Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp172834rwb; Wed, 5 Oct 2022 16:49:49 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4lkSyUNMBKDkscT5JRXdgLNoEaDXIIIZk15ZCNN97e92ttFZmR3up85QJDUYIcpHpPHFPh X-Received: by 2002:a17:90b:4a47:b0:20a:a066:9148 with SMTP id lb7-20020a17090b4a4700b0020aa0669148mr2138582pjb.137.1665013789257; Wed, 05 Oct 2022 16:49:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665013789; cv=none; d=google.com; s=arc-20160816; b=vPL29LKvu7uPC0mcCQquK1cVGw+wFUPI5tUGaO0fwZCnTWtaFr0tFRubYynauLV7cE JrxPtCgkiYZZv6lMdncSgCPRTRPMnJm+9uwD1XjwaSRpicFm6xcwfsXcBHEmR3eAXsRn 9swsfsqmkJfhVC3QoH+xola1NP2QCKKRQC9uMEohaCzL5VFaGCjeo30kJlnSsvkw/xlC 00ar2BKPQt3eycDvKqQdZjHR6In5Tj9feymVyhTTpcC6G8brtxLv2KxxYbi4X0nCoi59 xpWFfgq3nMKYlyPe8/55POhKNlMPkAVfYKRg3Vibf6wZqhQULEhAGI+d1MoIVO6d9BJa xQAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=s9L1ISlSFcZa0CPv8FEiqQjalxJYm0m5A3FHc7qPn+o=; b=mKAHbZQCjkUV+Xlyd+xVvc8nPC4bYuRcY/c5irOIasTkgs39YmVh/LBi9QR1LSiOW5 d4menu61MDntCJFdfEAYeQP8V1vJDOSzejLHH46ls/r+ixlH2cG6MRbKFS722Dtxwn/r VuY14IoaTE6EzioscT4rnwZBo+GBkZidAI6MKX0nMa+hz0E7PtUZOFLPHCJ7WPV0abz6 h7WE5EQGqcKvdb49pUJ16C6hOMveiF58nB0YGDpL2VZ2PY1Al1AudQJJ+cR0qVE4pF3t aGiOPHgrWw7mc+7ptcgSiPxofrOvMiF4PLG3p3QF2LQUkZncrhXaPGrfPaophJyqg9S2 LACw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=OATsYPwV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s145-20020a632c97000000b004394529bc5esi17858490pgs.29.2022.10.05.16.49.13; Wed, 05 Oct 2022 16:49:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=OATsYPwV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229531AbiJEXpl (ORCPT + 99 others); Wed, 5 Oct 2022 19:45:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229445AbiJEXpk (ORCPT ); Wed, 5 Oct 2022 19:45:40 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3D6CE3AE58; Wed, 5 Oct 2022 16:45:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1665013536; x=1696549536; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=RaUYcwQGnWtyL4YdEtWWSVHb+tZ4OaJxFPhXTQo15fI=; b=OATsYPwV8GB1X2+FMXRUosmX5C196Swy+NmJ9wWUwvimCxhCemfny9zJ 21/u1wIHXu+6r8QtRMD1CFvyFrAx9IB0G6XzF3o73UOOdQxXucdcA7fYD tM+8rj1mFQXQWoVF7votnwd6rj5bdwH1NMts2GjZhYB4TrU+5AZ0saBNo 3OlgrLZNw5Ft9IMqeUTs4fUPgMxCL93urk29Tw5yXYhx5fdp4iWITI0gN lHHjn05S/fcCMZ3dFjqLEu0/AaqSZp2l4qs/Nc3DU4wNMHkdhVYK7gpW1 MuKn9Bn12O01CWSvO51J5dxm/j8vzKl+X7FQgTfKvixmU1dYFwqCSUt4z A==; X-IronPort-AV: E=McAfee;i="6500,9779,10491"; a="389589881" X-IronPort-AV: E=Sophos;i="5.95,162,1661842800"; d="scan'208";a="389589881" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Oct 2022 16:45:36 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10491"; a="713627051" X-IronPort-AV: E=Sophos;i="5.95,162,1661842800"; d="scan'208";a="713627051" Received: from cmbrown1-mobl.amr.corp.intel.com (HELO desk) ([10.212.186.202]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Oct 2022 16:45:35 -0700 Date: Wed, 5 Oct 2022 16:45:33 -0700 From: Pawan Gupta To: Jim Mattson Cc: Suraj Jitindar Singh , kvm@vger.kernel.org, sjitindarsingh@gmail.com, linux-kernel@vger.kernel.org, x86@kernel.org, tglx@linutronix.de, mingo@redhat.com, bp@suse.de, dave.hansen@linux.intel.com, seanjc@google.com, pbonzini@redhat.com, peterz@infradead.org, jpoimboe@kernel.org, daniel.sneddon@linux.intel.com, benh@kernel.crashing.org, stable@vger.kernel.org Subject: Re: [PATCH] x86/speculation: Mitigate eIBRS PBRSB predictions with WRMSR Message-ID: <20221005234533.cr4jpzsb3cprlc2c@desk> References: <20221005220227.1959-1-surajjs@amazon.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 05, 2022 at 04:24:54PM -0700, Jim Mattson wrote: >On Wed, Oct 5, 2022 at 3:03 PM Suraj Jitindar Singh wrote: >> >> tl;dr: The existing mitigation for eIBRS PBRSB predictions uses an INT3 to >> ensure a call instruction retires before a following unbalanced RET. Replace >> this with a WRMSR serialising instruction which has a lower performance >> penalty. >> >> == Background == >> >> eIBRS (enhanced indirect branch restricted speculation) is used to prevent >> predictor addresses from one privilege domain from being used for prediction >> in a higher privilege domain. >> >> == Problem == >> >> On processors with eIBRS protections there can be a case where upon VM exit >> a guest address may be used as an RSB prediction for an unbalanced RET if a >> CALL instruction hasn't yet been retired. This is termed PBRSB (Post-Barrier >> Return Stack Buffer). >> >> A mitigation for this was introduced in: >> (2b1299322016731d56807aa49254a5ea3080b6b3 x86/speculation: Add RSB VM Exit protections) >> >> This mitigation [1] has a ~1% performance impact on VM exit compared to without >> it [2]. >> >> == Solution == >> >> The WRMSR instruction can be used as a speculation barrier and a serialising >> instruction. Use this on the VM exit path instead to ensure that a CALL >> instruction (in this case the call to vmx_spec_ctrl_restore_host) has retired >> before the prediction of a following unbalanced RET. >> >> This mitigation [3] has a negligible performance impact. >> >> == Testing == >> >> Run the outl_to_kernel kvm-unit-tests test 200 times per configuration which >> counts the cycles for an exit to kernel mode. >> >> [1] With existing mitigation: >> Average: 2026 cycles >> [2] With no mitigation: >> Average: 2008 cycles >> [3] With proposed mitigation: >> Average: 2008 cycles >> >> Signed-off-by: Suraj Jitindar Singh >> Cc: stable@vger.kernel.org >> --- >> arch/x86/include/asm/nospec-branch.h | 7 +++---- >> arch/x86/kvm/vmx/vmenter.S | 3 +-- >> arch/x86/kvm/vmx/vmx.c | 5 +++++ >> 3 files changed, 9 insertions(+), 6 deletions(-) >> >> diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h >> index c936ce9f0c47..e5723e024b47 100644 >> --- a/arch/x86/include/asm/nospec-branch.h >> +++ b/arch/x86/include/asm/nospec-branch.h >> @@ -159,10 +159,9 @@ >> * A simpler FILL_RETURN_BUFFER macro. Don't make people use the CPP >> * monstrosity above, manually. >> */ >> -.macro FILL_RETURN_BUFFER reg:req nr:req ftr:req ftr2=ALT_NOT(X86_FEATURE_ALWAYS) >> - ALTERNATIVE_2 "jmp .Lskip_rsb_\@", \ >> - __stringify(__FILL_RETURN_BUFFER(\reg,\nr)), \ftr, \ >> - __stringify(__FILL_ONE_RETURN), \ftr2 >> +.macro FILL_RETURN_BUFFER reg:req nr:req ftr:req >> + ALTERNATIVE "jmp .Lskip_rsb_\@", \ >> + __stringify(__FILL_RETURN_BUFFER(\reg,\nr)), \ftr >> >> .Lskip_rsb_\@: >> .endm >> diff --git a/arch/x86/kvm/vmx/vmenter.S b/arch/x86/kvm/vmx/vmenter.S >> index 6de96b943804..eb82797bd7bf 100644 >> --- a/arch/x86/kvm/vmx/vmenter.S >> +++ b/arch/x86/kvm/vmx/vmenter.S >> @@ -231,8 +231,7 @@ SYM_INNER_LABEL(vmx_vmexit, SYM_L_GLOBAL) >> * single call to retire, before the first unbalanced RET. >> */ >> >> - FILL_RETURN_BUFFER %_ASM_CX, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_VMEXIT,\ >> - X86_FEATURE_RSB_VMEXIT_LITE >> + FILL_RETURN_BUFFER %_ASM_CX, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_VMEXIT >> >> >> pop %_ASM_ARG2 /* @flags */ >> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c >> index c9b49a09e6b5..fdcd8e10c2ab 100644 >> --- a/arch/x86/kvm/vmx/vmx.c >> +++ b/arch/x86/kvm/vmx/vmx.c >> @@ -7049,8 +7049,13 @@ void noinstr vmx_spec_ctrl_restore_host(struct vcpu_vmx *vmx, >> * For legacy IBRS, the IBRS bit always needs to be written after >> * transitioning from a less privileged predictor mode, regardless of >> * whether the guest/host values differ. >> + * >> + * For eIBRS affected by Post Barrier RSB Predictions a serialising >> + * instruction (wrmsr) must be executed to ensure a call instruction has >> + * retired before the prediction of a following unbalanced ret. >> */ >> if (cpu_feature_enabled(X86_FEATURE_KERNEL_IBRS) || >> + cpu_feature_enabled(X86_FEATURE_RSB_VMEXIT_LITE) || >> vmx->spec_ctrl != hostval) >> native_wrmsrl(MSR_IA32_SPEC_CTRL, hostval); > >Okay. I see how this almost meets the requirements. But this WRMSR is >conditional, which means that there's a speculative path through this >code that ends up at the unbalanced RET without executing the WRMSR. Agree. I was just about to post this.