Received: by 2002:a05:7208:13ce:b0:7f:395a:35b6 with SMTP id r14csp277265rbe; Wed, 28 Feb 2024 21:47:26 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXT3Qg44KFKpvsdXDc8CraA3UrD/Xv5L9xXag4PHGCGM9QvmCu+SddFBeuRg5LoVAx8Uw4SpkOPsgXxf4UoIe3kj3Odbn53HQ3uFfMP4Q== X-Google-Smtp-Source: AGHT+IEGMv05R/Nm0UQPYVW3w/iCAkZvzGl7rwZ0K1+pp9jh22DrFV20R92WjZ1ld5v4RPLoQSrX X-Received: by 2002:a05:6870:968d:b0:21e:212b:d141 with SMTP id o13-20020a056870968d00b0021e212bd141mr1074268oaq.19.1709185646241; Wed, 28 Feb 2024 21:47:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709185646; cv=pass; d=google.com; s=arc-20160816; b=GM3pjMjjaqyEZIYzGUxLSyGKP3qiLGWs/csK+d7X6yV/0+nBkJnYbtFvHJ1bSZqJL6 qem/LoyOVKI/uYe+mqJT8p0HLHR30hzTkln0iZRnwnMME0Qk06GuIJ70PRxY529dorZo KjUDixDHTUB9Hi4pGPFxNgeiWAn//JtyJ/btZtF6GjUINRBodeQwK4C/folaBRrxwmGb fkjihY0XSIjrP9sMJErbAnJh/VnHw4zOcD6Mr1n2r9On4Jb36qjs3yWS1BA7S7Lcn7ij 9GyGemKwBOQh6QYWlnNnGLmCRRolvtRE/ip74NXK9bvvplzrt1gT6v4gFMlCbvApkU7w 4w4w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=xHDGRhYMdFoGLhnWS54Uyj0PPFpOWfmbRz6eztfj+nY=; fh=gk/GTnirbw368CP1CbnbhAD7dSZvl+HC1eX/fTaa9is=; b=TyXH/9rKi0FmXE9N/dIRxbS49i665WStq69VwxvHmt8vl3uBY3inHESTz6QN9XHrVx S8F5GSQcCJdH1Kgl+IuPIooIuCsm8XTFLxh9Y8HoMZNx42n8S+D/q/AxqaoVZEWypz61 3vxRehMulDx3nXk9wgVKeLubr2WlqTGZ9DNlatKria4KZYWhHI9IhKGuDuuAe/H8ym7a SiJPmngvaVcSDbdg+PHRpik3uc7jgTa1VmWUkE+cOzoUpSBuMyt1DnurzVrNOh/Dc1am 3YV31cJjwbQQPo9vxgJR/JPf2ZPTVA2E0da58hun7uWt+6kN5P3yW6YlArJ0Bc3rTleY 6xHQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=AfkF0B2P; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-86025-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-86025-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id f11-20020a63f10b000000b005d8b6fe2b5dsi665480pgi.569.2024.02.28.21.47.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Feb 2024 21:47:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-86025-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=AfkF0B2P; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-86025-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-86025-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 629EBB2337F for ; Thu, 29 Feb 2024 02:04:02 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D5F9A364C7; Thu, 29 Feb 2024 02:03:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="AfkF0B2P" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 79E2A23DB for ; Thu, 29 Feb 2024 02:03:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.21 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709172235; cv=none; b=UKbqOkeSJoh56Hbxd4nWrbpIzPbZH+paMBE4IfWej3QiZWsekAkuPGwwNt6Ym4+aI5dgylR07sRpBdz36gBh2otSF/OVU19ncZVniSC5BD5i3B63lHwZezRNYcjnbvWRrrAwIUnntEMlmdAybmeW6Ur/QC7DvROVpLSv1VsjbsQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709172235; c=relaxed/simple; bh=Q75pArREJLjVh3lGI4fFUuUjzEdAl5eP+jZ7P9RGLrs=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=XdZNfRX8K/q9Zu1jSmkEd8TMU32w1Ca5DR8MtjKMTgPBJo9kjYCGeR3WKyz5ObHHERN7+MLnND0qOhCV/go2IPjBYkLpot/dC0LP8Y6TF+tMdkraJU2ViqEeK29zRK9VOxum/k8zf//Ob/BocuYOPO73E6UOPDiWp+N+JmSeX4w= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=AfkF0B2P; arc=none smtp.client-ip=198.175.65.21 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1709172233; x=1740708233; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=Q75pArREJLjVh3lGI4fFUuUjzEdAl5eP+jZ7P9RGLrs=; b=AfkF0B2PVsnCAJL+70YT0Nu/DMI4DSv3FFfOEGD+tLa62Hz8azMU4gXW KxPeyVLS22zNKc34MXrIgIW2hxawHozWr9KJJahIAdnwhHZk3w3vL6B9+ oqAQTjKus0W7QcIPIhebA3dvS802R/5mfgQ7q++zUpKosZU2MdYtIJKpW W3SyfwtQD6DgmeY8Smuz0Kg13lz/HrnpoNhIGVX/WAZFatotrt8nJ8SGd ojywt5+8MQCBdDY3yhIPvDXVDWcTsBhG2/35Bg8hW5XpylBnHkv5jUgNI eWkCjyWdV734ZJRGFzSKYsPhVJYu1z1fEsvCYJh53H5rGi937np00tNyz w==; X-IronPort-AV: E=McAfee;i="6600,9927,10998"; a="3539938" X-IronPort-AV: E=Sophos;i="6.06,192,1705392000"; d="scan'208";a="3539938" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa113.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Feb 2024 18:03:53 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,192,1705392000"; d="scan'208";a="12349324" Received: from vabarca-mobl1.amr.corp.intel.com (HELO desk) ([10.209.19.138]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Feb 2024 18:03:48 -0800 Date: Wed, 28 Feb 2024 18:03:47 -0800 From: Pawan Gupta To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" Cc: Daniel Sneddon , Nikolay Borisov , linux-kernel@vger.kernel.org Subject: Re: [PATCH] x86/bugs: Use fixed addressing for VERW operand Message-ID: <20240229020347.nhu6564kmwcp2cey@desk> References: <20240226-verw-arg-fix-v1-1-7b37ee6fd57d@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240226-verw-arg-fix-v1-1-7b37ee6fd57d@linux.intel.com> On Mon, Feb 26, 2024 at 03:52:33PM -0800, Pawan Gupta wrote: > Macro used for MDS mitigation executes VERW with relative addressing for > the operand. This is unnecessary and creates a problem for backports on > older kernels that don't support relocations in alternatives. Relocation > support was added by commit 270a69c4485d ("x86/alternative: Support > relocations in alternatives"). Also asm for fixed addressing is much > more cleaner than relative RIP addressing. > > Simplify the asm by using fixed addressing for VERW operand. > > Fixes: baf8361e5455 ("x86/bugs: Add asm helpers for executing VERW") > Reported-by: Nikolay Borisov > Closes: https://lore.kernel.org/lkml/20558f89-299b-472e-9a96-171403a83bd6@suse.com/ > Signed-off-by: Pawan Gupta > --- > arch/x86/include/asm/nospec-branch.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h > index 2aa52cab1e46..ab19c7f1167b 100644 > --- a/arch/x86/include/asm/nospec-branch.h > +++ b/arch/x86/include/asm/nospec-branch.h > @@ -323,7 +323,7 @@ > * Note: Only the memory operand variant of VERW clears the CPU buffers. > */ > .macro CLEAR_CPU_BUFFERS > - ALTERNATIVE "", __stringify(verw _ASM_RIP(mds_verw_sel)), X86_FEATURE_CLEAR_CPU_BUF > + ALTERNATIVE "", __stringify(verw mds_verw_sel), X86_FEATURE_CLEAR_CPU_BUF Extremely sorry this change will not work with KASLR. The patch was rushed to facilitate backports, and was only tested on qemu that had KASLR disabled. :( Lesson learnt. Please drop this patch.