Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
xen.10697
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch of Package xen.10697
# Commit 8c0e338086f060eba31d37b83fbdb883928aa085 # Date 2018-05-21 14:20:06 +0100 # Author Andrew Cooper <andrew.cooper3@citrix.com> # Committer Andrew Cooper <andrew.cooper3@citrix.com> x86/AMD: Mitigations for GPZ SP4 - Speculative Store Bypass AMD processors will execute loads and stores with the same base register in program order, which is typically how a compiler emits code. Therefore, by default no mitigating actions are taken, despite there being corner cases which are vulnerable to the issue. For performance testing, or for users with particularly sensitive workloads, the `spec-ctrl=ssbd` command line option is available to force Xen to disable Memory Disambiguation on applicable hardware. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -985,7 +985,7 @@ Flag to enable Supervisor Mode Execution ### spec-ctrl (x86) > `= List of [ <bool>, xen=<bool>, {pv,hvm,msr-sc,rsb}=<bool>, -> bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb}=<bool> ]` +> bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd}=<bool> ]` Controls for speculative execution sidechannel mitigations. By default, Xen will pick the most appropriate mitigations based on compiled in support, @@ -1029,6 +1029,11 @@ On hardware supporting IBPB (Indirect Br option can be used to force (the default) or prevent Xen from issuing branch prediction barriers on vcpu context switches. +On hardware supporting SSBD (Speculative Store Bypass Disable), the `ssbd=` +option can be used to force or prevent Xen using the feature itself. On AMD +hardware, this is a global option applied at boot, and not virtualised for +guest use. + ### sync\_console > `= <boolean>` --- a/xen/arch/x86/cpu/amd.c +++ b/xen/arch/x86/cpu/amd.c @@ -10,6 +10,7 @@ #include <asm/amd.h> #include <asm/hvm/support.h> #include <asm/setup.h> /* amd_init_cpu */ +#include <asm/spec_ctrl.h> #include <asm/acpi.h> #include <asm/apic.h> @@ -492,6 +493,25 @@ static void __devinit init_amd(struct cp if (!cpu_has_lfence_dispatch) __set_bit(X86_FEATURE_MFENCE_RDTSC, c->x86_capability); + /* + * If the user has explicitly chosen to disable Memory Disambiguation + * to mitigiate Speculative Store Bypass, poke the appropriate MSR. + */ + if (opt_ssbd) { + int bit = -1; + + switch (c->x86) { + case 0x15: bit = 54; break; + case 0x16: bit = 33; break; + case 0x17: bit = 10; break; + } + + if (bit >= 0 && !rdmsr_safe(MSR_AMD64_LS_CFG, value)) { + value |= 1ull << bit; + wrmsr_safe(MSR_AMD64_LS_CFG, value); + } + } + switch(c->x86) { case 0xf ... 0x17: --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -39,6 +39,7 @@ enum ind_thunk { }; static int8_t __initdata opt_ibrs = -1; bool_t __read_mostly opt_ibpb = 1; +bool_t __read_mostly opt_ssbd = 0; bool_t __initdata bsp_delay_spec_ctrl; int8_t __read_mostly default_xen_spec_ctrl = -1; @@ -133,6 +134,8 @@ static int __init parse_spec_ctrl(char * opt_ibrs = val; else if ( (val = parse_boolean("ibpb", s, ss)) >= 0 ) opt_ibpb = val; + else if ( (val = parse_boolean("ssbd", s, ss)) >= 0 ) + opt_ssbd = val; else rc = -EINVAL; --- a/xen/include/asm-x86/spec_ctrl.h +++ b/xen/include/asm-x86/spec_ctrl.h @@ -27,6 +27,7 @@ void init_speculation_mitigations(void); extern int8_t opt_xpti; extern bool_t opt_ibpb; +extern bool_t opt_ssbd; extern bool_t opt_msr_sc_pv, opt_msr_sc_hvm; extern bool_t bsp_delay_spec_ctrl;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor