Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753112AbeAKAON (ORCPT + 1 other); Wed, 10 Jan 2018 19:14:13 -0500 Received: from mail-sn1nam01on0063.outbound.protection.outlook.com ([104.47.32.63]:54144 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752521AbeAKAOL (ORCPT ); Wed, 10 Jan 2018 19:14:11 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Subject: Re: [PATCH] x86/retpoline: Fill return stack buffer on vmexit To: David Woodhouse , Andi Kleen Cc: Paul Turner , LKML , Linus Torvalds , Greg Kroah-Hartman , Tim Chen , Dave Hansen , tglx@linutronix.de, Kees Cook , Rik van Riel , Peter Zijlstra , Andy Lutomirski , Jiri Kosina , gnomes@lxorguk.ukuu.org.uk, x86@kernel.org, bp@alien8.de, rga@amazon.de References: <1515624682-3556-1-git-send-email-dwmw@amazon.co.uk> <1515628062.22302.278.camel@infradead.org> From: Tom Lendacky Message-ID: <15e712cc-3bf3-bc85-7ed4-caeba30a26a4@amd.com> Date: Wed, 10 Jan 2018 18:14:04 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <1515628062.22302.278.camel@infradead.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0100.namprd06.prod.outlook.com (52.132.96.169) To CY4PR12MB1142.namprd12.prod.outlook.com (10.168.163.150) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c07b5549-3198-48ad-2e6e-08d558883c4f X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603307)(7153060)(7193020);SRVR:CY4PR12MB1142; X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1142;3:TU+4zru7+KWomy7tpQLHaPVYSU4ZMd5Q2m9fmtmOTpIQGNE2Z3Wz9WM1ETNjmw7tskTB2thRdkxmi3v6lRt4YYtVKpLWuN1I9Z6Asxg9bqrR5yXRG5YvSLqN6cZEYM3gNx0ZR39HDsuJXpvNRqOrE+ntL0Q8Wij6236KA2fIRfYvEROuXPxDiM8dmw/ASweWKcz3ahFjC/XKJKdssaC94CWC3bHg37vgTw9a5UEAeJHhRx/H8AAzTR0Kdnh/ZB1i;25:9ddDpTGjpNqlBaW5Ahdb1a77RrKXuyGH80IRr0Rge4OlA6GzmbrzQ13ua+deoY/gYnby2bNVScZWKHgil3DlIEywiTfR7O47CsTMw9m8wVsj9p2YM3RcYdVMCDZRJTwh9bDtBhm5WX2d2QuwL3cNN9QnHk43vAeQ51t4h5p1mnvJEKophY9iJQSCyxSkfip/CvKp2wnsNVZ5KHdjt2jw5Of/32GpMQMzgrrmPimKTfJO321Fdu6JDUKSw3pKAM/STcb7m0P04HNCzalGuD0rZkuws3cJBBYD9cG9I9illZNL8KF8nq4GDKMFVagb3yN/sAdYrUKYcIrzXBxy04vW3w==;31:L/JlBmJ65Kveypqawnx8i5L15GJbS96A7l4JG4FBnyf3vgVh9IBDIX/h7J6X6UH97PECQLEuYgR7qWBA4DA23Nyh3wg32FrJsTQw2iSynXTS+TIZRw5+ZM/zfxIoXk11jitgTdzg52qB+VP+gHL4iW1eTZPPlYfK3NqtpBgPfBb6NnyJMRXvME4Bw3U93+tpgdFGTFRYPOohR1t1clMa/jHlBxIhrK68PQWi6s5CimE= X-MS-TrafficTypeDiagnostic: CY4PR12MB1142: X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1142;20:jR/Ob5wyP69EYL17dIrOV1YMZRD84XlK4O5Jl61YP+ilG2z2dXN8Q+fU/WdL0a5fgDYFqCghRez3i8Ia+orf7B7Tc+uhUXZSKGklDuxJykiEd1pQPwU8m84AWZG79WCpeaux7PslRF++s1J7CDTmDlsuP3wwcRvc6GLjoBkNDQenU6tVDEYuZcpQ4JtISQl3vRIrTGvFHPzayF2QDWUgGTPopiPB1tLjmJD7e5it+No8hj38atsG9lhXvAH5NBiHm5CWJIWHEO9UAZ3eNIikdJw0/rS0eml10bHYnKcwf3yodr36fcUvuR8aHbJU0Jk+KKPdOo+ftH0c0vIP4X/GMbyIhqxjO+tAb68SkSGYBPug9r1xvkN1hh27voH2hFxVs3SBKUVURR5w1szY3z/tcZsMvbv70m7fvWQ7mjqc7yi/FIcYnV+rIxrPwJi/NCZuxqDiOpnnf90oweIyLaUrxV6LSuKLu6zvGZersgzOZVrxdnaG7cms2hXw/W3DPiDl;4:odXk0Z7TBawaYJ9WqY02djs5O6l3DHrvCelXtsbXC9QXiSB7E/YA4FHUjAxC1P+FEBdypL5/J1zroP2tRLfnEjC6qDPdUZWZmERAy2KPHyePn05U/zMAVaWDfMX3oAilREv18dMGc5nKAqT4XBvTIp041Hj/Qa+w64JjSx+ZRR3XNo3hYCHA15HgtE6Cw3xEJqwDHLsV/NDpGy/dYI7rjU1j+vxzXMLpqrphC+4gMwc/7TFZ+k/Zpd/QmA08uebxE1/CLEr1DvdX/K7JH1oE0Xc2z1srWYIXpOusd1sZ27ty6lLrrf8ZtatiN6snnS6oqIpzYPKVy315F+V7DS0tFJ6RgLj2Ut9BY0+ENyVf1Rw= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(148501403981450)(146755900322472); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(8121501046)(5005006)(3231023)(944501075)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041268)(20161123560045)(20161123564045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011);SRVR:CY4PR12MB1142;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:CY4PR12MB1142; X-Forefront-PRVS: 0549E6FD50 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6049001)(376002)(39860400002)(396003)(346002)(39380400002)(366004)(24454002)(377424004)(189003)(199004)(86362001)(6246003)(8936002)(81166006)(8676002)(230700001)(81156014)(4326008)(53546011)(3260700006)(25786009)(2486003)(23676004)(76176011)(5660300001)(68736007)(52146003)(386003)(11609785009)(6666003)(2950100002)(7736002)(97736004)(52116002)(305945005)(65826007)(16576012)(7416002)(58126008)(478600001)(90366009)(2906002)(16526018)(6486002)(316002)(31696002)(229853002)(77096006)(47776003)(50466002)(110136005)(36756003)(3846002)(65806001)(66066001)(65956001)(6116002)(966005)(54906003)(6306002)(105586002)(31686004)(64126003)(53936002)(72206003)(106356001)(83506002);DIR:OUT;SFP:1101;SCL:1;SRVR:CY4PR12MB1142;H:[10.236.65.116];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTRQUjEyTUIxMTQyOzIzOkc3WWtRNjdGVkZBVjhyZktkV3lPbFVzdkVx?= =?utf-8?B?OGhyZzhDZ2RVSkRGZDB6RjR1QnBLUU03NnE0Z3Fham5CQzV5OGwzYVVUdS9O?= =?utf-8?B?N3N1UGZrQTkyN2oyaHlVZzVSZVgwNndZTmt3WVZQMkM2SjFRMmIvNXBkK1pY?= =?utf-8?B?NjNJVm5EUW56cEV6UDBwWTdIdGpXOHlTVzB3NVN1ZUtsOFBQbitZNXY2YUtx?= =?utf-8?B?SGFvQW5PbHNHa3gwSzFQM1VrNXVPZFJTNlNmdlRVVWhNaUtKSWtqL2xSRE5D?= =?utf-8?B?M2ZJMkhIa1VqazcrQkFvQWlCbnpqMlEyNVFPenM3aTVWU0ZSbFZCb1hpUHlv?= =?utf-8?B?NGZrMFM4WXJkcWJFZ2J3YzdESWNYNWFHNndULzhaY0J1UmNuQWordkpGSEJL?= =?utf-8?B?b2w4UEl3alkxRlRlV1N3YnVGRmk5ZktpeE5pNXlNcnNRdkRpTVFxL1Y3Nk5Q?= =?utf-8?B?ZlRHbXJjQlpZalB6MytqMEpNWVd5U3gzYm01VkJKRm1xdUFSV3RseEpKajU3?= =?utf-8?B?a2RTcU1aZkFsTkc4WmZ0RG9ac1EyNTRpanFNaFB0Vy93dllEc0pNYWFMd0Fj?= =?utf-8?B?TlBvNTFvanBET2lyRUZoLzhmWGxxVmowMjNpSFBNbWU3OEJDRFJ3b1U1SW1J?= =?utf-8?B?Um5SRDl3c1A1WlRPQnMwQklYZi9aWVQ4elkwUWttZ3pQTnM0ZFVJbGEyWUZ1?= =?utf-8?B?YjRNQnFCMXhDc0FmTng4cURRdVZJRkZOVU5lTW5ReGwvSnVXWWx2K2VMUmM1?= =?utf-8?B?bXR5ZXkrMDZtYlhEZW16M0JOUFBSaS9sK2hXdXhSTmVyODVyc01leFBJKytQ?= =?utf-8?B?TmJLWUJUMm4xL0hqeXJLdEIzVENlMFZSYzNXZmNwU29nQi8zbEVxMHFXRWpy?= =?utf-8?B?ZEFZWjJJd2xXMi9LMlNsVEEycHEwOEFSMlNVdEtOZmE5clBRK2ZGQXFib0M5?= =?utf-8?B?ZG1jYWltZjhZNEJUWnRKNGZXaVlUSU5DR21aeHVjenVReHlXWFBtVXo0aTh5?= =?utf-8?B?VGJrbjVBT21hazQwOUZXeE9RYkpabVVNMUd4M2FPWnp1R1FuNWdDQ2dQc25o?= =?utf-8?B?bWR2NkFrUkNiQjFDYmpuUVgxSFhCK05nekpnU2tNUkx1WWlzLy9ZaEo1YmR4?= =?utf-8?B?aE9jb01qN2FpRTlENkwwYlNZTVp2SzJnY2RqTi83Q3ZiaWZnRFJMNjRBYzJ3?= =?utf-8?B?WDJmYTNKZmVhZjFWa3VUbWpHZXpoQmZyS3cyM1dBRXZ1L0JLTmJpZ1RJd3pm?= =?utf-8?B?SkV4ZnNTZnROdE5SeXpycXlQMjM0N0tEYzBXb0xjLzB4Szk2WU0wM3ZxMkNF?= =?utf-8?B?aWxNbEZaOXVLZ2tERXNMeE0zZkVjYkVuWmsvL01xbVVmb28yN3ByQUNuUTE1?= =?utf-8?B?bWMxZXlRbVVyN1lWSldnbmw4ZEo4YXlVWFN1S0d3LzBpUnQxekxNR1o5SDUw?= =?utf-8?B?RHJSZmtGQW80UW43LzgydmR0elVrNTNtUWdOdHMwMjEzaHlPMGdUVEh0dFE2?= =?utf-8?B?cDZSN2hKbGJWVzdxQlNJTTFDS3Rqc3loV3FWWnFmTnRCc28zMlZnckFFTnBT?= =?utf-8?B?WVJJbnVTb2dJb2xyWHNhWDhpM0EwWlhoNE4wTWFOQUc2akVZZ01MK0ZibktF?= =?utf-8?B?dG1XeHJLRVM0TTFZdUhhQ2RyWmVFRHRZL25sVTk4MW5YMXdtZXh6eTJMMmRR?= =?utf-8?B?WWdrU21Fa2xlZk42T05kd0NpQXhwK1dHa1ZxbWFtRGJRL2ZyY2xkN0daaXhm?= =?utf-8?B?VmVjblpZb2Fvb3hFT2ZBVWlVeW84K3AwZkIyS2ZPMjhSN1pCNXRtamw4M1JU?= =?utf-8?B?REszZ2F5S2x1M2NIb1ZvL01LSHU5MVhRWHZFK2hPMTM1eFl0V3ZoS3l6NmhE?= =?utf-8?B?aDZoR004eEtKcE5jUlpsdmRXY1FzL2o2QUcvajFUNEZoTDRkV3BpZEN5YStS?= =?utf-8?B?NzNvT0hDV0E5a1VyR0IzUHhrSnRoTnlkUjAvejBrNzVlSXBSZE0wZ09YZmJq?= =?utf-8?B?aHM4em92Yzd1dmRBaUpjTzJNbXRhWTVJUVgybnQxV3NGZXZBYmZ4R0ZwOTBP?= =?utf-8?B?RzNQL3B1M05od3lMZUt3SmxnZlF6SnBUbzFpOElwSk9CdUZQL0huRzFwcnJQ?= =?utf-8?B?a2c9PQ==?= X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1142;6:80U0luId9Sr7dMjmzD0+mUWLU1lB17ceppi2tq4CyQzFrRFNJ16/1tC5mh2dc6bPamljw1E9MH3Fh2BHQfNe3Jr1Mz8FGL5n+zI9TxBFx+PXln18UY3HlwO4T/2E4h2MPhmxr0k+N6kz8HHruhmotPHxPTUeRx1ID4sVR3f3NrCgOKxxUuAsBFoN1shpArwqqiV2o4J4NTKsX+DkYGbfCRXMn01/VC/O4elq2/lqAOlHe929AAXDJebk4G25wyixR4lRvVp5QXjOUUehcfi6ZcALW8ksOpIrnwIzb/1DpD72FECOW4AKY1Gyhd+i6PIX861HrIZIPlpwAXd/5P37x81+anOtlRYS9vd3uNTEkhM=;5:jmhh5vAYcJvDGlqpHEh9TE37YO0E3G96FwL7Zy9mPPoMvPRu3UWNGcHuqBb54YuIEGfTdrZJttKmQROunpagGi4EpzAQXhVn2HSaSBtjKAORYIXuMYw2FqQdQWSfgvyaZR1gvC5/Ys6+qMxBrZwYZDTtF2glhucrNxV2tnV3uYU=;24:SbVhM19MbX/VPy4HXqYjl8RKGZDLMoherhQc9X4ELPsCTaMs/zrc6cG+XF2sBpxFLJegQqRuNWCrm4Aq95ZWbLT+w8nJJLThsNacw7YhI44=;7:GeurHJ/GEZxNBA/pT9qbAElcmDnPTT/uhlCvSKRoxp/4ecA3T7eK21stdSpLb8gZrRwOUo5EapCWtd+wIfjW29iYsBQG2Xu7Jorv5G+mHBjDb9hGgKsGq++6jMe8lJ3w7L5e2UxsE2pRD4LyZw0k6PcXQV8qYEOW05SF7EgZDOvi/GRzTaeDMWsvk1j3+ZgejCW7Y9KDlD0jAkpqO6pqZZGnz7NHfqfOQ/O1Acd/uxfSLhNs6M1InP8RPKkpAso6 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1142;20:5EZz4MGZY+GEDTMdPdzuIRlrBh+odBHNBEa6KeTKin3VnENmNT8yOj9rrJL4jgUA1aSN+kvcCgvMR2F5fFRSLlN72qfrmEgXicKQjjEI+Jp/X6O2tcKwrC5XY3fqlM/j3btIYMYOm1SILAbWrNQvjgDq332LbijolywhYdAvB50J5Y7h1JCOmB0KDM+5M76rpRRKNMhz2xSKrbIz87g8RUX1TtnpYROwy8WCJYOQJNr1WWufdBSKbOxz0mbvsyR6 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Jan 2018 00:14:08.4661 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c07b5549-3198-48ad-2e6e-08d558883c4f X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1142 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On 1/10/2018 5:47 PM, David Woodhouse wrote: > On Wed, 2018-01-10 at 22:51 +0000, David Woodhouse wrote: >> In accordance with the Intel and AMD documentation, we need to overwrite >> all entries in the RSB on exiting a guest, to prevent malicious branch >> target predictions from affecting the host kernel. This is needed both >> for retpoline and for IBRS. >> >> Signed-off-by: David Woodhouse >> --- >> Untested in this form although it's a variant on what we've had already. >> I have an army of machines willing to do my bidding but nested virt >> is non-trivial and I figure I might as well post it as someone else >> can probably test it in less than the time it takes me to work out how. > > Now smoke tested with Intel VT-x, but not yet on AMD. Tom, would you be > able to do that? Yes, I'll try to get to it as soon as I can, but it might be tomorrow (morning). Thanks, Tom > > >> This implements the most pressing of the RSB stuffing documented >> by dhansen (based our discussions) in https://goo.gl/pXbvBE