Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
openSUSE:Leap:15.0:Rings:1-MinimalX
xen
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIB...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch of Package xen
# Commit d297b56682e730d598e2529cc6998151d3b6f6f8 # Date 2018-01-26 14:10:21 +0000 # Author Andrew Cooper <andrew.cooper3@citrix.com> # Committer Andrew Cooper <andrew.cooper3@citrix.com> x86/cpuid: Handling of IBRS/IBPB, STIBP and IBRS for guests Intel specifies IBRS/IBPB (combined, in a single bit) and STIBP as a separate bit. AMD specifies IBPB alone in a 3rd bit. AMD's IBPB is a subset of Intel's combined IBRS/IBPB. For performance reasons, administrators might wish to express "IBPB only" even on Intel hardware, so we allow the AMD bit to be used for this purpose. The behaviour of STIBP is more complicated. It is our current understanding that STIBP will be advertised on HT-capable hardware irrespective of whether HT is enabled, but not advertised on HT-incapable hardware. However, for ease of virtualisation, STIBP's functionality is ignored rather than reserved by microcode/hardware on HT-incapable hardware. For guest safety, we treat STIBP as special, always override the toolstack choice, and always advertise STIBP if IBRS is available. This removes the corner case where STIBP is not advertised, but the guest is running on HT-capable hardware where it does matter. Finally as a bugfix, update the libxc CPUID logic to understand the e8b feature leaf, which has the side effect of also offering CLZERO to guests on applicable hardware. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Wei Liu <wei.liu2@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -465,7 +465,9 @@ static void xc_cpuid_hvm_policy(xc_inter case 0x80000008: regs[0] &= 0x0000ffffu; - regs[1] = regs[3] = 0; + regs[1] = info->featureset[featureword_of(X86_FEATURE_CLZERO)]; + /* regs[2] handled in the per-vendor logic. */ + regs[3] = 0; break; case 0x00000002: /* Intel cache info (dumped by AMD policy) */ --- a/xen/arch/x86/cpuid.c +++ b/xen/arch/x86/cpuid.c @@ -383,6 +383,16 @@ static void __init calculate_pv_max_poli /* Unconditionally claim to be able to set the hypervisor bit. */ __set_bit(X86_FEATURE_HYPERVISOR, pv_featureset); + /* On hardware with IBRS/IBPB support, there are further adjustments. */ + if ( test_bit(X86_FEATURE_IBRSB, pv_featureset) ) + { + /* Offer STIBP unconditionally. It is a nop on non-HT hardware. */ + __set_bit(X86_FEATURE_STIBP, pv_featureset); + + /* AMD's IBPB is a subset of IBRS/IBPB. */ + __set_bit(X86_FEATURE_IBPB, pv_featureset); + } + sanitise_featureset(pv_featureset); cpuid_featureset_to_policy(pv_featureset, p); recalculate_xstate(p); @@ -440,6 +450,16 @@ static void __init calculate_hvm_max_pol __clear_bit(X86_FEATURE_XSAVES, hvm_featureset); } + /* On hardware with IBRS/IBPB support, there are further adjustments. */ + if ( test_bit(X86_FEATURE_IBRSB, hvm_featureset) ) + { + /* Offer STIBP unconditionally. It is a nop on non-HT hardware. */ + __set_bit(X86_FEATURE_STIBP, hvm_featureset); + + /* AMD's IBPB is a subset of IBRS/IBPB. */ + __set_bit(X86_FEATURE_IBPB, hvm_featureset); + } + sanitise_featureset(hvm_featureset); cpuid_featureset_to_policy(hvm_featureset, p); recalculate_xstate(p); @@ -581,6 +601,14 @@ void recalculate_cpuid_policy(struct dom recalculate_xstate(p); recalculate_misc(p); + /* + * Override STIBP to match IBRS. Guests can safely use STIBP + * functionality on non-HT hardware, but can't necesserily protect + * themselves from SP2/Spectre/Branch Target Injection if STIBP is hidden + * on HT-capable hardware. + */ + p->feat.stibp = p->feat.ibrsb; + for ( i = 0; i < ARRAY_SIZE(p->cache.raw); ++i ) { if ( p->cache.subleaf[i].type >= 1 && --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -243,7 +243,7 @@ XEN_CPUFEATURE(IBPB, 8*32+12) / XEN_CPUFEATURE(AVX512_4VNNIW, 9*32+ 2) /*A AVX512 Neural Network Instructions */ XEN_CPUFEATURE(AVX512_4FMAPS, 9*32+ 3) /*A AVX512 Multiply Accumulation Single Precision */ XEN_CPUFEATURE(IBRSB, 9*32+26) /* IBRS and IBPB support (used by Intel) */ -XEN_CPUFEATURE(STIBP, 9*32+27) /* STIBP */ +XEN_CPUFEATURE(STIBP, 9*32+27) /*! STIBP */ #endif /* XEN_CPUFEATURE */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor