Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
xen.25148
xsa407-0i.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xsa407-0i.patch of Package xen.25148
From: Andrew Cooper <andrew.cooper3@citrix.com> Subject: x86/spec-ctrl: Use common MSR_SPEC_CTRL logic for AMD Currently, amd_init_ssbd() works by being the only write to MSR_SPEC_CTRL in the system. This ceases to be true when using the common logic. Include AMD MSR_SPEC_CTRL in has_spec_ctrl to activate the common paths, and introduce an AMD specific block to control alternatives. Also update the boot/resume paths to configure default_xen_spec_ctrl. svm.h needs an adjustment to remove a dependency on include order. For now, only active alternatives for HVM - PV will require more work. No functional change, as no alternatives are defined yet for HVM yet. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> (cherry picked from commit 378f2e6df31442396f0afda19794c5c6091d96f9) --- a/xen/arch/x86/acpi/power.c +++ b/xen/arch/x86/acpi/power.c @@ -259,7 +259,7 @@ static int enter_state(u32 state) /* Re-enabled default NMI/#MC use of MSR_SPEC_CTRL. */ ci->spec_ctrl_flags |= (default_spec_ctrl_flags & SCF_ist_wrmsr); - if ( boot_cpu_has(X86_FEATURE_IBRSB) ) + if ( boot_cpu_has(X86_FEATURE_IBRSB) || boot_cpu_has(X86_FEATURE_IBRS) ) wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl); if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ) --- a/xen/arch/x86/cpu/amd.c +++ b/xen/arch/x86/cpu/amd.c @@ -544,7 +544,7 @@ static void amd_init_ssbd(const struct c return; if (cpu_has_amd_ssbd) { - wrmsrl(MSR_SPEC_CTRL, opt_ssbd ? SPEC_CTRL_SSBD : 0); + /* Handled by common MSR_SPEC_CTRL logic */ return; } --- a/xen/arch/x86/smpboot.c +++ b/xen/arch/x86/smpboot.c @@ -367,7 +367,7 @@ void start_secondary(void *unused) * settings. Note: These MSRs may only become available after loading * microcode. */ - if ( boot_cpu_has(X86_FEATURE_IBRSB) ) + if ( boot_cpu_has(X86_FEATURE_IBRSB) || boot_cpu_has(X86_FEATURE_IBRS) ) wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl); if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ) wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl); --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -22,6 +22,7 @@ #include <xen/sched.h> #include <xen/warning.h> +#include <asm/hvm/svm/svm.h> #include <asm/microcode.h> #include <asm/msr.h> #include <asm/processor.h> @@ -962,7 +963,8 @@ void __init init_speculation_mitigations hw_smt_enabled = check_smt_enabled(); - has_spec_ctrl = boot_cpu_has(X86_FEATURE_IBRSB); + has_spec_ctrl = (boot_cpu_has(X86_FEATURE_IBRSB) || + boot_cpu_has(X86_FEATURE_IBRS)); /* * Has the user specified any custom BTI mitigations? If so, follow their @@ -1043,12 +1045,32 @@ void __init init_speculation_mitigations } } + /* AMD hardware: MSR_SPEC_CTRL alternatives setup. */ + if ( boot_cpu_has(X86_FEATURE_IBRS) ) + { + /* + * Virtualising MSR_SPEC_CTRL for guests depends on SVM support, which + * on real hardware matches the availability of MSR_SPEC_CTRL in the + * first place. + * + * No need for SCF_ist_wrmsr because Xen's value is restored + * atomically WRT NMIs in the VMExit path. + * + * TODO: Adjust cpu_has_svm_spec_ctrl to be usable earlier on boot. + */ + if ( opt_msr_sc_hvm && + (boot_cpu_data.extended_cpuid_level >= 0x8000000a) && + (cpuid_edx(0x8000000a) & (1u << SVM_FEATURE_SPEC_CTRL)) ) + setup_force_cpu_cap(X86_FEATURE_SC_MSR_HVM); + } + /* If we have IBRS available, see whether we should use it. */ if ( has_spec_ctrl && ibrs ) default_xen_spec_ctrl |= SPEC_CTRL_IBRS; /* If we have SSBD available, see whether we should use it. */ - if ( boot_cpu_has(X86_FEATURE_SSBD) && opt_ssbd ) + if ( opt_ssbd && (boot_cpu_has(X86_FEATURE_SSBD) || + boot_cpu_has(X86_FEATURE_AMD_SSBD)) ) default_xen_spec_ctrl |= SPEC_CTRL_SSBD; /* --- a/xen/include/asm-x86/hvm/svm/svm.h +++ b/xen/include/asm-x86/hvm/svm/svm.h @@ -49,6 +49,9 @@ static inline void svm_invlpga(unsigned "a" (vaddr), "c" (asid)); } +struct cpu_user_regs; +struct vcpu; + unsigned long *svm_msrbit(unsigned long *msr_bitmap, uint32_t msr); void __update_guest_eip(struct cpu_user_regs *regs, unsigned int inst_len); void svm_update_guest_cr(struct vcpu *, unsigned int cr);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor