Received: by 10.223.176.5 with SMTP id f5csp306255wra; Tue, 6 Feb 2018 23:01:35 -0800 (PST) X-Google-Smtp-Source: AH8x225jZr3d5WIr4YmWZ85mQPz3Hrucy+ccFx71y6c9qWW6PRWxc+QnN1BDeJzTHD0KjlP9wVY1 X-Received: by 2002:a17:902:768b:: with SMTP id m11-v6mr4908528pll.50.1517986895206; Tue, 06 Feb 2018 23:01:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517986895; cv=none; d=google.com; s=arc-20160816; b=YrH8RwqBVcUBiFbJ7hofdd9hh2FTeDWmkGKQo6tbdE5TgSlfEMnEgs23pKabeOa4Ag +eLkymkCfGZKDX1V/9lSHnNjaBAsIsoueyDfUFIzUiH8uBLy1HKxQtBOdDr8BFMkJ6Yq F+XMphZaa4d3cUe6eqGAp4aWmj05joSWS3QLk3CCqNnwJ6HY6av05REBwUJQo8ve+/eS m8jVXm0tIq0rsAt17DbSxEOZ0612mrPzyO0KfPxf7Luqco/fn+kWZBG3C747Wt5nm+qw 8xLWSZBe8zuIVj/ZmMEoxxW0kv2SN8rJaiiPnYBhP2QhURJqoPNZUTPbRYfppvap1l4r F5oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=U6S/lDKgix/iw85JcPe5SSXv0KIVTpntwUlqXLIg6bI=; b=fw9fl+kY1lAP4Lkt0gGezijzmnE0Dn5EN7NblhsysQCaMGsM9K7M5Q774hYxK42GXv WHChNlktGeP8wN+f9VRS8vOtoUVCvhNqdj/+jUMC18YkGIfqvQyQgs/ngBv4LoX2yrFV RXXZvikxzREYccOlhJ/oTIjua5w47qYCPAMYEKqzUgBDni6kxh4ad3q1iIkmJ2e6kYmm P5WDclgBIY6z9PeOU498zJ/EOmZO5DcvHexnlfyqXuI6IWUP5TGunoU6lfRdSxW5RRjE JNP9Mi4EiuTcRSjlZIcvCFmHwZ+G7o/ETS2H9jmIxGMMfxjfvX2Vq9LvYSSsRCeNsemo 4GmQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 134si561925pgg.395.2018.02.06.23.01.21; Tue, 06 Feb 2018 23:01:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753395AbeBGHAV (ORCPT + 99 others); Wed, 7 Feb 2018 02:00:21 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:34268 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753328AbeBGHAU (ORCPT ); Wed, 7 Feb 2018 02:00:20 -0500 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w176xKc5042611 for ; Wed, 7 Feb 2018 02:00:20 -0500 Received: from e06smtp14.uk.ibm.com (e06smtp14.uk.ibm.com [195.75.94.110]) by mx0a-001b2d01.pphosted.com with ESMTP id 2fyqhgtmcp-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Wed, 07 Feb 2018 02:00:19 -0500 Received: from localhost by e06smtp14.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 7 Feb 2018 07:00:17 -0000 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp14.uk.ibm.com (192.168.101.144) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Wed, 7 Feb 2018 07:00:13 -0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w1770Cs338404246; Wed, 7 Feb 2018 07:00:12 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C76F842057; Wed, 7 Feb 2018 06:53:09 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5169D42042; Wed, 7 Feb 2018 06:53:09 +0000 (GMT) Received: from mschwideX1.emea.ibm.com (unknown [9.145.1.249]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Wed, 7 Feb 2018 06:53:09 +0000 (GMT) From: Martin Schwidefsky To: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org Cc: Heiko Carstens , Christian Borntraeger , Cornelia Huck , David Hildenbrand , Greg Kroah-Hartman , Jon Masters , Marcus Meissner , Jiri Kosina , Dominik Brodowski , Alan Cox , Pavel Machek , David Woodhouse Subject: [PATCH 0/6] s390: improve speculative execution handling v3 Date: Wed, 7 Feb 2018 08:00:05 +0100 X-Mailer: git-send-email 2.7.4 X-TM-AS-GCONF: 00 x-cbid: 18020707-0016-0000-0000-0000052033DB X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18020707-0017-0000-0000-0000285CE856 Message-Id: <1517986811-27819-1-git-send-email-schwidefsky@de.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2018-02-07_01:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1802070089 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Version 3 of the speculative execution improvements for s390. Changes to v2: * Dropped the prctl to introduce the PR_ISOLATE_BP control and simply added two exported functions s390_isolate_bp and s390_isolate_bp_guest. There is currently no caller for these functions, for now an out-of-tree module can be used until an acceptable upstream solution for the user space interface is found. * Added an optimized version for the the array_index_mask_nospec function based on subtract with borrow for the spectre v1 defense. * Introduce "expoline", the s390 version of a retpoline. As s390 does not have a return instruction and the associate return stack we use an execute-type instruction on an indirect branch to get unpredicatable branches. This requires gcc support for -mindirect-branch=thunk / -mfunction-return=thunk. To be able to disable expolines there is another gcc option -mindirect-branch-table to keep a list of PC relative locations of calls to the execute thunks. With spectre_v2=off the call will be replaced with the original indirect branch and a nop. Martin Schwidefsky (6): s390: scrub registers on kernel entry and KVM exit s390: add optimized array_index_mask_nospec s390/alternative: use a copy of the facility bit mask s390: add options to change branch prediction behaviour for the kernel s390: run user space and KVM guests with modified branch prediction s390: introduce execute-trampolines for branches arch/s390/Kconfig | 45 ++++++ arch/s390/Makefile | 12 ++ arch/s390/include/asm/barrier.h | 24 ++++ arch/s390/include/asm/facility.h | 18 +++ arch/s390/include/asm/lowcore.h | 9 +- arch/s390/include/asm/nospec-branch.h | 18 +++ arch/s390/include/asm/processor.h | 4 + arch/s390/include/asm/thread_info.h | 4 + arch/s390/kernel/Makefile | 4 + arch/s390/kernel/alternative.c | 26 +++- arch/s390/kernel/early.c | 5 + arch/s390/kernel/entry.S | 249 ++++++++++++++++++++++++++++++---- arch/s390/kernel/ipl.c | 1 + arch/s390/kernel/module.c | 62 +++++++-- arch/s390/kernel/nospec-branch.c | 100 ++++++++++++++ arch/s390/kernel/processor.c | 18 +++ arch/s390/kernel/setup.c | 8 +- arch/s390/kernel/smp.c | 7 +- arch/s390/kernel/vmlinux.lds.S | 14 ++ drivers/s390/char/Makefile | 2 + 20 files changed, 591 insertions(+), 39 deletions(-) create mode 100644 arch/s390/include/asm/nospec-branch.h create mode 100644 arch/s390/kernel/nospec-branch.c -- 2.7.4