Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp1050234rwb; Thu, 18 Aug 2022 17:57:31 -0700 (PDT) X-Google-Smtp-Source: AA6agR46PS2SYeHOe0x8mJ6wktOts261rdXNz+vGNDQOLwRhf5D5Ywc8ZZ2w0ZWCRZ60CVC97VFo X-Received: by 2002:a65:6892:0:b0:41d:54a2:b0b0 with SMTP id e18-20020a656892000000b0041d54a2b0b0mr4266014pgt.560.1660870651180; Thu, 18 Aug 2022 17:57:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660870651; cv=none; d=google.com; s=arc-20160816; b=0+VW7q0mXzH0Jde9LfhnFLc32JRwtxz26Fa6mtOIVLMZsTxm/fFt5u8dPgSgmScPIf NRFrnI2PZR6Nor8iEcw/PFTJr9m3orWRC0RgMCgQbhV4Gp85B3wv+YYAubywRTJIcqfX TSr/xSD2TNAedcsPeOPBVfqmlR1gItyj9ukEfYGyOdHkiV1u508o+MPcFcoqnisXQdnx 3V2lMuWqinAVckfYil9wI4VeP9+sFxATnIK9sUz4T8rAm+YEp6Aq0IiA0qhr1ywMQ6as 1gyoCO6N28poJlKGpbo2vg9VAU7/Et9avSpzIlwEnl3Xl/24lbuL27IPDteXZrEyoS9n eu1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-disposition:mime-version:message-id :subject:cc:to:from:date; bh=MvRvt7XrBLo9TmKtCRRx31A0G/BwtGTl3IKag/gkeo0=; b=XsqQQvFp2fCR8qK+lWEfLz40dmIybDXZx8b/X2XSXNNfLG3VTa7RIiksQq+YTiJ2Tt O6IouBgg0ERRBhUTgQ99HpBRbPY4SmqJzdIqsoM9F+O6W+eEtdGxnrDksGP+9rudOjgf UUf3TfbufgEFTUTRj+vIONFxq1tD8FGM7f/TPAB/GkpyH3JrQqDqENgt967N0sU+XfSk rKKUtDWWQO5+ATTof5KgfWRUhuRXVEwCkFYkbcxH9iBxibxJLjZDmV0xY7uO8/GjQnGM 3UOzsWu7R5hfVzjDgUt/gwchzpFzWeJ26rtw+NSI8DhkCRRCQRO5bMwT9LlNJeP8ZHfK 5MtA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id rm2-20020a17090b3ec200b001f3e54ca93asi774807pjb.76.2022.08.18.17.57.20; Thu, 18 Aug 2022 17:57:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239717AbiHSAdT (ORCPT + 99 others); Thu, 18 Aug 2022 20:33:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59172 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229899AbiHSAdR (ORCPT ); Thu, 18 Aug 2022 20:33:17 -0400 Received: from maynard.decadent.org.uk (maynard.decadent.org.uk [95.217.213.242]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 984A1FD00; Thu, 18 Aug 2022 17:33:15 -0700 (PDT) Received: from 213.219.160.184.adsl.dyn.edpnet.net ([213.219.160.184] helo=deadeye) by maynard with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oOpwj-0000wB-3a; Fri, 19 Aug 2022 02:33:09 +0200 Received: from ben by deadeye with local (Exim 4.96) (envelope-from ) id 1oOpwi-000a0S-0N; Fri, 19 Aug 2022 02:33:08 +0200 Date: Fri, 19 Aug 2022 02:33:08 +0200 From: Ben Hutchings To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, 1017425@bugs.debian.org, =?iso-8859-1?Q?Martin-=C9ric?= Racine , stable@vger.kernel.org, regressions@lists.linux.dev, Daniel Sneddon , Pawan Gupta Subject: [PATCH] x86/speculation: Avoid LFENCE in FILL_RETURN_BUFFER on CPUs that lack it Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="eT0M3T1LYdQ/WIvW" Content-Disposition: inline X-SA-Exim-Connect-IP: 213.219.160.184 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on maynard); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --eT0M3T1LYdQ/WIvW Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =46rom: Ben Hutchings The mitigation for PBRSB includes adding LFENCE instructions to the RSB filling sequence. However, RSB filling is done on some older CPUs that don't support the LFENCE instruction. Define and use a BARRIER_NOSPEC macro which makes the LFENCE conditional on X86_FEATURE_LFENCE_RDTSC, like the barrier_nospec() macro defined for C code in . Reported-by: Martin-=C9ric Racine References: https://bugs.debian.org/1017425 Cc: stable@vger.kernel.org Cc: regressions@lists.linux.dev Cc: Daniel Sneddon Cc: Pawan Gupta Fixes: 2b1299322016 ("x86/speculation: Add RSB VM Exit protections") Fixes: ba6e31af2be9 ("x86/speculation: Add LFENCE to RSB fill sequence") Signed-off-by: Ben Hutchings --- Re-sending this with properly matched From address and server. Apologies if you got 2 copies. Ben. arch/x86/include/asm/nospec-branch.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/no= spec-branch.h index e64fd20778b6..b1029fd88474 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -34,6 +34,11 @@ =20 #define RSB_CLEAR_LOOPS 32 /* To forcibly overwrite all entries */ =20 +#ifdef __ASSEMBLY__ + +/* Prevent speculative execution past this barrier. */ +#define BARRIER_NOSPEC ALTERNATIVE "", "lfence", X86_FEATURE_LFENCE_RDTSC + /* * Google experimented with loop-unrolling and this turned out to be * the optimal version - two calls, each with their own speculation @@ -62,9 +67,7 @@ dec reg; \ jnz 771b; \ /* barrier for jnz misprediction */ \ - lfence; - -#ifdef __ASSEMBLY__ + BARRIER_NOSPEC; =20 /* * This should be used immediately before an indirect jump/call. It tells @@ -138,7 +141,7 @@ int3 .Lunbalanced_ret_guard_\@: add $(BITS_PER_LONG/8), %_ASM_SP - lfence + BARRIER_NOSPEC .endm =20 /* --eT0M3T1LYdQ/WIvW Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmL+2j0ACgkQ57/I7JWG EQlPgA/+JoIOscO32lmTqexszlIn0F8EUMhfZfCh6h3mSgt0w8B1r4oBmEZTs9x5 HOHjeG0ZtdQvTKm10bCn2eCQq9xhH35m/OSNoysS64lFsQLyKmvXoV2U36nvxSnu S7Dd0pt1Mgxs6o7+l/Gxhd1Jva6JagwjZjcOe3cPmcMtgbBZfPsmAofkSbq/89u4 iBeUm7YE5i7zRB5DZWHbMs+GIEGdyRplu1u7pYxRSg9XQg/zSdNdS02c5v8/PLx2 NgTGVR+t858WG791oTNXqkV1SG1s3LNuimJej155QCxyMNrJgAqre713cv9x5uEA tU/VRZdPoYkee/L6d31p77C9+BV1PD2wy1pUFVBEvXV7cbDXvpXNjb5ZRAHPSBIa 1LBP1jrvCfeq7r4qQPIjIU5T8mU6ClJKkHLnf0ZjFwDvyNOEHy9dlH5ShjYy/oFX Wedrbb7Y/sk39fxF5km0ns8gL/s689HbT1quEbqE2NhjfurOlSTuejwE4kZv8+O9 OTvzIPOoM0rjNZOWKn89zLwSygZxJeEczWiA6dml6vuqdU9p0TAI5b7DCvbcr71J KziLwMJAGHIik+FYKS34tKsQaHTUIIbgNV3H1GLZnQrcYH0zfSDvO0q+X8bVcSWB 5k23Kkd4wwcu/WEVBSAIkiMoHmQrxUauVOcIDBXOoi0je9B67kQ= =/q8V -----END PGP SIGNATURE----- --eT0M3T1LYdQ/WIvW--