lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3c56e807-945c-4996-9ac1-3205a23248ab@citrix.com>
Date:   Fri, 27 Oct 2023 21:09:05 +0100
From:   Andrew Cooper <andrew.cooper3@...rix.com>
To:     Borislav Petkov <bp@...en8.de>,
        Peter Zijlstra <peterz@...radead.org>
Cc:     X86 ML <x86@...nel.org>,
        Kishon VijayAbraham <Kishon.VijayAbraham@....com>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/2] x86/barrier: Do not serialize MSR accesses on AMD

On 27/10/2023 8:29 pm, Borislav Petkov wrote:
> On Fri, Oct 27, 2023 at 09:16:33PM +0200, Borislav Petkov wrote:
>> Thus the more conservative approach here.
> And on a second thought, I don't need any of that new stuff - I simply
> need a synthetic flag which says "MSRs need fencing" and set it on
> everything but AMD and Hygon. And we've solved this type of issue
> gazillion times already - why am I reinventing the wheel?!

Quoteth the APM (rev 3.41, June 2023):

16.11.2 WRMSR / RDMSR serialization for x2APIC Register

The WRMSR instruction is used to write the APIC register set in x2APIC
mode. Normally WRMSR is
a serializing instruction, however when accessing x2APIC registers, the
serializing aspect of WRMSR
is relaxed to allow for more efficient access to those registers.
Consequently, a WRMSR write to an
x2APIC register may complete before older store operations are complete
and have become globally
visible. When strong ordering of an x2APIC write access is required with
respect to preceding memory
operations, software can insert a serializing instruction (such as
MFENCE) before the WRMSR
instruction.

So which is right?  This commit message, or the APM?  (and yes, if
you're waiting on an APM update then the commit message should at least
note that one is coming.)


But, to the issue at hand.

There are other non-serialising MSRs on AMD CPUs, including the FS/GS
base MSRs on more modern parts which is enumerated in 8000_0021.eax[1].

So there isn't a boolean "MSRs need fencing, yes/no".  It is vendor
*and* model specific as to whether a particular MSR is serialising or
non-serialising.

*And* it's vendor specific as to what the fencing sequence is.  Intel
require mfence;lfence, while on AMD, mfence suffices.

Most MSR writes don't want to be architecturally serialising, and Intel
are introducing WRMSRNS for this purpose.  But ICR writes *do* need to
be ordered with respect to stores becoming globally visible, and it was
an error for MSR_X2APIC_ICR to be specified as non-serialising.


The only sanity-preserving (pseudo) API for this is something like:

vendor_msr_fence = { mfence;lfence (Intel) | mfence (AMD, Hygon) | ... }

and for each MSR separately, something like:

ALTERNATIVE("", vendor_msr_fence, $VENDOR_NEEDS_MSR_$X_FENCE);

because that's the only one which properly separates "what fence to use"
and "do I need to fence this MSR on the current vendor".

~Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ