Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751391AbeAEA1K (ORCPT + 1 other); Thu, 4 Jan 2018 19:27:10 -0500 Received: from mail-cys01nam02on0069.outbound.protection.outlook.com ([104.47.37.69]:43277 "EHLO NAM02-CY1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751100AbeAEA1I (ORCPT ); Thu, 4 Jan 2018 19:27:08 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Subject: Re: Avoid speculative indirect calls in kernel From: Tom Lendacky To: David Woodhouse , Andrew Cooper , Paolo Bonzini , "pavel@ucw.cz" Cc: "tim.c.chen@linux.intel.com" , "linux-kernel@vger.kernel.org" , "torvalds@linux-foundation.org" , "tglx@linutronix.de" , "andi@firstfloor.org" , "gnomes@lxorguk.ukuu.org.uk" , "dave.hansen@intel.com" , "gregkh@linux-foundation.org" , Andrea Arcangeli References: <20180103230934.15788-1-andi@firstfloor.org> <20180104114231.GB1702@amd> <1515066469.12987.112.camel@amazon.co.uk> <94b12025-b27c-04d2-8726-c07a3af6b265@redhat.com> <7a3584c6-0c00-d807-5130-13d1f4b34102@citrix.com> <1515079777.12987.149.camel@amazon.co.uk> <1515082507.12987.159.camel@infradead.org> <1515096331.29312.35.camel@infradead.org> Message-ID: <0ede46c2-5e40-4364-7740-fdb8325ef1a7@amd.com> Date: Thu, 4 Jan 2018 18:26:55 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0102.namprd06.prod.outlook.com (52.132.96.171) To DM5PR12MB1145.namprd12.prod.outlook.com (10.168.236.140) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: de0aa47b-17d9-4889-5355-08d553d308ca X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060);SRVR:DM5PR12MB1145; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1145;3:XM4MbggXkKJlOA9B0u3O99z6yRKkLa7CkfeiuEMrvAtbASLd6p8UWg/W3HDd8cYbbB3lD0id2fJP9KQct55Ib7NCheOh3pmfFuekRyuN5hTsjDIjm17idrdgg6F6xOtiEyIotnQf9zrwr0Q/s0K0HkRH5uKIMusRfwWrd+DZJQWW4vybA34oAFDFEJSFhJNnQr6Ji53X5y45gw3LGkLTLz6iAo1/C77tkPtRY2a8aabY1+/dn/vn11ndLLPtiYys;25:TekQQl86tw6APjeD1BC0PMVBxIeqzfF+C9wFMXv7zLoAKI7Q8YekMk0aeuDJnWcYjf/ev0vR2jLl/J2Nwd0ckyWUmIt0i9pRiYW35DFeGCM0D2j6/T3QWxje95rwWDQ/PzDigYuoMSYhhjMODzFQKNUsrvmopGZo/UJHLAm7qN4+obrUlCWGxy2t1PydBM7Y3nO/3qoeK3E90GnDoqUlzJKQD8fg0tBhJgCFKFImIKV5Kxc1Lio2T70abCQUglxk2OR7KWIwUSg0/ei4Y42ieke4aYJKlPjhpjnygVNGVcTKS51/ifGlXD+7hx97EDQJD1Or2TwpQ/4E6WD5lqWjOg==;31:DufUhC498kqhjC+JHCgqo0zbUE1yspjLhA9PaFpafTQTx88r8RMV1juiqDeckNlR2UH69vUImqQkFOz4kGo6OJ53R7ccnNRZph+ePfdFLR8HFfp1Rz1gv1Db187ZYEY3WIxftybbWMV1pOLqEVsohf+NUkD+MKUzrS7HyDnKNkGwTKz3ixvje9A3nw0avsYe2uuEfI502w1btgWcfdM5pQBhLoeS+bnue2dpon8+NIA= X-MS-TrafficTypeDiagnostic: DM5PR12MB1145: X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1145;20:bHWUsONQhtsQ3fnLJuLKr1AwEp+NrYJaAYJn2QSi62NaJzhaGYWBupl11CWAKy7kqsR+Rg4QZVksuQYfDAw1lM3UZrVj2WYVq9kVXZc4n5Gu9t/mn+Q9uaKYm0HkXu1Jt+W4cc9ueLgcEzeSADZH3PA267IqO/eVWqkC+xYdQSE4N5On/qTMrC8LaPyC8mE1Pg5PeCLABbI7AM9WAkAQdaXrDBwEgI6s6OpSwN+kxhZpRtZsxS/PsUo86+I9Wu+E0fRFr178AuMdXtxPJousPsbuDxcD7AaHHnh3anz2AKXYtkN40tpBLde7MK5KSU9OPD7CQXaYAxCuWi04L9FFe6HULI1nkPx3S+mOAlZcO0tiKjxHGiFnDZmEz2SyyGRCqM8TR1dQ7JSCs1ZZPRgtsTrRxjcLz5tial9GFOjtDgyk5slwm/eSl2MxXDt5dZXD9CN7UnwEFw9aSQc2kHf/UiCtfFmXr5HxtRg+V2B+lPoDKAPRZXpAl+4fEgf0ZT0f;4:yBrhbu/SP9l3DOawW7X8rCBFAdu6wazvnQj/Tb7zCEQ/3U5TcdCZhG1A6yg6o2N7qNmFhWYjhQ0v2PxTghoapgIrQs7NHmS8DmZuYW200Sx6dlFXNqsFjJ4Ghr0tcbHzSrEQP0tLqqbP3ILZUcHf9wZEVv+t8WNZEYnJYnFrgHgaqCdTnd3pCVyJhZdn5KlOqdvPyofBwvcS5DUKS8h2f/sNQcsek5Du1UYgt6b0iJKqvKGA5roxY0iSdzf80GXBfjQfv0Ttot2AbCiyWeEjWX+/53gpeeXYbo23scNfeYj6dLvNZUDtw4NjS2tx1cj3TWytq7AFIFA5Qfrq0dKNHg== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(146755900322472); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(3231023)(944501075)(10201501046)(6055026)(6041268)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(20161123564045)(20161123562045)(6072148)(201708071742011);SRVR:DM5PR12MB1145;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:DM5PR12MB1145; X-Forefront-PRVS: 05437568AA X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6049001)(346002)(366004)(39860400002)(396003)(376002)(39380400002)(377424004)(189003)(199004)(24454002)(6666003)(52116002)(65826007)(6246003)(2906002)(36756003)(386003)(16526018)(229853002)(2870700001)(53936002)(31696002)(31686004)(53546011)(86362001)(23676004)(2950100002)(59450400001)(25786009)(90366009)(76176011)(2486003)(93886005)(50466002)(65806001)(3260700006)(966005)(4326008)(478600001)(72206003)(5660300001)(110136005)(64126003)(305945005)(54906003)(47776003)(6116002)(8676002)(105586002)(83506002)(58126008)(8936002)(97736004)(52146003)(106356001)(7416002)(65956001)(2501003)(3846002)(7736002)(81166006)(77096006)(81156014)(8666007)(6486002)(66066001)(68736007)(6306002)(16576012)(316002);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB1145;H:[10.236.65.116];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTVQUjEyTUIxMTQ1OzIzOkttV0pSTmxPVXRlYWNZQUJqb0RXVTd5Sk9o?= =?utf-8?B?YW01N3R4c2U5ZXBJakVIcW12SDBRNmJzY2h5WGFYNHZleU00a3N5Y2NFYW11?= =?utf-8?B?ZTFDWndhazVxRjJESTQ2N3VXZEZPdGR0djNLYkpjQzl5ZEhaYkQ4NTc1akdm?= =?utf-8?B?aE9ONXVnTHNFZWNNVDgwa09TU3B1WmxOdDdsZEU5S0drbW9GSTFLN1JRYitI?= =?utf-8?B?YWxDUnc2bjZWL3Fyck0xQXRCZksyemRRTlZBUFBWUTl4NkM5Qm5HVnVSYkt2?= =?utf-8?B?OUlGMEorQjNtN2Exa0tsUHlhUTRJdDUvTW5KMy9MOGdvS2diVkQ0dTBFaXho?= =?utf-8?B?cjJZeFZGengwaTljbHhFUmIvb09MYXZCdTZGUGR4S2dxYTVsa2RmSGRnaVNu?= =?utf-8?B?VXpOV0VFclQreStvUitVTng5QkVoano3ZDludGUxeGZEbUNWQjk2K1FYZkFp?= =?utf-8?B?OUU4eUFydXRMZVN6Y1E5ekJEbktIN1E5TmNSM3FRZU4ydEpHbWZLUnJTM0Vx?= =?utf-8?B?SDZqaEFvWmJnQmIwVitKalhiYTgxVlNWYkcxeEhsc01JcExVdiswVW9qbFNM?= =?utf-8?B?UDJaaTlPazE4OHFQT2tGWlhIWHo5UnVKN3VacFBIcUVZcnl2OUF3NVBYR1Ja?= =?utf-8?B?M3kraGZ2Y2hYL2xHSUR0MEZYOWJCZWx2VEtnY2NBdEo2L1lIMXZaeEhqOTJp?= =?utf-8?B?WFVVY3R3elhNb3Y1VGwxSnZFMERaLzZ5UFBXeHV5NWFBZXgzZ2lMRHNvcjMv?= =?utf-8?B?R3VHanZaZ05xT2UxTkgrUzJWWTQ3eWxPYS9oY2t3T20waCtRdTc1bkNnM2Nu?= =?utf-8?B?YWFxVlp4K0VjQmhSOGNQRnM0NWF6QUZiS0hQRWZoVHErOWJvanZsSW43QWdu?= =?utf-8?B?WndubEJSYVJBMWRHM3k4YW5CNFRVc0lpNTJjNXNCSjNSSlZYZzFyeTdZNDNG?= =?utf-8?B?dU5kZHpsYzRCbCtSNzJJS2pIWFNGdlp3YkNTVEYzejR1dWNWZFI4eEc3di9s?= =?utf-8?B?S2JoeXplREU0cDdQQW9va1c0RnZkMngwUmZ6aXhjaXprdFBMTEc3NlR0MzlX?= =?utf-8?B?WjJZOWozaW1hTEMwVGg1cDlaQ29Hc2RJMnUrUWxGOWlLTlZucHZzZlp5KzRG?= =?utf-8?B?NE5OWkdNS1UvVitCekpoNGNRdHE5NTUxamZ6TDhMUmRGRTNvR0MrbEYyQXZp?= =?utf-8?B?UDJ1ZXFhZ0k5REJXYWpCNXZIY0xWUjI0anVaR24yVjhLTDFHdUptaENoMW1D?= =?utf-8?B?RHFMT045dlBTcG1Oek5ZNEpSamNpZXdtTlkrTG05aUErVkVPNk5ER1Z6a1JH?= =?utf-8?B?NDljQWdQdkJUNEtCczNMZ3NXa2kvR0FXVTkydk1WQ1pJWnRwbTNaVkhjbTZi?= =?utf-8?B?SUhNVW5tS1BxWWVPVXpqSi8vY0dVMU5HcE95OU9vSi9NWGZmU2pHQXU1cjls?= =?utf-8?B?aGh5TjA1cUZLMGNuSjkyOGQrdG9xRDFnTGdwY1hNazAwVkdJbFFPclpzR2Jy?= =?utf-8?B?YytZMnV4VzJxQ0E5MlJwV1pRYnZLOFJTRGZzUjA2SzBZNnNKdjlXd2Z3dTE3?= =?utf-8?B?d2tmcTU2b2c5eVRkK3N3ZCtNZXRtWi9LY0FSNVlZYUtaQlBPUDJIYk5QcFRq?= =?utf-8?B?VTBXalNJWnAvM1ZxRVNSUC9ScW9mYTVGSk50dCtlclp2YVl6UkdvZm4rTTI0?= =?utf-8?B?THB3cGYvSjFQMVBSWGtGN0k3Mk5sVDgyWE9CeDM3a1FlSXBoaWNEc3lpdk5F?= =?utf-8?B?V0gybHBQdDFaMUZ3R1ZnM2ZhOGFpLzJnODVEYnFITDNFQkFBNHVWK3Q4TVpC?= =?utf-8?B?aEpFZGpPYjdBZlJFVnVKRDhKcTFjaWhua21GdlVuTVdwY1ZidVBXRzBFa2Ju?= =?utf-8?B?Y3B4cGEvZkJwbE5yWUtjcWZ3M0xBRUpSUFdGYjFkODY5WXF1OE1sdi9XNnNs?= =?utf-8?B?S1dFaldiTkN5c3hKR2xxNExIeFBhUEUxdXU4YXBTWFRNQ0F1QjVBMGhUNVVq?= =?utf-8?B?aVdoSWlHQ2F6TGNXMXpmeEFxWTJVb3hVd0JncW84VFlKdlN0bklRaDBGQ0Vh?= =?utf-8?B?dTBnaFAvME05NVNxNVR2TVBwRTA5WkU2MFVBdGtZVVFiaEVlcDZYN1dVMkpZ?= =?utf-8?B?R3dRWmxJRUs5aW01YXEzRVVyNmVJWkpueHFod25xOWx0N1FMb2xEZUJDekxv?= =?utf-8?B?aFQ1Ty84U1RyalJsdHZWS21aa0tRPT0=?= X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1145;6:rgAV9ruWDL+JBMKzMPFgJGGGCb9kodkhPGMyLZs8sWJw5FsN1/fpEs5qdBaXw4JaYbxJSI8/cNnlHfRElihsI//JHf6LUO39cFgdtaGugmnDrXDFFqsysmt7czzkuyMFpqE9gWiHl+2cYnDLkcookoTDV/24Z/I6BOE7dhFkC0iHRxt93P4mCYaJFPqH8KkD2aK7BJOhirOVBdeF4INhEvwZQWq6XG2pfHlrNnmw2N5fQc1Fhp8O7EniIFuqYginRFM8G8Ysu2VTg0LpKu4eXHHJzI+PsJSD+v39/GPCFb002q0a+rJFz5cyyIjwujiB6hkImRNDLTYDf5dEYgNc+PJAebqKZ6nUWNhxH9O7YBc=;5:pT4ORKLLmsDJRE0F6RdOZU0k7RSiZJS6F/IYaOkvb2nqYRIvkIcod406dq3MEOHYQzTj1Wwhi1EJI3v/p4YRMaZPrMF1GMa05y+fKJvrPergwoP4uXcfMdeyG0g+hDo1+yiQOyaZgUBYiLsvI17/BTxQUBwBXcaLWm/4QFtuYv0=;24:4MGMyXfXhEIvcqKDlIBRABIoGhIqt4yzawwtlpYiEMUC+e1WpsB2sj/odEX8rjliZJ2rqVFtCi4iZAhmeU/tTfJPybrkcKXie9AcmQ9B+pM=;7:rTHgQSrlZ/5Urr+ngvau043G2fSs5SwNWUeCdXKDPxl1tqJO1oWZmHgusIsFW8SaZUfPENW1axzaQloraEtao5EP1K5XHhri/rc1+QrmfuonkoWC8nr0AzPy2bye17JDn7QwoSLfUIIBIw2iffTDZvLfMwyq3kE0gADc3oGcOj92myIVWEg/Myzt+tbGw+yS6c1MGEfBgW6+8/Qob1UU5txpUrxsmm+bv3HJfCTbDHCQJkCX0hW+YKyd7dC/jnzz SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1145;20:9ZXakNZ0il82EG4fR6JRR8PS3Sej8ePZgfknlwNwKBp7Zu0t0crzYHl/nki8jo8lMSphuHocXUVGUA+e4dC+8YkMg2PxLQL6c4Mxumkzn4BGyh4C/YVpLiMn/PDDI2LE73E6J1xJI8s1n5bESTGa2xFhVXZsCaxFJekzLK4iBRmeXsRO5OpIn5KVqXjJS5FpPyQ1Xy8AC7MT4cZWCvuHK7CJx7bVxQHrqzuT1kF6rRK4XX+aJz50mqmjnRs6bi3z X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jan 2018 00:26:58.4725 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: de0aa47b-17d9-4889-5355-08d553d308ca X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1145 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On 1/4/2018 5:47 PM, Tom Lendacky wrote: > On 1/4/2018 2:05 PM, David Woodhouse wrote: >> On Thu, 2018-01-04 at 14:00 -0600, Tom Lendacky wrote: >>> Yes, lfence is sufficient.  As long as the target is in the register >>> before the lfence and we jump through the register all is good, i.e.: >> >> Thanks. Can I have a Reviewed-by: for this then please: > > Reviewed-by: Tom Lendacky > > While this works, a more efficient way to do the lfence support would be > to not use the retpoline in this case. Changing the indirect jumps to > do the "mov [rax], rax; lfence; jmp *rax" sequence would be quicker. I'm > not sure if this is feasible given the need to do a retpoline if you can't > use lfence, though. > > Thanks, > Tom > I do need to send the patches that make lfence a serializing instruction for AMD. I'll get those out as soon as I can. Thanks, Tom >> >> http://git.infradead.org/users/dwmw2/linux-retpoline.git/commitdiff/08d9eda03 >> >> From: David Woodhouse >> Date: Thu, 4 Jan 2018 20:01:53 +0000 >> Subject: [PATCH] x86/retpoline: Simplify AMD variant of retpoline thunk >> >> On AMD (which is X86_FEATURE_K8), just the lfence is sufficient. >> >> Signed-off-by: David Woodhouse >> --- >>  arch/x86/lib/retpoline.S | 2 +- >>  1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S >> index bbdda5cc136e..26070976bff0 100644 >> --- a/arch/x86/lib/retpoline.S >> +++ b/arch/x86/lib/retpoline.S >> @@ -11,7 +11,7 @@ >>   >>  ENTRY(__x86.indirect_thunk.\reg) >>   CFI_STARTPROC >> - ALTERNATIVE "call 2f", __stringify(jmp *%\reg), X86_BUG_NO_RETPOLINE >> + ALTERNATIVE_2 "call 2f", __stringify(lfence;jmp *%\reg), X86_FEATURE_K8, __stringify(jmp *%\reg), X86_BUG_NO_RETPOLINE >>  1: >>   lfence >>   jmp 1b >> --  >> 2.14.3 >>