Received: by 10.223.176.46 with SMTP id f43csp163085wra; Thu, 18 Jan 2018 15:30:48 -0800 (PST) X-Google-Smtp-Source: ACJfBoufN166jir3JZ51ZRg6xJJ2gXk7cUHbDxZMYTr2vxt0DtF3R0d4xwMMSUIinL1S+7K/rOAB X-Received: by 10.99.107.129 with SMTP id g123mr20286618pgc.356.1516318248817; Thu, 18 Jan 2018 15:30:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516318248; cv=none; d=google.com; s=arc-20160816; b=o4g0f9IQBE/p34Y6yMTmi/SBpc6WMNmw7gYo87f6WzYj9JhJXaDve2TXwzpOgSxQ8H mDEiOE/5LW9PuXJUYWf/1FCAo2/pC9ZUJjcVDVrRXqVi2h/XLXsldzrk+b+Q67PpfKUW bp2E0pqNqMmW/aEovaTb9LcDITUGv57HmVOhaYT7nnDUlKxHhfZJREMcKmnoao5YgN4y ZHt7jdo4HuCMZjlsrsBCkbQBF2h/NHpXLi3WOj7AJBkjo0jQlj7NcSD9YxkDdC3nfnub BTJXjrI39HRUP5puqnEacA08MflmTQJx6Qh88P029SK7V6p0e6fA8T5TgXxUOweLekrZ IrCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:references:in-reply-to:mime-version :dmarc-filter:arc-authentication-results; bh=GXDajdc7NfAblB9LGAUAEf5ZDkWVoeGt2Buf6hyw5rE=; b=qcEfmj3tPqfVg5MwbiNeyv7ey3H2DnvS2kS5fEX2BB9ph7dUHkef94PCPEvpqBZZ1Y d8nVjk/i+7cZXpZsu0jf3oYnFzQetfWc1WQZMoDk885cg7j1hW7Al2GsJmRyj4okt1DO Po62qa6xSmPnX5wdMBozspqlU2+KZT2goIi+pLRKlzsApt1mfJZ6wKfku4W/1qFylSFO 7V9iHUsqwySqePNPhWouXQtZimzIBhZhlOXpCyQ78iSAHdX0p8kWsjj59nzl/dk9xkhD REy6Asyu/WlTYc1Ha/TNNeanSTSlv1mrNcH+gwG62O3bWb/A1yVezORnHcO9128h7ZlF nDQg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b10-v6si297724plm.74.2018.01.18.15.30.34; Thu, 18 Jan 2018 15:30:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932645AbeARX24 convert rfc822-to-8bit (ORCPT + 99 others); Thu, 18 Jan 2018 18:28:56 -0500 Received: from mail.kernel.org ([198.145.29.99]:34560 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932166AbeARX2v (ORCPT ); Thu, 18 Jan 2018 18:28:51 -0500 Received: from mail-io0-f174.google.com (mail-io0-f174.google.com [209.85.223.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 08F3E2176D for ; Thu, 18 Jan 2018 23:28:51 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 08F3E2176D Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org Received: by mail-io0-f174.google.com with SMTP id 25so278396ioj.9 for ; Thu, 18 Jan 2018 15:28:51 -0800 (PST) X-Gm-Message-State: AKwxytfu+YcTWb4FG2UhDPsRa9enKAFl7WavtjfnLAERn5hAnQ+TINzy D5PyhOqhb9LY0X6XshqnJ7JH5nVEQ95/juJ2a/WWoQ== X-Received: by 10.107.78.16 with SMTP id c16mr10616102iob.105.1516318130402; Thu, 18 Jan 2018 15:28:50 -0800 (PST) MIME-Version: 1.0 Received: by 10.2.152.114 with HTTP; Thu, 18 Jan 2018 15:28:29 -0800 (PST) In-Reply-To: References: From: Andy Lutomirski Date: Thu, 18 Jan 2018 15:28:29 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 1/8] x86/feature: Detect the x86 IBRS feature to control Speculation To: Tim Chen Cc: Thomas Gleixner , Andy Lutomirski , Linus Torvalds , Greg KH , Dave Hansen , Andrea Arcangeli , Andi Kleen , Arjan Van De Ven , David Woodhouse , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 5, 2018 at 6:12 PM, Tim Chen wrote: > cpuid ax=0x7, return rdx bit 26 to indicate presence of this feature > IA32_SPEC_CTRL (0x48) > IA32_SPEC_CTRL, bit0 – Indirect Branch Restricted Speculation (IBRS) > > If IBRS is set, near returns and near indirect jumps/calls will not allow > their predicted target address to be controlled by code that executed in > a less privileged prediction mode before the IBRS mode was last written > with a value of 1 or on another logical processor so long as all RSB > entries from the previous less privileged prediction mode are overwritten. > > * Thus a near indirect jump/call/return may be affected by code in a > less privileged prediction mode that executed AFTER IBRS mode was last > written with a value of 1 > > * There is no need to clear IBRS before writing it with a value of > 1. Unconditionally writing it with a value of 1 after the prediction > mode change is sufficient > > * Note: IBRS is not required in order to isolate branch predictions for > SMM or SGX enclaves > > * Code executed by a sibling logical processor cannot control indirect > jump/call/return predicted target when IBRS is set > > * SMEP will prevent supervisor mode using RSB entries filled by user code; > this can reduce the need for software to overwrite RSB entries > > CPU performance could be reduced when running with IBRS set. > > Signed-off-by: Tim Chen > --- > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/include/asm/msr-index.h | 4 ++++ > arch/x86/kernel/cpu/scattered.c | 1 + > tools/arch/x86/include/asm/cpufeatures.h | 1 + > 4 files changed, 7 insertions(+) > > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h > index 07cdd17..5ee0737 100644 > --- a/arch/x86/include/asm/cpufeatures.h > +++ b/arch/x86/include/asm/cpufeatures.h > @@ -209,6 +209,7 @@ > #define X86_FEATURE_AVX512_4FMAPS ( 7*32+17) /* AVX-512 Multiply Accumulation Single precision */ > > #define X86_FEATURE_MBA ( 7*32+18) /* Memory Bandwidth Allocation */ > +#define X86_FEATURE_SPEC_CTRL ( 7*32+19) /* Control Speculation Control */ > > /* Virtualization flags: Linux defined, word 8 */ > #define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */ > diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h > index 34c4922..f881add 100644 > --- a/arch/x86/include/asm/msr-index.h > +++ b/arch/x86/include/asm/msr-index.h > @@ -42,6 +42,10 @@ > #define MSR_PPIN_CTL 0x0000004e > #define MSR_PPIN 0x0000004f > > +#define MSR_IA32_SPEC_CTRL 0x00000048 > +#define SPEC_CTRL_FEATURE_DISABLE_IBRS (0 << 0) > +#define SPEC_CTRL_FEATURE_ENABLE_IBRS (1 << 0) > + I still can't find the PDF that documents this right now, but, from memory, shouldn't the value that we write to the MSR on entry be 3, not 1? That is, isn't bit 1 STIBP and don't we want STIBP to be on? And IIRC bit 1 was ignored on non-STIBP-capable machines.