lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALMp9eT2RMe9ej_UbbeoKb+1hqWypxWswqg2aGodZHC0Vgoc=Q@mail.gmail.com>
Date: Fri, 15 Nov 2024 12:32:04 -0800
From: Jim Mattson <jmattson@...gle.com>
To: babu.moger@....com
Cc: Maksim Davydov <davydov-max@...dex-team.ru>, kvm@...r.kernel.org, 
	linux-kernel@...r.kernel.org, x86@...nel.org, seanjc@...gle.com, 
	sandipan.das@....com, bp@...en8.de, mingo@...hat.com, tglx@...utronix.de, 
	dave.hansen@...ux.intel.com, hpa@...or.com, pbonzini@...hat.com
Subject: Re: [PATCH 2/2] x86: KVM: Advertise AMD's speculation control features

On Fri, Nov 15, 2024 at 12:13 PM Moger, Babu <bmoger@....com> wrote:
>
> Hi Maksim,
>
>
> On 11/13/2024 7:30 AM, Maksim Davydov wrote:
> > It seems helpful to expose to userspace some speculation control features
> > from 0x80000008_EBX function:
> > * 16 bit. IBRS always on. Indicates whether processor prefers that
> >    IBRS is always on. It simplifies speculation managing.
>
> Spec say bit 16 is reserved.
>
> 16 Reserved
>
> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/programmer-references/57238.zip

The APM volume 3 ( 24594—Rev. 3.36—March 2024) declares this bit as
"Processor prefers that STIBP be left on." Once a bit has been
documented like that, you have to assume that software has been
written that expects those semantics. AMD does not have the option of
undocumenting the bit.  You can deprecate it, but it now has the
originally documented semantics until the end of time.

> > * 18 bit. IBRS is preferred over software solution. Indicates that
> >    software mitigations can be replaced with more performant IBRS.
> > * 19 bit. IBRS provides Same Mode Protection. Indicates that when IBRS
> >    is set indirect branch predictions are not influenced by any prior
> >    indirect branches.
> > * 29 bit. BTC_NO. Indicates that processor isn't affected by branch type
> >    confusion. It's used during mitigations setting up.
> > * 30 bit. IBPB clears return address predictor. It's used during
> >    mitigations setting up.
> >
> > Signed-off-by: Maksim Davydov <davydov-max@...dex-team.ru>
> > ---
> >   arch/x86/include/asm/cpufeatures.h | 3 +++
> >   arch/x86/kvm/cpuid.c               | 5 +++--
> >   2 files changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> > index 2f8a858325a4..f5491bba75fc 100644
> > --- a/arch/x86/include/asm/cpufeatures.h
> > +++ b/arch/x86/include/asm/cpufeatures.h
> > @@ -340,7 +340,10 @@
> >   #define X86_FEATURE_AMD_IBPB                (13*32+12) /* Indirect Branch Prediction Barrier */
> >   #define X86_FEATURE_AMD_IBRS                (13*32+14) /* Indirect Branch Restricted Speculation */
> >   #define X86_FEATURE_AMD_STIBP               (13*32+15) /* Single Thread Indirect Branch Predictors */
> > +#define X86_FEATURE_AMD_IBRS_ALWAYS_ON       (13*32+16) /* Indirect Branch Restricted Speculation always-on preferred */
>
> You might have to remove this.

No; it's fine. The bit can never be used for anything else.

> >   #define X86_FEATURE_AMD_STIBP_ALWAYS_ON     (13*32+17) /* Single Thread Indirect Branch Predictors always-on preferred */
> > +#define X86_FEATURE_AMD_IBRS_PREFERRED       (13*32+18) /* Indirect Branch Restricted Speculation is preferred over SW solution */
> > +#define X86_FEATURE_AMD_IBRS_SMP     (13*32+19) /* Indirect Branch Restricted Speculation provides Same Mode Protection */
> >   #define X86_FEATURE_AMD_PPIN                (13*32+23) /* "amd_ppin" Protected Processor Inventory Number */
> >   #define X86_FEATURE_AMD_SSBD                (13*32+24) /* Speculative Store Bypass Disable */
> >   #define X86_FEATURE_VIRT_SSBD               (13*32+25) /* "virt_ssbd" Virtualized Speculative Store Bypass Disable */
> > diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> > index 30ce1bcfc47f..5b2d52913b18 100644
> > --- a/arch/x86/kvm/cpuid.c
> > +++ b/arch/x86/kvm/cpuid.c
> > @@ -754,8 +754,9 @@ void kvm_set_cpu_caps(void)
> >       kvm_cpu_cap_mask(CPUID_8000_0008_EBX,
> >               F(CLZERO) | F(XSAVEERPTR) |
> >               F(WBNOINVD) | F(AMD_IBPB) | F(AMD_IBRS) | F(AMD_SSBD) | F(VIRT_SSBD) |
> > -             F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_STIBP_ALWAYS_ON) |
> > -             F(AMD_PSFD)
> > +             F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_IBRS_ALWAYS_ON) |
> > +             F(AMD_STIBP_ALWAYS_ON) | F(AMD_IBRS_PREFERRED) |
> > +             F(AMD_IBRS_SMP) | F(AMD_PSFD) | F(BTC_NO) | F(AMD_IBPB_RET)
> >       );
> >
> >       /*
>
> --
> - Babu Moger
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ