Received: by 10.223.176.46 with SMTP id f43csp2692789wra; Mon, 22 Jan 2018 01:43:02 -0800 (PST) X-Google-Smtp-Source: AH8x227M76+F0NEmM0AzXkn3y7FXmdLWp7lYiJ2zQ3O4Nwby/HCpSinpMHS7JhcTp0e+I3knUcsK X-Received: by 10.99.114.5 with SMTP id n5mr6916025pgc.211.1516614182505; Mon, 22 Jan 2018 01:43:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516614182; cv=none; d=google.com; s=arc-20160816; b=Mu+Fy1BvJk5eV+EJJDZmzYZ87hzsBRoSegCSXjg3JE1qwqfrquu1/CBq3vnXc1Ogsx opZYM59kJB3cD7cUUUuqDsX1o3t2RC/jCl2OA/W2Fyknctrj22LyYlOkeSx1tdS3THv6 FYldoYE+ccwS6V91WC/9uvHWgBMzDe6xRbKkphGo3kMFyPQzN8aTOUiCQI3o+l8mYGyt l7TKOgRnM+DRdkaRiUGOXpnO4Cjnxys2GeZPHVPxFei9fzzntGc0YBYe57NrtFEfRN1W HUMxqXqNuLf/zVZfBCNthUf7O3fXRxqSWx0xYJwgd8WiSCTcdIUfUfWP57pS6E2cL3AG hkWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=BN6KRAXAYkA4NYwVHno4WMX03FLZmuybEtLx4q4/pYk=; b=0wTbLMcnqrYiEe5zXMNfBGdgCWwyYErSFI2KVuU3RcG23lHSwDr1jEuVtdu/JZqqHW 9VCdUkN8yoES1B1pKrz0wK9vfteeKnAQ55Oh8mDQcot+SaUeS3aPw6R/CS8ocOljTQOB 8QCbccTUwvdAWY7evIOXU3HZ+mxfQ/M/FgNaNvZV+yGzcetZhKDzbP5xBX89FrTXFreK 51IDOG844eEmIMT1lbNrqnLNwEJw4VN7Z+IXluVwYq8V8Y1AtJTEPeCMY0zOl9nDFbZW owmVS6YrmSOD+n0JdhTatm2tk26tVFm+XoXIZnaFx9GTQzfRTZL2WWgBf/aec0SgGW2q NDUg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 32-v6si3230616pla.164.2018.01.22.01.42.48; Mon, 22 Jan 2018 01:43:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751746AbeAVImP (ORCPT + 99 others); Mon, 22 Jan 2018 03:42:15 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:58838 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751698AbeAVImN (ORCPT ); Mon, 22 Jan 2018 03:42:13 -0500 Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 4C24EF3C; Mon, 22 Jan 2018 08:42:12 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Tom Lendacky , Thomas Gleixner , Borislav Petkov , David Woodhouse , Arjan van de Ven , Rik van Riel , Andi Kleen , Paul Turner , Peter Zijlstra , Tim Chen , Jiri Kosina , Dave Hansen , Andy Lutomirski , Josh Poimboeuf , Dan Williams , Linus Torvalds , Kees Cook , Greg Kroah-Hartman Subject: [PATCH 4.4 30/53] x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros Date: Mon, 22 Jan 2018 09:40:22 +0100 Message-Id: <20180122083911.629117807@linuxfoundation.org> X-Mailer: git-send-email 2.16.0 In-Reply-To: <20180122083910.299610926@linuxfoundation.org> References: <20180122083910.299610926@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Tom Lendacky commit 28d437d550e1e39f805d99f9f8ac399c778827b7 upstream. The PAUSE instruction is currently used in the retpoline and RSB filling macros as a speculation trap. The use of PAUSE was originally suggested because it showed a very, very small difference in the amount of cycles/time used to execute the retpoline as compared to LFENCE. On AMD, the PAUSE instruction is not a serializing instruction, so the pause/jmp loop will use excess power as it is speculated over waiting for return to mispredict to the correct target. The RSB filling macro is applicable to AMD, and, if software is unable to verify that LFENCE is serializing on AMD (possible when running under a hypervisor), the generic retpoline support will be used and, so, is also applicable to AMD. Keep the current usage of PAUSE for Intel, but add an LFENCE instruction to the speculation trap for AMD. The same sequence has been adopted by GCC for the GCC generated retpolines. Signed-off-by: Tom Lendacky Signed-off-by: Thomas Gleixner Reviewed-by: Borislav Petkov Acked-by: David Woodhouse Acked-by: Arjan van de Ven Cc: Rik van Riel Cc: Andi Kleen Cc: Paul Turner Cc: Peter Zijlstra Cc: Tim Chen Cc: Jiri Kosina Cc: Dave Hansen Cc: Andy Lutomirski Cc: Josh Poimboeuf Cc: Dan Williams Cc: Linus Torvalds Cc: Greg Kroah-Hartman Cc: Kees Cook Link: https://lkml.kernel.org/r/20180113232730.31060.36287.stgit@tlendack-t1.amdoffice.net Signed-off-by: Greg Kroah-Hartman --- arch/x86/include/asm/nospec-branch.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -11,7 +11,7 @@ * Fill the CPU return stack buffer. * * Each entry in the RSB, if used for a speculative 'ret', contains an - * infinite 'pause; jmp' loop to capture speculative execution. + * infinite 'pause; lfence; jmp' loop to capture speculative execution. * * This is required in various cases for retpoline and IBRS-based * mitigations for the Spectre variant 2 vulnerability. Sometimes to @@ -38,11 +38,13 @@ call 772f; \ 773: /* speculation trap */ \ pause; \ + lfence; \ jmp 773b; \ 772: \ call 774f; \ 775: /* speculation trap */ \ pause; \ + lfence; \ jmp 775b; \ 774: \ dec reg; \ @@ -60,6 +62,7 @@ call .Ldo_rop_\@ .Lspec_trap_\@: pause + lfence jmp .Lspec_trap_\@ .Ldo_rop_\@: mov \reg, (%_ASM_SP) @@ -142,6 +145,7 @@ " .align 16\n" \ "901: call 903f;\n" \ "902: pause;\n" \ + " lfence;\n" \ " jmp 902b;\n" \ " .align 16\n" \ "903: addl $4, %%esp;\n" \