Received: by 2002:a05:7412:3b8b:b0:fc:a2b0:25d7 with SMTP id nd11csp1239851rdb; Fri, 9 Feb 2024 15:11:29 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXVQyYF/i/LaL9olEgT3ucBXlpFP4mniy/DakFN+DSdttEa4eiGkUrnGDH0rqqYPneHGjTH/Kmwxcj0XGz19USxwddZX90KR5ujFzoS1A== X-Google-Smtp-Source: AGHT+IERxFqYzEsShCJ8mFwGDLFxZIer3cqN4sz5CW3LvlGpRHkWS/8w2eEqVXi30wndzFICAZUt X-Received: by 2002:a17:906:68cc:b0:a37:645d:ead5 with SMTP id y12-20020a17090668cc00b00a37645dead5mr307251ejr.18.1707520289660; Fri, 09 Feb 2024 15:11:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707520289; cv=pass; d=google.com; s=arc-20160816; b=HfdOk94owHhGk1aMwCw9FC2/vpthA/6ZmscpHQtZeWRCAFvApWl/eRpeO/9CbatwSp +EavW2RRLrtK+gTOJsBMrTtqhOJyakCkJtIWhLMRizw6R0LvBc0kD7iAU9HzV/w2fCCJ 6KiTIfRIgQEepqrH5zNvWvKnJlUiD6IUG4mt9gHmBlQui7bHd8mN+F5mjpWLDEqX8FEt aOZG2019TMlssCHFIp9/Mqf/qs0sX7uCf8GvXZhK8e64OKLI9Cmg8GVOl9IZON6uB5/Y WzEW5NuUbkXg++lLoJ9kWTJ0oq06BR/otvc19KluBvSzqbtKy+x93052VqpSeBxBBtBo Rlnw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=q2knhfYvBI89+7uOG5gExkz78DEkBMa+vr/IGCvXGhc=; fh=bYXzE7Wil+ZLAg0m78GOaFp64k/dBST54WJ4Saw5N8Q=; b=VOAzna7bEEPTN21tgYwsXBduiVbupPY+/MRbJdEhimj9pD6azg7qqWJYkBbrU5bO5M /MEKAJ+eKBAsSidy4gNr1whJj4cNRMItqG9UG65DUA6xmrhZspffy9TuPw/0dqbZzBMZ truEuu3DM2/hqJIWun69ybAZWiSb+tQc5UFBSg27vgNOeKFrZJosRUjMs6/fHqUfYia3 7qO/i/wMYNThe8NIjE78ccxZ6bqB4w8Fh8fevrQt3H8Ytw48FuwsaHDtKKFT+mJ5qiNx 00hy5JMxVrBfRpkrXCAZdYqwFO8GBwNK9+t2pzNWZ1EgsN+rjOQ4YA+XHdoiOrfAnmwY 0djA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=eW3LHiaJ; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-59858-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-59858-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Forwarded-Encrypted: i=2; AJvYcCXByg/RVJIvQgFof0+GZn+RZMDnCbPJcvs21WE0jLNljjqrEBNa77m0rfROCCYD02aPBvW3reMZ6CYzxZaNrqw1779Wo9uD756tobs7/g== Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id hb18-20020a170906b89200b00a3c28fed16bsi81345ejb.492.2024.02.09.15.11.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 09 Feb 2024 15:11:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-59858-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=eW3LHiaJ; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-59858-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-59858-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id E2B541F260D2 for ; Fri, 9 Feb 2024 19:06:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5DB7984A42; Fri, 9 Feb 2024 19:06:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="eW3LHiaJ" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D659A84A29; Fri, 9 Feb 2024 19:06:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.21 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707505566; cv=none; b=OX+A+CmJ7o3FNIERSUmnSGtUNPJTDNbLkrZfAGvcHHeUKwumMCXws4d/DSsEn3B8qTieuQP58Tyh2ftLt5llnQDFltoXBaCnQ+v9dsFVlQMJkluHkJaMYbSPpMe09fCwKKeg0Epys81XMuno+dq26aKeiZYoEQgZQ2HNUxHKgWo= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707505566; c=relaxed/simple; bh=uH5jVE0MECW4NZxWlW2VDnG/UXQKh57bJcefzW5uzZY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=UmwF1sNcSZ1PHckf8Xo1obnnemX27UMqfA7x8ARLdVh8YM8j3pqpbtZ+ssQ+haJjHNPECzSGhqWQfdX85Npgam18wQRgPsaN8+CgPHkJyK+LTrY3uNTXIQh6zq1Fl6LCMYt1YsiW8XkYGOWUgL6eupZ5Fi9wDT8BMqZKjxHhDXQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=eW3LHiaJ; arc=none smtp.client-ip=198.175.65.21 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1707505565; x=1739041565; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=uH5jVE0MECW4NZxWlW2VDnG/UXQKh57bJcefzW5uzZY=; b=eW3LHiaJi7abuANvCgilfBOBSCuwgvgerTAvOvGIgFBhQDkKJqrCPOrP OtnkIR7p2CrVFa/MimkJSl6nJqYWZEhlMYxx8jobPGTR+mrTsxgvsy4R3 etzOSjS2Z6EXbn5WpZnYRxzknLMW2/jGcg4lgPeVrKXB2D6N+XpGkciw9 Zmpxqvlp7cVRU6CUxjrt1AKKyvOhpn5HE3+lLvLi2T+YBFl6CnWN10pGB ar69gQl1BEkIjIXR1v0/WaEIM0ltbi8H0GoXagLU0c1xlBCb1nxPbrDHd amjsL0tJfTBSjWjdN36mHqy4+sF8TVBKYsBbxNdZWnhq3tUHYCraYjR59 Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10979"; a="1392462" X-IronPort-AV: E=Sophos;i="6.05,257,1701158400"; d="scan'208";a="1392462" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa113.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Feb 2024 11:06:04 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,257,1701158400"; d="scan'208";a="6661651" Received: from karenaba-mobl1.amr.corp.intel.com (HELO desk) ([10.209.64.107]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Feb 2024 11:06:02 -0800 Date: Fri, 9 Feb 2024 11:06:02 -0800 From: Pawan Gupta To: Borislav Petkov Cc: Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Andy Lutomirski , Jonathan Corbet , Sean Christopherson , Paolo Bonzini , tony.luck@intel.com, ak@linux.intel.com, tim.c.chen@linux.intel.com, Andrew Cooper , Nikolay Borisov , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, kvm@vger.kernel.org, Alyssa Milburn , Daniel Sneddon , antonio.gomez.iglesias@linux.intel.com, Alyssa Milburn , stable@kernel.org Subject: Re: [PATCH v7 1/6] x86/bugs: Add asm helpers for executing VERW Message-ID: <20240209190602.skqahxhgbdc5b2ax@desk> References: <20240204-delay-verw-v7-0-59be2d704cb2@linux.intel.com> <20240204-delay-verw-v7-1-59be2d704cb2@linux.intel.com> <20240209172843.GUZcZgy7EktXgKZQoc@fat_crate.local> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240209172843.GUZcZgy7EktXgKZQoc@fat_crate.local> On Fri, Feb 09, 2024 at 06:28:43PM +0100, Borislav Petkov wrote: > On Sun, Feb 04, 2024 at 11:18:59PM -0800, Pawan Gupta wrote: > > .popsection > > + > > +/* > > + * Defines the VERW operand that is disguised as entry code so that > > "Define..." > > > + * it can be referenced with KPTI enabled. This ensures VERW can be > > "Ensure..." > > But committer can fix those. > > > + * used late in exit-to-user path after page tables are switched. > > + */ > > +.pushsection .entry.text, "ax" > > + > > +.align L1_CACHE_BYTES, 0xcc > > +SYM_CODE_START_NOALIGN(mds_verw_sel) > > + UNWIND_HINT_UNDEFINED > > + ANNOTATE_NOENDBR > > + .word __KERNEL_DS > > +.align L1_CACHE_BYTES, 0xcc > > +SYM_CODE_END(mds_verw_sel); > > +/* For KVM */ > > +EXPORT_SYMBOL_GPL(mds_verw_sel); > > + > > +.popsection > > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h > > index fdf723b6f6d0..2b62cdd8dd12 100644 > > --- a/arch/x86/include/asm/cpufeatures.h > > +++ b/arch/x86/include/asm/cpufeatures.h > > @@ -95,7 +95,7 @@ > > #define X86_FEATURE_SYSENTER32 ( 3*32+15) /* "" sysenter in IA32 userspace */ > > #define X86_FEATURE_REP_GOOD ( 3*32+16) /* REP microcode works well */ > > #define X86_FEATURE_AMD_LBR_V2 ( 3*32+17) /* AMD Last Branch Record Extension Version 2 */ > > -/* FREE, was #define X86_FEATURE_LFENCE_RDTSC ( 3*32+18) "" LFENCE synchronizes RDTSC */ > > +#define X86_FEATURE_CLEAR_CPU_BUF ( 3*32+18) /* "" Clear CPU buffers using VERW */ > > #define X86_FEATURE_ACC_POWER ( 3*32+19) /* AMD Accumulated Power Mechanism */ > > #define X86_FEATURE_NOPL ( 3*32+20) /* The NOPL (0F 1F) instructions */ > > #define X86_FEATURE_ALWAYS ( 3*32+21) /* "" Always-present feature */ > > diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h > > index 262e65539f83..ec85dfe67123 100644 > > --- a/arch/x86/include/asm/nospec-branch.h > > +++ b/arch/x86/include/asm/nospec-branch.h > > @@ -315,6 +315,21 @@ > > #endif > > .endm > > > > +/* > > + * Macros to execute VERW instruction that mitigate transient data sampling > > + * attacks such as MDS. On affected systems a microcode update overloaded VERW > > + * instruction to also clear the CPU buffers. VERW clobbers CFLAGS.ZF. > > + * > > + * Note: Only the memory operand variant of VERW clears the CPU buffers. > > + */ > > +.macro EXEC_VERW > > I think I asked this already: Sorry I can't seem to find that on lore. (Though, there was a comment on avoiding the macro alltogether, to which I replied that it complicates 32-bit.) > Why isn't this called simply "VERW"? > > There's no better name as this is basically the insn itself... Agree. > > + verw _ASM_RIP(mds_verw_sel) But, in this case the instruction needs a special operand, and the build fails with the macro name VERW: AS arch/x86/entry/entry.o AS arch/x86/entry/entry_64.o arch/x86/entry/entry_64.S: Assembler messages: arch/x86/entry/entry_64.S:164: Error: too many positional arguments arch/x86/entry/entry_64.S:577: Error: too many positional arguments arch/x86/entry/entry_64.S:728: Error: too many positional arguments arch/x86/entry/entry_64.S:1479: Error: too many positional arguments make[4]: *** [scripts/Makefile.build:361: arch/x86/entry/entry_64.o] Error 1 make[3]: *** [scripts/Makefile.build:481: arch/x86/entry] Error 2 make[2]: *** [scripts/Makefile.build:481: arch/x86] Error 2 > > +.endm Perhaps s/EXEC_VERW/_VERW/ ? Thanks for the review.