lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <96ab5caf-948f-a2ee-c8c3-41a919f5a39a@amd.com>
Date: Mon, 18 Nov 2024 11:37:40 -0600
From: Tom Lendacky <thomas.lendacky@....com>
To: Jim Mattson <jmattson@...gle.com>, babu.moger@....com
Cc: Maksim Davydov <davydov-max@...dex-team.ru>, kvm@...r.kernel.org,
 linux-kernel@...r.kernel.org, x86@...nel.org, seanjc@...gle.com,
 sandipan.das@....com, bp@...en8.de, mingo@...hat.com, tglx@...utronix.de,
 dave.hansen@...ux.intel.com, hpa@...or.com, pbonzini@...hat.com
Subject: Re: [PATCH 2/2] x86: KVM: Advertise AMD's speculation control
 features

On 11/15/24 14:32, Jim Mattson wrote:
> On Fri, Nov 15, 2024 at 12:13 PM Moger, Babu <bmoger@....com> wrote:
>>
>> Hi Maksim,
>>
>>
>> On 11/13/2024 7:30 AM, Maksim Davydov wrote:
>>> It seems helpful to expose to userspace some speculation control features
>>> from 0x80000008_EBX function:
>>> * 16 bit. IBRS always on. Indicates whether processor prefers that
>>>    IBRS is always on. It simplifies speculation managing.
>>
>> Spec say bit 16 is reserved.
>>
>> 16 Reserved
>>
>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/programmer-references/57238.zip
> 
> The APM volume 3 ( 24594—Rev. 3.36—March 2024) declares this bit as
> "Processor prefers that STIBP be left on." Once a bit has been
> documented like that, you have to assume that software has been
> written that expects those semantics. AMD does not have the option of
> undocumenting the bit.  You can deprecate it, but it now has the
> originally documented semantics until the end of time.

Just for accuracy, the APM version referred to has bit 16 declared as
"Processor prefers that IBRS be left on.", not STIBP.

Thanks,
Tom

> 
>>> * 18 bit. IBRS is preferred over software solution. Indicates that
>>>    software mitigations can be replaced with more performant IBRS.
>>> * 19 bit. IBRS provides Same Mode Protection. Indicates that when IBRS
>>>    is set indirect branch predictions are not influenced by any prior
>>>    indirect branches.
>>> * 29 bit. BTC_NO. Indicates that processor isn't affected by branch type
>>>    confusion. It's used during mitigations setting up.
>>> * 30 bit. IBPB clears return address predictor. It's used during
>>>    mitigations setting up.
>>>
>>> Signed-off-by: Maksim Davydov <davydov-max@...dex-team.ru>
>>> ---
>>>   arch/x86/include/asm/cpufeatures.h | 3 +++
>>>   arch/x86/kvm/cpuid.c               | 5 +++--
>>>   2 files changed, 6 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
>>> index 2f8a858325a4..f5491bba75fc 100644
>>> --- a/arch/x86/include/asm/cpufeatures.h
>>> +++ b/arch/x86/include/asm/cpufeatures.h
>>> @@ -340,7 +340,10 @@
>>>   #define X86_FEATURE_AMD_IBPB                (13*32+12) /* Indirect Branch Prediction Barrier */
>>>   #define X86_FEATURE_AMD_IBRS                (13*32+14) /* Indirect Branch Restricted Speculation */
>>>   #define X86_FEATURE_AMD_STIBP               (13*32+15) /* Single Thread Indirect Branch Predictors */
>>> +#define X86_FEATURE_AMD_IBRS_ALWAYS_ON       (13*32+16) /* Indirect Branch Restricted Speculation always-on preferred */
>>
>> You might have to remove this.
> 
> No; it's fine. The bit can never be used for anything else.
> 
>>>   #define X86_FEATURE_AMD_STIBP_ALWAYS_ON     (13*32+17) /* Single Thread Indirect Branch Predictors always-on preferred */
>>> +#define X86_FEATURE_AMD_IBRS_PREFERRED       (13*32+18) /* Indirect Branch Restricted Speculation is preferred over SW solution */
>>> +#define X86_FEATURE_AMD_IBRS_SMP     (13*32+19) /* Indirect Branch Restricted Speculation provides Same Mode Protection */
>>>   #define X86_FEATURE_AMD_PPIN                (13*32+23) /* "amd_ppin" Protected Processor Inventory Number */
>>>   #define X86_FEATURE_AMD_SSBD                (13*32+24) /* Speculative Store Bypass Disable */
>>>   #define X86_FEATURE_VIRT_SSBD               (13*32+25) /* "virt_ssbd" Virtualized Speculative Store Bypass Disable */
>>> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
>>> index 30ce1bcfc47f..5b2d52913b18 100644
>>> --- a/arch/x86/kvm/cpuid.c
>>> +++ b/arch/x86/kvm/cpuid.c
>>> @@ -754,8 +754,9 @@ void kvm_set_cpu_caps(void)
>>>       kvm_cpu_cap_mask(CPUID_8000_0008_EBX,
>>>               F(CLZERO) | F(XSAVEERPTR) |
>>>               F(WBNOINVD) | F(AMD_IBPB) | F(AMD_IBRS) | F(AMD_SSBD) | F(VIRT_SSBD) |
>>> -             F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_STIBP_ALWAYS_ON) |
>>> -             F(AMD_PSFD)
>>> +             F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_IBRS_ALWAYS_ON) |
>>> +             F(AMD_STIBP_ALWAYS_ON) | F(AMD_IBRS_PREFERRED) |
>>> +             F(AMD_IBRS_SMP) | F(AMD_PSFD) | F(BTC_NO) | F(AMD_IBPB_RET)
>>>       );
>>>
>>>       /*
>>
>> --
>> - Babu Moger
>>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ