Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1263495imu; Tue, 11 Dec 2018 16:07:42 -0800 (PST) X-Google-Smtp-Source: AFSGD/W8GzYWA49xXJtMpeEzfJXlPxsqA14KwxJ5d8+qlkcShE7cu0gQVgUhXmS78ke7MOt6sPm8 X-Received: by 2002:a62:2e46:: with SMTP id u67mr17856943pfu.3.1544573262073; Tue, 11 Dec 2018 16:07:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544573262; cv=none; d=google.com; s=arc-20160816; b=ZB+1y5P+uYMI6vrEVk5Gp190TEElSMQzTGkadpFTQpUDlfBQ7y54a0U8gWdfZQfx4q S6DqnsBNefVF5dDz8qKW1QBZXCmE69wEIX+23/rvEy6f7AIadEx69x+xulAeF5rhpBlj zLeaZrXaUAau5krbLpMVFKtv2nNvBXEKCwAwfWM2MRrJ1U+G+oBlYi6QfKArgmym5X0g 8TMIqhAmq/9+tBoQblXH2VnPz8vGlGqjvffSAVMHwHUEzvKRA9wRjLZwP/FoiTbjZ+wa atAcCrA3jsJuB6L9uoV52f8NyrWrQS5eyHXJuEad4O6YHMcFqJCjf+qqz0RqTrp1V/XO sBmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=gqPOJX+Rt6zLjB70ObQSCS9/UCYrIp6DPpfaM5Hq2ho=; b=WFlAqcBHtU/njQEhfkiAnERur1vu2qcUoPlp8LV3AxoT+cofORX8ijJdzg2ncu8+7O a5EpB5FTZVJBTe7GhboiZmmqOV3ZdmYCp6gYE4vWJ7G0IE+ajuo1MXW/LF6KUTB+N3dj aXyOIHt7WkkuLF//2rV58eSjIiROEGEpavkuGylE25tX5YUhrmCXhrMa7Do5WNXvt6KE gYhYxGK1MCXP64vY9VVN4IiPA2yMd0MJx3i2Uy4pVi7u4uN426ZccSbQdaA/1+MdOQ1X GhBL/EmWTCzlaskpSYeJOK5xOWsqRvJGVLW/KzFCpWJTgpc7j+tOTycTPr36CD9kYy7m Lc1g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b="Ho//sV6k"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1si13726463plr.189.2018.12.11.16.07.26; Tue, 11 Dec 2018 16:07:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b="Ho//sV6k"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726246AbeLLAF1 (ORCPT + 99 others); Tue, 11 Dec 2018 19:05:27 -0500 Received: from mail.skyhub.de ([5.9.137.197]:60798 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726201AbeLLAF0 (ORCPT ); Tue, 11 Dec 2018 19:05:26 -0500 Received: from zn.tnic (p200300EC2BCD2B002DC08A63FFF8C6E5.dip0.t-ipconnect.de [IPv6:2003:ec:2bcd:2b00:2dc0:8a63:fff8:c6e5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 563981EC09F7; Wed, 12 Dec 2018 01:05:25 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1544573125; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=gqPOJX+Rt6zLjB70ObQSCS9/UCYrIp6DPpfaM5Hq2ho=; b=Ho//sV6kasPUtxT5gFHArPRu5XNZqI6taon4/422gPpwepETa6Ajk3H68sOzYsb4d1lvvk zO+E88u7ua5ceqBqJeTNPhLK1kEQdcYgEtvLFm3aj719/b0lq161+Xiz9vcVrNgU8BsCQZ ljn07HBruFpu0SeJEe5enJVQeCZUShQ= Date: Wed, 12 Dec 2018 01:05:18 +0100 From: Borislav Petkov To: "Lendacky, Thomas" Cc: "x86@kernel.org" , "linux-kernel@vger.kernel.org" , Andrea Arcangeli , Konrad Rzeszutek Wilk , Jiri Kosina , Ingo Molnar , Thomas Gleixner , Tim Chen , David Woodhouse Subject: Re: [PATCH v2] x86/speculation: Add support for STIBP always-on preferred mode Message-ID: <20181212000518.GX27375@zn.tnic> References: <20181211224615.5373.65736.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20181211224615.5373.65736.stgit@tlendack-t1.amdoffice.net> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Dec 11, 2018 at 10:46:16PM +0000, Lendacky, Thomas wrote: > Different AMD processors may have different implementations of STIBP. > When STIBP is conditionally enabled, some implementations would benefit > from having STIBP always on instead of toggling the STIBP bit through MSR > writes. This preference is advertised through a CPUID feature bit. > > When conditional STIBP support is requested at boot and the CPU advertises > STIBP always-on mode as preferred, switch to STIBP "on" support. Print a > message to let the user know this occurred. Also, provide a boolean that > be used in stibp_state() to return a message tailored to the always-on > support. > > Signed-off-by: Tom Lendacky > --- > > This patch is against the x86/pti branch of the tip tree: > git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86/pti > > Changes from v1: > - Removed explicit SPECTRE_V2_USER_STRICT_PREFERRED mode > - Added a message when switching to always-on mode > - Set and used a static boolean for the string in stibp_state() > > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/kernel/cpu/bugs.c | 17 ++++++++++++++++- > 2 files changed, 17 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h > index 28c4a50..df8e94e2 100644 > --- a/arch/x86/include/asm/cpufeatures.h > +++ b/arch/x86/include/asm/cpufeatures.h > @@ -284,6 +284,7 @@ > #define X86_FEATURE_AMD_IBPB (13*32+12) /* "" Indirect Branch Prediction Barrier */ > #define X86_FEATURE_AMD_IBRS (13*32+14) /* "" Indirect Branch Restricted Speculation */ > #define X86_FEATURE_AMD_STIBP (13*32+15) /* "" Single Thread Indirect Branch Predictors */ > +#define X86_FEATURE_AMD_STIBP_ALWAYS_ON (13*32+17) /* "" Single Thread Indirect Branch Predictors always-on preferred */ > #define X86_FEATURE_AMD_SSBD (13*32+24) /* "" Speculative Store Bypass Disable */ > #define X86_FEATURE_VIRT_SSBD (13*32+25) /* Virtualized Speculative Store Bypass Disable */ > #define X86_FEATURE_AMD_SSB_NO (13*32+26) /* "" Speculative Store Bypass is fixed in hardware. */ > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index 58689ac..db156e1 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -61,6 +61,8 @@ > /* Control unconditional IBPB in switch_mm() */ > DEFINE_STATIC_KEY_FALSE(switch_mm_always_ibpb); > > +static bool stibp_always_on; > + > void __init check_bugs(void) > { > identify_boot_cpu(); > @@ -355,6 +357,18 @@ static void __init spec_v2_user_print_cond(const char *reason, bool secure) > break; > } > > + /* > + * At this point, an STIBP mode other than "off" has been set. > + * If STIBP support is not being forced, check if STIBP always-on > + * is preferred. > + */ > + if (mode != SPECTRE_V2_USER_STRICT && > + boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) { > + stibp_always_on = true; > + mode = SPECTRE_V2_USER_STRICT; > + pr_info("mitigation: STIBP always-on is preferred\n"); > + } > + > /* Initialize Indirect Branch Prediction Barrier */ > if (boot_cpu_has(X86_FEATURE_IBPB)) { > setup_force_cpu_cap(X86_FEATURE_USE_IBPB); > @@ -1088,7 +1102,8 @@ static char *stibp_state(void) > case SPECTRE_V2_USER_NONE: > return ", STIBP: disabled"; > case SPECTRE_V2_USER_STRICT: > - return ", STIBP: forced"; > + return stibp_always_on ? ", STIBP: always-on" > + : ", STIBP: forced"; I still don't like that separate stibp_always_on variable when we can do all the querying just by using mode and X86_FEATURE_AMD_STIBP_ALWAYS_ON. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.