Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1029278imm; Wed, 26 Sep 2018 10:25:23 -0700 (PDT) X-Google-Smtp-Source: ACcGV63oNOmmzqILy41t3jbzsir2W8l75Ck6DEQ8QnLw9rdeM9zFFudNFwxCklwuwSHplEWK8G/w X-Received: by 2002:a63:1752:: with SMTP id 18-v6mr6616486pgx.131.1537982723015; Wed, 26 Sep 2018 10:25:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537982722; cv=none; d=google.com; s=arc-20160816; b=dRDixK09QseRSogQEeBTWbzFVwR7Ox6ETRUwzl2VATZu6VTQ+sZhwoMgQUlgcr7pS/ 6+BBurzUUDrUwe7znxj/NhS+6pzTgxEZqE7oV5/BsdP+Lnt4CJcOKSFer9ZaRwTN9sTV 7LnglTuYw9iBwDwGJdegkg26ZljbvKv3+YEcsVRu0gJGw5RH43lFf0m3ID9uiFXh2DVp /mqu12oCOjloAJxcL9IcDVfmJgOOCu2HaueFLafBUe+jNt9x4G+fBDa+dC52kiF7PJxr XkhfliO8matbpwWJ5MVwMHWUmF0yK9DQ19IGBidArPkbNymjufbV84DP4ydi/uD2PX6Q PpYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:openpgp:from:references:cc:to:subject; bh=a4Eup92Wm+g7a/mZ9xcDUoiyGymoq3gO3T5JcjcsgPI=; b=Ay9mLtXE+YB8wUvlLFgdAU66eBzR7JYU1i4AzCev8578pPaHqOn73zdCxpZB+BnPxJ jh/HGSnRNpgMvexG6SA4T/4CZ/Ks4s09u/njZYcNIWCdOtUiD6WHLX0Fe8svTmGnMNe5 d5M4ho2mmxf+s8YCl4xB2YFA591Yh6tGFzrpA2QmWdj7d4Kkzsv+1nnt04lypBb+zgKl yTOgHY9TCkHKCLyTPCdTZmF2+lJb2GMktlVRD90hMOzct+8xETl7d6WxF3ItANuXl2gG vO0SElK/+wORW/rcmSGoWG51todYVMcsA/YcKSoGec/Bl1PbM5RQtLnMDXacC/bHufeI +ZKg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s14-v6si5678652pga.21.2018.09.26.10.25.06; Wed, 26 Sep 2018 10:25:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728845AbeIZXiY (ORCPT + 99 others); Wed, 26 Sep 2018 19:38:24 -0400 Received: from mga03.intel.com ([134.134.136.65]:50897 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726230AbeIZXiY (ORCPT ); Wed, 26 Sep 2018 19:38:24 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2018 10:24:26 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,307,1534834800"; d="scan'208";a="236145687" Received: from schen9-desk.jf.intel.com (HELO [10.54.74.144]) ([10.54.74.144]) by orsmga004.jf.intel.com with ESMTP; 26 Sep 2018 10:24:11 -0700 Subject: Re: [Patch v2 3/4] x86/speculation: Extend per process STIBP to AMD cpus. To: Jiri Kosina , Thomas Gleixner Cc: Thomas Lendacky , Ingo Molnar , Peter Zijlstra , Josh Poimboeuf , Andrea Arcangeli , David Woodhouse , Andi Kleen , Dave Hansen , Casey Schaufler , Asit Mallick , Arjan van de Ven , Jon Masters , linux-kernel@vger.kernel.org, x86@kernel.org References: <705b51cba5b5e7805aeb08af7f7d21e6ec897a17.1537920575.git.tim.c.chen@linux.intel.com> From: Tim Chen Openpgp: preference=signencrypt Autocrypt: addr=tim.c.chen@linux.intel.com; prefer-encrypt=mutual; keydata= xsFNBE6ONugBEAC1c8laQ2QrezbYFetwrzD0v8rOqanj5X1jkySQr3hm/rqVcDJudcfdSMv0 BNCCjt2dofFxVfRL0G8eQR4qoSgzDGDzoFva3NjTJ/34TlK9MMouLY7X5x3sXdZtrV4zhKGv 3Rt2osfARdH3QDoTUHujhQxlcPk7cwjTXe4o3aHIFbcIBUmxhqPaz3AMfdCqbhd7uWe9MAZX 7M9vk6PboyO4PgZRAs5lWRoD4ZfROtSViX49KEkO7BDClacVsODITpiaWtZVDxkYUX/D9OxG AkxmqrCxZxxZHDQos1SnS08aKD0QITm/LWQtwx1y0P4GGMXRlIAQE4rK69BDvzSaLB45ppOw AO7kw8aR3eu/sW8p016dx34bUFFTwbILJFvazpvRImdjmZGcTcvRd8QgmhNV5INyGwtfA8sn L4V13aZNZA9eWd+iuB8qZfoFiyAeHNWzLX/Moi8hB7LxFuEGnvbxYByRS83jsxjH2Bd49bTi XOsAY/YyGj6gl8KkjSbKOkj0IRy28nLisFdGBvgeQrvaLaA06VexptmrLjp1Qtyesw6zIJeP oHUImJltjPjFvyfkuIPfVIB87kukpB78bhSRA5mC365LsLRl+nrX7SauEo8b7MX0qbW9pg0f wsiyCCK0ioTTm4IWL2wiDB7PeiJSsViBORNKoxA093B42BWFJQARAQABzTRUaW0gQ2hlbiAo d29yayByZWxhdGVkKSA8dGltLmMuY2hlbkBsaW51eC5pbnRlbC5jb20+wsF+BBMBAgAoAhsD BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWfPBPgUJDyfxUQAKCRCiZ7WKota4SReFEACa 5ruzJM/hXJguHJY8i95rxHfLOgE7QoDgsR2aK2C1BSu84StTcT9BMikndQ0em28mpd1zROCs FvJ8Dzpp923699FU7s70+bFG9zIWtAOLWt2QyIMYImILzKkzkyLZo2RTcLNdUWS5fkAtjspQ QPg29W+kcbX1NhB6WDdbvk2HNeZoDh4A5ucOzKjEPqbSFIbw2Wt3RUmXxezjH1NzZG3fMkEN cT7JezYhUxvi2PrJlD+mo26q2/PQmFgF49tneRJXmYyie5o2+ClfFVO9I6Rd1k7hS9uXQLg3 udpnDKobNYZ7/+O5+ucp0Y/MwzTfBYmtJ5fBjUTi2L1RMDJee8WqCNY1VU6cQ8MD4KstxUp2 bxlSRAYaDtNa1Omr61E7BA1Cc2E3cIt/O1mMfudWUjCND8qrAtEnugqKjk5tJJZzmzIKSHPY dCiJtOBQaVAYYchXF2hwOKhpFS43V4FdWLlM1CnFXsmbk48hGbiA8XHU85JBCXmG0i4qUlKn x2ilChvq4A102ahnlGbEmFaSwxuqR/5lhai6lOkwHXDFUT6jblaSs24L3MTn/vXtvwaLEEKh SPzNaj7yFvEhrJoLiZmDm0SZuPbQ+wrmPWUbzyf5te2Oq0JyrHTQJoQqn+CwGqwF/JaUq60f VuUD3T0icgsfljsOA4apyH7kyfxXGP0hOM7BTQROjjboARAAx+LxKhznLH0RFvuBEGTcntrC 3S0tpYmVsuWbdWr2ZL9VqZmXh6UWb0K7w7OpPNW1FiaWtVLnG1nuMmBJhE5jpYsi+yU8sbMA 5BEiQn2hUo0k5eww5/oiyNI9H7vql9h628JhYd9T1CcDMghTNOKfCPNGzQ8Js33cFnszqL4I N9jh+qdg5FnMHs/+oBNtlvNjD1dQdM6gm8WLhFttXNPn7nRUPuLQxTqbuoPgoTmxUxR3/M5A KDjntKEdYZziBYfQJkvfLJdnRZnuHvXhO2EU1/7bAhdz7nULZktw9j1Sp9zRYfKRnQdIvXXa jHkOn3N41n0zjoKV1J1KpAH3UcVfOmnTj+u6iVMW5dkxLo07CddJDaayXtCBSmmd90OG0Odx cq9VaIu/DOQJ8OZU3JORiuuq40jlFsF1fy7nZSvQFsJlSmHkb+cDMZDc1yk0ko65girmNjMF hsAdVYfVsqS1TJrnengBgbPgesYO5eY0Tm3+0pa07EkONsxnzyWJDn4fh/eA6IEUo2JrOrex O6cRBNv9dwrUfJbMgzFeKdoyq/Zwe9QmdStkFpoh9036iWsj6Nt58NhXP8WDHOfBg9o86z9O VMZMC2Q0r6pGm7L0yHmPiixrxWdW0dGKvTHu/DH/ORUrjBYYeMsCc4jWoUt4Xq49LX98KDGN dhkZDGwKnAUAEQEAAcLBZQQYAQIADwIbDAUCVEAL2AUJC1VvawAKCRCiZ7WKota4SWWrD/9L 4H3kHUR9qPTfSpwFBV0+PspkpMQmRQ9cQauIRXL+qIqCYfx48Jz/WZkq47COhY4d1tAvX4qv lviIoCwShAHhVkxD2rWFpa6Yang7cyPDjS6sNChsZ9aTAP0zX4LLHN8ub5LwCcU9JA4Avwdy NDSeeSeqNq9QOvVd2bDmyHxgVv4zRgLTNPH28hXAnDODy0wCJWg53PWvlp35XfWdIsC0ZAPK vgA1Bh+FYYKfT8Uzj8J/SYH+chmeYMt+8Y+FZa+NybivWJg6+UaJ2fCTuKCc7TgqLneBudox izWQMnBso0tHOT6+ju+L+ewPWc0OrJdKJeadrE2T1E949vMup5jG0lJLeSpBNmELODNL0xz6 Erjs/pwX7cYGKUbJfBaQcC9frPfpWfSqnK5X+12HFDxAxquXKC4ejBJOhbo3xx0sziiPTC3m 4LvLkEa9evQNtMvRcnWY5qIC4YdT5waC0stYNpyCiBXpYArKYCmlra3xpgAe0MRL94PHU4UW yxxdxRubFYna9LeNcWL7C0w2ngg1jd0tjRjLnimrOL8rSVUzwjNSQOV37tWTueTr40M/SfjU B6bifflZQpeSY8IpqzKqB0vvxo2xD0rU7JqUh7rW8U6rg2JEzVgYiHS4cf/vJMHuauHAjH7a ys7DYlLhlOVo3o0jOor4xuZPrWbSp4w51sLBZQQYAQIADwIbDAUCWfPBJQUJDyfxOAAKCRCi Z7WKota4SZKQD/wLu3j8kgATic+wF3ekngjwPcW3JhbQJeHxUZwsb9OgVMHumlrZHGoltKQu FfAhG/sOfuAh5f7QMzzA1M+2JD1Q6lr74vUHNBu+xBFMgZstE6hpkKmn0pNZ5JS3iZRVRLBx dWw63DYr0GM80vmbHjAhwxoF2PsO2/PkWTc68+pFyl3Dy0heZSJii81hkzh8FnF8CaMH0VXu MJoWyuYgnC058hHj0QqXvlNx9LzMtmrsskTmPvwqXTgG/dTEfTkQ4RfX3enrBy55cg9tMc88 BEQ/0/JV1bCDwyWXKRpz6FsHbICGQ4G9TTD4pS5QJ+oRQccMjfiDM3rFTcG1RYP2lHXjSm9c 0VnimpQBz3LarrdHJilmTHbAWf5KLmtWfYXHrlncnhnCtw2nfwBBdy8cQW4tUyniSVRLOwGm eJziyuPJ5SVVZcil2oN5/o7js7BYAeAV/WVF2Sk/blnXaaObIYIVqnDhV4N0oUz1KXq1Leem Uvjo5rljmmhOBdgl6D0scXCWICbuuWN9eW2fZl38hBSI3M0MX0jnV2e+0FY+76iNmKadpTDw gY3OaQAZ/UlJVI+pRV4JtRrajtpo9Vb38SBPXwp9moWmwVQyIdFUXjCTQARvxjRsUoPVu9oA SCd9W74oOgrqC1hadvVU867d07PlWksfYwCeYP4bs+4GSLzI1w== Message-ID: Date: Wed, 26 Sep 2018 10:24:11 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 MIME-Version: 1.0 In-Reply-To: <705b51cba5b5e7805aeb08af7f7d21e6ec897a17.1537920575.git.tim.c.chen@linux.intel.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/25/2018 05:43 PM, Tim Chen wrote: > From: Thomas Lendacky > > We extend the app to app spectre v2 mitigation using STIBP > to the AMD cpus. We need to take care of special > cases for AMD cpu's update of SPEC_CTRL MSR to avoid double > writing of MSRs from update to SSBD and STIBP. Tom, if this patch looks okay to you, can I add your sign off? Tim > > Originally-by: Thomas Lendacky > Signed-off-by: Tim Chen > --- > arch/x86/kernel/process.c | 48 +++++++++++++++++++++++++++++++++++++---------- > 1 file changed, 38 insertions(+), 10 deletions(-) > > diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c > index cb24014..4a3a672 100644 > --- a/arch/x86/kernel/process.c > +++ b/arch/x86/kernel/process.c > @@ -399,6 +399,10 @@ static __always_inline void set_spec_ctrl_state(unsigned long tifn) > { > u64 msr = x86_spec_ctrl_base; > > + /* > + * AMD cpu may have used a different method to update SSBD, so > + * we need to be sure we are using the SPEC_CTRL MSR for SSBD. > + */ > if (static_cpu_has(X86_FEATURE_SSBD)) > msr |= ssbd_tif_to_spec_ctrl(tifn); > > @@ -408,20 +412,45 @@ static __always_inline void set_spec_ctrl_state(unsigned long tifn) > wrmsrl(MSR_IA32_SPEC_CTRL, msr); > } > > -static __always_inline void __speculative_store_bypass_update(unsigned long tifn) > +static __always_inline void __speculative_store_bypass_update(unsigned long tifp, > + unsigned long tifn) > { > - if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) > - amd_set_ssb_virt_state(tifn); > - else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) > - amd_set_core_ssb_state(tifn); > - else > - set_spec_ctrl_state(tifn); > + bool stibp = !!((tifp ^ tifn) & _TIF_STIBP); > + bool ssbd = !!((tifp ^ tifn) & _TIF_SSBD); > + > + if (!ssbd && !stibp) > + return; > + > + if (ssbd) { > + /* > + * For AMD, try these methods first. The ssbd variable will > + * reflect if the SPEC_CTRL MSR method is needed. > + */ > + ssbd = false; > + > + if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) > + amd_set_ssb_virt_state(tifn); > + else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) > + amd_set_core_ssb_state(tifn); > + else > + ssbd = true; > + } > + > + /* Avoid a possible extra MSR write, recheck the flags */ > + if (!ssbd && !stibp) > + return; > + > + set_spec_ctrl_state(tifn); > } > > void speculative_store_bypass_update(unsigned long tif) > { > + /* > + * On this path we're forcing the update, so use ~tif as the > + * previous flags. > + */ > preempt_disable(); > - __speculative_store_bypass_update(tif); > + __speculative_store_bypass_update(~tif, tif); > preempt_enable(); > } > > @@ -457,8 +486,7 @@ void __switch_to_xtra(struct task_struct *prev_p, struct task_struct *next_p, > if ((tifp ^ tifn) & _TIF_NOCPUID) > set_cpuid_faulting(!!(tifn & _TIF_NOCPUID)); > > - if ((tifp ^ tifn) & (_TIF_SSBD | _TIF_STIBP)) > - __speculative_store_bypass_update(tifn); > + __speculative_store_bypass_update(tifp, tifn); > } > > /* >