q616LC0oT/aACdQ5ezbtAlEiT7+0cmHKRQSm0Zr1sioQqceKY7ukPmo9AhP 5TdoywxxeZBSsX1Z+mGrdGPZzySeIDsEkTERzItizlvqZ6c9tR8CkDmwx6OdBRoq8bHW WiBraLg9qgxAFm8NdT8Lc8WH19tsSDwtYzWuoywtEqREJGkXRYK1fF5Fo1mSTcZ2p9qe k97A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="WpK/wBKT"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l193-20020a6391ca000000b00565f5a27ef7si6414651pge.876.2023.08.21.00.39.01; Mon, 21 Aug 2023 00:39:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="WpK/wBKT"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232396AbjHUBUP (ORCPT + 99 others); Sun, 20 Aug 2023 21:20:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44872 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232289AbjHUBTv (ORCPT ); Sun, 20 Aug 2023 21:19:51 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DD96AEB for ; Sun, 20 Aug 2023 18:19:40 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 48885625F7 for ; Mon, 21 Aug 2023 01:19:40 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 44843C433CC; Mon, 21 Aug 2023 01:19:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580779; bh=ABB0VEm/1qgHSMYLRDciSz5DC9qBJP3kxsxjFgJZZ5Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WpK/wBKT6GpIMS/8IETxzEpkcHpLnvA9UsqO92eoDLBs99jIMhyVrlhW9jJzghW/1 +dp+CPf3Xu4AZUDYX12af367DJWF37hKsebdxbyaC0irs5eKXvv6TfuKCemNcygLuS csw+q6zuFy22vxEAN8JXX3hDzGS6sIgkYF+JtTyMV7G267gC2BVWPs7KbM3Hac7v+C JVlt4YBAci80ZKZlQA3ushe58ywyXomV0s8a4JjZoipLLi010ey02sVY0NUwzwuo0A 7GvkaWHzjouqK/v+oSpjshtdtsCiyMZrTVYhA2e1IhQVOW9U/fmT9Uq8M6NwkiJX/z 4LHfCGUIvDD+g== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 21/22] x86/nospec: Refactor UNTRAIN_RET[_*] Date: Sun, 20 Aug 2023 18:19:18 -0700 Message-ID: <316ee83d450de92924273f65580a7d23f7355f40.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774823465310601257 X-GMAIL-MSGID: 1774823465310601257 Factor out the UNTRAIN_RET[_*] common bits into a helper macro. Signed-off-by: Josh Poimboeuf --- arch/x86/include/asm/nospec-branch.h | 31 +++++++++------------------- 1 file changed, 10 insertions(+), 21 deletions(-) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 51e3f1a287d2..dcc78477a38d 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -288,35 +288,24 @@ * As such, this must be placed after every *SWITCH_TO_KERNEL_CR3 at a point * where we have a stack but before any RET instruction. */ -.macro UNTRAIN_RET +.macro __UNTRAIN_RET ibpb_feature, call_depth_insns #if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ - "call entry_ibpb", X86_FEATURE_ENTRY_IBPB, \ - __stringify(RESET_CALL_DEPTH), X86_FEATURE_CALL_DEPTH + "call entry_ibpb", \ibpb_feature, \ + __stringify(\call_depth_insns), X86_FEATURE_CALL_DEPTH #endif .endm -.macro UNTRAIN_RET_VM -#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) - VALIDATE_UNRET_END - ALTERNATIVE_3 "", \ - CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ - "call entry_ibpb", X86_FEATURE_IBPB_ON_VMEXIT, \ - __stringify(RESET_CALL_DEPTH), X86_FEATURE_CALL_DEPTH -#endif -.endm +#define UNTRAIN_RET \ + __UNTRAIN_RET X86_FEATURE_ENTRY_IBPB, __stringify(RESET_CALL_DEPTH) -.macro UNTRAIN_RET_FROM_CALL -#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) - VALIDATE_UNRET_END - ALTERNATIVE_3 "", \ - CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ - "call entry_ibpb", X86_FEATURE_ENTRY_IBPB, \ - __stringify(RESET_CALL_DEPTH_FROM_CALL), X86_FEATURE_CALL_DEPTH -#endif -.endm +#define UNTRAIN_RET_VM \ + __UNTRAIN_RET X86_FEATURE_IBPB_ON_VMEXIT, __stringify(RESET_CALL_DEPTH) + +#define UNTRAIN_RET_FROM_CALL \ + __UNTRAIN_RET X86_FEATURE_ENTRY_IBPB, __stringify(RESET_CALL_DEPTH_FROM_CALL) .macro CALL_DEPTH_ACCOUNT From patchwork Mon Aug 21 01:19:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 136331 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2815468vqi; Sun, 20 Aug 2023 23:23:48 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFYKlbu7u+QZ1WikG2uWIjSZSmG7e6jGiVcVw+V7JQde+YFfMDyP5UQCa7rh5ojp3g8JH/P X-Received: by 2002:a05:6358:63a1:b0:139:688e:c73e with SMTP id k33-20020a05635863a100b00139688ec73emr3450229rwh.32.1692599028221; Sun, 20 Aug 2023 23:23:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692599028; cv=none; d=google.com; s=arc-20160816; b=GYUJqGOcqDwRZFWC+2xuhBlXwaEPEzWBUtGNQBCZ9viuIeBCejmdaNkYA/OBmyqrWj xnhRdlgB/TSVl9xaVQ0MPweX6Bx4py5w6OujfR5yS3LS7uG7P0E4NfxXXvGAr1qxdN+u 8iDv0u+MHTeD7CdONYp9BgD/ps/76sHcyMTqKGlTCn+BMsz7ZG3zkEXi3qJnC84KLR6b Dwp9mLZPenAqMD+a5j64n17TByPoipGor1w9Yquj1qnnWZbnR2oLSItavXYqf9tucCoz 12pO70W747Jc5bTTfaJ88Fb8xNs1/mwUSOl3ia0JD/dSHrQxeJpCF3z6NlgzEEUSoTA7 JK0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BoxTIOjbJkF9d/QZ7D5VcIG1YBivXuklsKePLau3a9o=; fh=1KVrD/LnRsN9N7k2d12iARV4DA2tVMW012QtKSrD46c=; b=Gw3XHGXc+A/KAOGHbXHKNOQG7/MbnG2A3OnL6nKl42YO+u+Vm+YSCFzIatecH8qxph cI4Ph4oqCD94WUrfYv7iRWsvc3GVXxVqPpPKzS67lCSBbqb5IwOnVSYt1cfVkvhAJmuX dGfcYS2SLzEv1FEk+py1nTBOePkwrJ+yEg+PnQgYJh/gWuATQ9n4OjELLGC2VJO1npfx tYreGsOmY1XaiOJQs+vEzVWVQa25MqaQdeFUnqZsk6/YARxKyJB36h3zd8ImymDNkcS3 IWfeyGxShm21DNmbnk5HLr9y22u+dEw9Nw+3frGyIlhGoHtNYKsAUyjNrG7aHSyPd00N XNHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=hgZ+MZWK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l192-20020a6391c9000000b005653cdf7118si6023474pge.401.2023.08.20.23.23.35; Sun, 20 Aug 2023 23:23:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=hgZ+MZWK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232421AbjHUBUQ (ORCPT + 99 others); Sun, 20 Aug 2023 21:20:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44916 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232419AbjHUBT5 (ORCPT ); Sun, 20 Aug 2023 21:19:57 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 64F52FC for ; Sun, 20 Aug 2023 18:19:41 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id D66FB6268E for ; Mon, 21 Aug 2023 01:19:40 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D656EC433CB; Mon, 21 Aug 2023 01:19:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692580780; bh=qkJxCGkZPlZlG/BJ/AajbqkIuFwM6PWAkTDJOR+28gA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hgZ+MZWK2NryulPLM9PrOKBnFkY3uqEpDHiVYoKoHLJQcRXIKrFPLX0r2pZetKAH9 HtQZcSe3BBBrvXhL/pidiOB4ZyfGwSXIOhcFM9YFzKipw38Sa1xgKdXcdEwiNf1oac 5KY9S4dr/XYOE6XTZ8xwMjrpNtftuKgr+18FVB9k/1fWqDIV/jB6R3OL9I+4v4rw+l cjfd7YGdVoiOQreiFWDbLn6vdq7QfcA4ry1Q4yPIMT4WUrB//u9/BivH93MOdfPm43 a0ruG+IhYdMmv9pMWkcxBX4kAiJVTKy+7oKosmuTn1NCwKNY3X7f2QRpqQfuUf9E4+ P3fzAEk720UYg== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Peter Zijlstra , Babu Moger , Paolo Bonzini , Sean Christopherson , David.Kaplan@amd.com, Andrew Cooper , Nikolay Borisov , gregkh@linuxfoundation.org, Thomas Gleixner Subject: [PATCH 22/22] x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() Date: Sun, 20 Aug 2023 18:19:19 -0700 Message-ID: <1d7c2ce1c5723902389e0268042f1c98a8783c46.1692580085.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774818718462253416 X-GMAIL-MSGID: 1774818718462253416 For consistency with the other return thunks, rename __x86_return_skl() to call_depth_return_thunk(). Signed-off-by: Josh Poimboeuf --- arch/x86/include/asm/nospec-branch.h | 13 ++++--------- arch/x86/kernel/cpu/bugs.c | 3 ++- arch/x86/lib/retpoline.S | 4 ++-- 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index dcc78477a38d..14cd3cd5f85a 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -358,12 +358,7 @@ extern void entry_ibpb(void); extern void (*x86_return_thunk)(void); #ifdef CONFIG_CALL_DEPTH_TRACKING -extern void __x86_return_skl(void); - -static inline void x86_set_skl_return_thunk(void) -{ - x86_return_thunk = &__x86_return_skl; -} +extern void call_depth_return_thunk(void); #define CALL_DEPTH_ACCOUNT \ ALTERNATIVE("", \ @@ -376,12 +371,12 @@ DECLARE_PER_CPU(u64, __x86_ret_count); DECLARE_PER_CPU(u64, __x86_stuffs_count); DECLARE_PER_CPU(u64, __x86_ctxsw_count); #endif -#else -static inline void x86_set_skl_return_thunk(void) {} +#else /* !CONFIG_CALL_DEPTH_TRACKING */ +static inline void call_depth_return_thunk(void) {} #define CALL_DEPTH_ACCOUNT "" -#endif +#endif /* CONFIG_CALL_DEPTH_TRACKING */ #ifdef CONFIG_RETPOLINE diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 73d10e54fc1f..83eb3f77d911 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1060,7 +1060,8 @@ static void __init retbleed_select_mitigation(void) case RETBLEED_MITIGATION_STUFF: setup_force_cpu_cap(X86_FEATURE_RETHUNK); setup_force_cpu_cap(X86_FEATURE_CALL_DEPTH); - x86_set_skl_return_thunk(); + + x86_return_thunk = call_depth_return_thunk; break; default: diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 49f2be7c7b35..6376d0164395 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -321,7 +321,7 @@ __EXPORT_THUNK(entry_untrain_ret) #ifdef CONFIG_CALL_DEPTH_TRACKING .align 64 -SYM_FUNC_START(__x86_return_skl) +SYM_FUNC_START(call_depth_return_thunk) ANNOTATE_NOENDBR /* * Keep the hotpath in a 16byte I-fetch for the non-debug @@ -348,7 +348,7 @@ SYM_FUNC_START(__x86_return_skl) ANNOTATE_UNRET_SAFE ret int3 -SYM_FUNC_END(__x86_return_skl) +SYM_FUNC_END(call_depth_return_thunk) #endif /* CONFIG_CALL_DEPTH_TRACKING */