lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 21 Jan 2018 11:26:22 +0100 From: Ingo Molnar <mingo@...nel.org> To: David Woodhouse <dwmw@...zon.co.uk> Cc: arjan@...ux.intel.com, tglx@...utronix.de, karahmed@...zon.de, x86@...nel.org, linux-kernel@...r.kernel.org, tim.c.chen@...ux.intel.com, bp@...en8.de, peterz@...radead.org, pbonzini@...hat.com, ak@...ux.intel.com, torvalds@...ux-foundation.org, gregkh@...ux-foundation.org Subject: Re: [PATCH v2 5/8] x86/speculation: Add basic support for IBPB * David Woodhouse <dwmw@...zon.co.uk> wrote: > From: Thomas Gleixner <tglx@...utronix.de> > > Expose indirect_branch_prediction_barrier() for use in subsequent patches. > > [karahmed: remove the special-casing of skylake for using IBPB (wtf?), > switch to using ALTERNATIVES instead of static_cpu_has] > [dwmw2: set up ax/cx/dx in the asm too so it gets NOP'd out] > > Signed-off-by: Thomas Gleixner <tglx@...utronix.de> > Signed-off-by: KarimAllah Ahmed <karahmed@...zon.de> > Signed-off-by: David Woodhouse <dwmw@...zon.co.uk> > --- > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/include/asm/nospec-branch.h | 16 ++++++++++++++++ > arch/x86/kernel/cpu/bugs.c | 7 +++++++ > 3 files changed, 24 insertions(+) > > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h > index 8c9e5c0..cf28399 100644 > --- a/arch/x86/include/asm/cpufeatures.h > +++ b/arch/x86/include/asm/cpufeatures.h > @@ -207,6 +207,7 @@ > #define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */ > #define X86_FEATURE_INTEL_PPIN ( 7*32+14) /* Intel Processor Inventory Number */ > > +#define X86_FEATURE_IBPB ( 7*32+16) /* Using Indirect Branch Prediction Barrier */ > #define X86_FEATURE_AMD_PRED_CMD ( 7*32+17) /* Prediction Command MSR (AMD) */ > #define X86_FEATURE_MBA ( 7*32+18) /* Memory Bandwidth Allocation */ > #define X86_FEATURE_RSB_CTXSW ( 7*32+19) /* Fill RSB on context switches */ > diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h > index 4ad4108..c333c95 100644 > --- a/arch/x86/include/asm/nospec-branch.h > +++ b/arch/x86/include/asm/nospec-branch.h > @@ -218,5 +218,21 @@ static inline void vmexit_fill_RSB(void) > #endif > } > > +static inline void indirect_branch_prediction_barrier(void) > +{ > + unsigned long ax, cx, dx; > + > + asm volatile(ALTERNATIVE("", > + "movl %[msr], %%ecx\n\t" > + "movl %[val], %%eax\n\t" > + "movl $0, %%edx\n\t" > + "wrmsr", > + X86_FEATURE_IBPB) > + : "=a" (ax), "=c" (cx), "=d" (dx) > + : [msr] "i" (MSR_IA32_PRED_CMD), > + [val] "i" (PRED_CMD_IBPB) > + : "memory"); > +} > + > #endif /* __ASSEMBLY__ */ > #endif /* __NOSPEC_BRANCH_H__ */ > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index 390b3dc..96548ff 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -249,6 +249,13 @@ static void __init spectre_v2_select_mitigation(void) > setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); > pr_info("Filling RSB on context switch\n"); > } > + > + /* Initialize Indirect Branch Prediction Barrier if supported */ > + if (boot_cpu_has(X86_FEATURE_SPEC_CTRL) || > + boot_cpu_has(X86_FEATURE_AMD_PRED_CMD)) { > + setup_force_cpu_cap(X86_FEATURE_IBPB); > + pr_info("Enabling Indirect Branch Prediction Barrier\n"); > + } > } I'd suggest writing out the common 'IBPB' acronym in the messages as well: pr_info("Enabling Indirect Branch Prediction Barrier (IBPB)\n"); Also, the kernel's barrier*() namespace as it exists today is: barrier() barrier_data() I think the better name to introduce would be: barrier_indirect_branch_prediction() to maintain barrier_ as a prefix. Thanks, Ingo
Powered by blists - more mailing lists