openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

File xsa434-1.patch of Package xen

From 2b73ce9ba71aa17153545487f9056bffbf88c03f Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Thu, 27 Jul 2023 20:03:28 +0100
Subject: x86/spec-ctrl: Rework ibpb_calculations()

... in order to make the SRSO mitigations easier to integrate.

* Check for AMD/Hygon CPUs directly, rather than assuming based on IBPB.
   In particular, Xen supports synthesising the IBPB bit to guests on Intel to
   allow IBPB while dissuading the use of (legacy) IBRS.
 * Collect def_ibpb_entry rather than opencoding the BTC_NO calculation for
   both opt_ibpb_entry_{pv,hvm}.

No functional change.

This is part of XSA-434 / CVE-2023-20569

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>

--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -868,6 +868,8 @@ static bool __init should_use_eager_fpu(
 
 static void __init ibpb_calculations(void)
 {
+    bool def_ibpb_entry = false;
+
     /* Check we have hardware IBPB support before using it... */
     if ( !boot_cpu_has(X86_FEATURE_IBRSB) && !boot_cpu_has(X86_FEATURE_IBPB) )
     {
@@ -876,28 +878,28 @@ static void __init ibpb_calculations(voi
         return;
     }
 
-    /*
-     * AMD/Hygon CPUs to date (June 2022) don't flush the the RAS.  Future
-     * CPUs are expected to enumerate IBPB_RET when this has been fixed.
-     * Until then, cover the difference with the software sequence.
-     */
-    if ( boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_IBPB_RET) )
-        setup_force_cpu_cap(X86_BUG_IBPB_NO_RET);
-
-    /*
-     * IBPB-on-entry mitigations for Branch Type Confusion.
-     *
-     * IBPB && !BTC_NO selects all AMD/Hygon hardware, not known to be safe,
-     * that we can provide some form of mitigation on.
-     */
+    if ( boot_cpu_data.x86_vendor == X86_VENDOR_AMD )
+    {
+        /*
+         * AMD/Hygon CPUs to date (June 2022) don't flush the RAS.  Future
+         * CPUs are expected to enumerate IBPB_RET when this has been fixed.
+         * Until then, cover the difference with the software sequence.
+         */
+        if ( !boot_cpu_has(X86_FEATURE_IBPB_RET) )
+            setup_force_cpu_cap(X86_BUG_IBPB_NO_RET);
+
+        /*
+         * AMD/Hygon CPUs up to and including Zen2 suffer from Branch Type
+         * Confusion.  Mitigate with IBPB-on-entry.
+         */
+        if ( !boot_cpu_has(X86_FEATURE_BTC_NO) )
+            def_ibpb_entry = true;
+    }
+
     if ( opt_ibpb_entry_pv == -1 )
-        opt_ibpb_entry_pv = (IS_ENABLED(CONFIG_PV) &&
-                             boot_cpu_has(X86_FEATURE_IBPB) &&
-                             !boot_cpu_has(X86_FEATURE_BTC_NO));
+        opt_ibpb_entry_pv = IS_ENABLED(CONFIG_PV) && def_ibpb_entry;
     if ( opt_ibpb_entry_hvm == -1 )
-        opt_ibpb_entry_hvm = (IS_ENABLED(CONFIG_HVM) &&
-                              boot_cpu_has(X86_FEATURE_IBPB) &&
-                              !boot_cpu_has(X86_FEATURE_BTC_NO));
+        opt_ibpb_entry_hvm = IS_ENABLED(CONFIG_HVM) && def_ibpb_entry;
 
     if ( opt_ibpb_entry_pv )
     {

Places

File xsa434-1.patch of Package xen

Places