Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp8709756rwb; Thu, 24 Nov 2022 03:19:52 -0800 (PST) X-Google-Smtp-Source: AA0mqf7mOv9BYxdaXkJeN0NdwIrmoFWi1RVPYKOvl5dAl6g3sQvWqwZeektuuHfvMuB58R7X9RhS X-Received: by 2002:aa7:8a0c:0:b0:56c:2a86:d74 with SMTP id m12-20020aa78a0c000000b0056c2a860d74mr13413954pfa.73.1669288792362; Thu, 24 Nov 2022 03:19:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669288792; cv=none; d=google.com; s=arc-20160816; b=xr+db5rGYr9Y6/TTikskJPavMzGzjsLqvqHWgFToBgLIyRVEclxoZDKDGFJge50Cop qMhnhb5OphjpIeSF3GUbKmVXtY+e9BOWkPI7NlTnw5A7QtaWLVwzjBX2Qc7mZazFmZMm 9dzeg1tUFc4O4m/NYwbcztgF/6TPDsp4Frnfx9nuSttMNVlTvBj64TlqfiBkp/ljKF0H 0nuDTZPZAa+pane4hZ2Jgb0wG6CW6xeBqEapn1IW49hw85nzw+EeOMgXFIhbea1vU2L0 a5cgRCNTxSdHLZ96bZUpxKzcj6UYvo1FKEs54OMBLgwKuVf8u41QEkhpNGTC15tiwYa+ KWRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=jOCeRbpoEibDw8trfgXnocJq/MAqJBN4CTGMZxhpixQ=; b=eg7EnaO5tpuqDp1wgIuupuy/z0ybbKp2yGlf+rJfjMxNP+jm7g+yjo4aGoayksd5Cw ITDDjiH5ZejgmcbGNslZJK2UWLkAJ61ysVUr+Lptav726k8QED+O8QM6Ubctu7G8qM4w vhf7yq2YAWfSFJpuDV2CrQ+Hu+OQsTsKJOsacAF/NzWE8FGG69UtMdJWINgdAvJFneSi ObbIOErLe5aOWWu3d20yt2XGK/9D3gnvLbA2P4EmgFAOf8Z4/kUi5Re78ewUiDL6REeQ ZBgCagvESb9r1/4sYBzSAMiQM62yxCw/5DbCXKwmDNBxTYy/LljUjnKivs7KVxBKkmlX Vshw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k3-20020a170902d58300b001890c6ff01asi749755plh.483.2022.11.24.03.19.40; Thu, 24 Nov 2022 03:19:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229850AbiKXKrH (ORCPT + 86 others); Thu, 24 Nov 2022 05:47:07 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229816AbiKXKrD (ORCPT ); Thu, 24 Nov 2022 05:47:03 -0500 Received: from mail-ej1-f46.google.com (mail-ej1-f46.google.com [209.85.218.46]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 10B5114F9F3 for ; Thu, 24 Nov 2022 02:47:02 -0800 (PST) Received: by mail-ej1-f46.google.com with SMTP id bj12so3206369ejb.13 for ; Thu, 24 Nov 2022 02:47:01 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jOCeRbpoEibDw8trfgXnocJq/MAqJBN4CTGMZxhpixQ=; b=YWEjm0ODQL33o4hiCzXihF9SPErgV2X+LRC719qWE/NEacZXgLXRqEjcsfS91O4Yb4 IoFB5XA1TAObzkHtcqYNsi3zlz4lwAueHbKOFcqas4TnYR2vstB8r4Z4TYI60qtNXumR 0vQXjiJDheXVwITKaxWgN9oPkG5gy61aYCLt7o9mGYAVOR70cC50i6p1lVNX0McfPP/+ PWMUnCBRwWQ/oFQ++ayoG83rZHHHfPAHST9HV1t2ee+xhAYXg7aKUYKovEfokGAPOL5u 2brTXuDaSUFNiN82N+/90xAFWZYszBy6+nJQVo9E38uFNWMmDHnSiSmWmzHdS/95Eu8p rdpw== X-Gm-Message-State: ANoB5pkhUiP+qSiF1vDrlK+qpwEuh5H/iE7GcuYurdHrVSKJXvGYsS+x F7l0AmKIc6oPH3wj3kzodNU= X-Received: by 2002:a17:906:1b48:b0:78d:a136:732b with SMTP id p8-20020a1709061b4800b0078da136732bmr12033426ejg.135.1669286820516; Thu, 24 Nov 2022 02:47:00 -0800 (PST) Received: from localhost (fwdproxy-cln-120.fbsv.net. [2a03:2880:31ff:78::face:b00c]) by smtp.gmail.com with ESMTPSA id o17-20020a17090637d100b007aece68483csm278722ejc.193.2022.11.24.02.46.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Nov 2022 02:46:59 -0800 (PST) From: Breno Leitao To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, hpa@zytor.com, jpoimboe@kernel.org, peterz@infradead.org, pawan.kumar.gupta@linux.intel.com Cc: x86@kernel.org, cascardo@canonical.com, leit@meta.com, kexec@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [PATCH v2] x86/bugs: Explicitly clear speculative MSR bits Date: Thu, 24 Nov 2022 02:46:50 -0800 Message-Id: <20221124104650.533427-1-leitao@debian.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Currently x86_spec_ctrl_base is read at boot time, and speculative bits are set if configs are enable, such as MSR[SPEC_CTRL_IBRS] is enabled if CONFIG_CPU_IBRS_ENTRY is configured. These MSR bits are not cleared if the mitigations are disabled. This is a problem when kexec-ing a kernel that has the mitigation disabled, from a kernel that has the mitigation enabled. In this case, the MSR bits are carried forward and not cleared at the boot of the new kernel. This might have some performance degradation that is hard to find. This problem does not happen if the machine is (hard) rebooted, because the bit will be cleared by default. This patch also defines a SPEC_CTRL_MASK macro, so, we can easily track and clear if eventually some new mitigation shows up. Suggested-by: Pawan Gupta Signed-off-by: Breno Leitao --- arch/x86/include/asm/msr-index.h | 3 +++ arch/x86/kernel/cpu/bugs.c | 9 ++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 4a2af82553e4..704f49580ee1 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -54,6 +54,9 @@ #define SPEC_CTRL_RRSBA_DIS_S_SHIFT 6 /* Disable RRSBA behavior */ #define SPEC_CTRL_RRSBA_DIS_S BIT(SPEC_CTRL_RRSBA_DIS_S_SHIFT) +#define SPEC_CTRL_MASK (SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD \ + | SPEC_CTRL_RRSBA_DIS_S) + #define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */ #define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */ diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 3e3230cccaa7..88957da1029b 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -137,8 +137,15 @@ void __init check_bugs(void) * have unknown values. AMD64_LS_CFG MSR is cached in the early AMD * init code as it is not enumerated and depends on the family. */ - if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL)) + if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL)) { rdmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base); + /* + * Previously running software may have some controls turned ON. + * Clear them and let kernel decide which controls to use. + */ + x86_spec_ctrl_base &= ~SPEC_CTRL_MASK; + wrmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base); + } /* Select the proper CPU mitigations before patching alternatives: */ spectre_v1_select_mitigation(); -- 2.30.2