summaryrefslogtreecommitdiff
path: root/system/xen/xsa/xsa263-4.10-0004-x86-spec_ctrl-Fold-the-XEN_IBRS_-SET-CLEAR-ALTERNATI.patch
blob: f6e87244dc52fe466563390680cac79d21811daf (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221

From 0b1aded85866f48cdede20c54d30cf593f8a83f7 Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Tue, 17 Apr 2018 14:15:04 +0100
Subject: [PATCH] x86/spec_ctrl: Fold the XEN_IBRS_{SET,CLEAR} ALTERNATIVES
 together

Currently, the SPEC_CTRL_{ENTRY,EXIT}_* macros encode Xen's choice of
MSR_SPEC_CTRL as an immediate constant, and chooses between IBRS or not by
doubling up the entire alternative block.

There is now a variable holding Xen's choice of value, so use that and
simplify the alternatives.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Release-acked-by: Juergen Gross <jgross@suse.com>
(cherry picked from commit af949407eaba7af71067f23d5866cd0bf1f1144d)
---
 xen/arch/x86/spec_ctrl.c            | 12 +++++-----
 xen/include/asm-x86/cpufeatures.h   |  3 +--
 xen/include/asm-x86/nops.h          |  3 ++-
 xen/include/asm-x86/spec_ctrl.h     |  6 ++---
 xen/include/asm-x86/spec_ctrl_asm.h | 45 +++++++++++++------------------------
 5 files changed, 26 insertions(+), 43 deletions(-)

diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index 2d69910..b62cfcc 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -112,8 +112,9 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps)
            thunk == THUNK_RETPOLINE ? "RETPOLINE" :
            thunk == THUNK_LFENCE    ? "LFENCE" :
            thunk == THUNK_JMP       ? "JMP" : "?",
-           boot_cpu_has(X86_FEATURE_XEN_IBRS_SET)    ? " IBRS+" :
-           boot_cpu_has(X86_FEATURE_XEN_IBRS_CLEAR)  ? " IBRS-"      : "",
+           boot_cpu_has(X86_FEATURE_SC_MSR) ?
+           default_xen_spec_ctrl & SPEC_CTRL_IBRS    ? " IBRS+" :
+                                                       " IBRS-"      : "",
            opt_ibpb                                  ? " IBPB"       : "",
            boot_cpu_has(X86_FEATURE_RSB_NATIVE)      ? " RSB_NATIVE" : "",
            boot_cpu_has(X86_FEATURE_RSB_VMEXIT)      ? " RSB_VMEXIT" : "");
@@ -285,13 +286,10 @@ void __init init_speculation_mitigations(void)
          * need the IBRS entry/exit logic to virtualise IBRS support for
          * guests.
          */
+        setup_force_cpu_cap(X86_FEATURE_SC_MSR);
+
         if ( ibrs )
-        {
             default_xen_spec_ctrl |= SPEC_CTRL_IBRS;
-            setup_force_cpu_cap(X86_FEATURE_XEN_IBRS_SET);
-        }
-        else
-            setup_force_cpu_cap(X86_FEATURE_XEN_IBRS_CLEAR);
 
         default_spec_ctrl_flags |= SCF_ist_wrmsr;
     }
diff --git a/xen/include/asm-x86/cpufeatures.h b/xen/include/asm-x86/cpufeatures.h
index c9b1a48..ca58b0e 100644
--- a/xen/include/asm-x86/cpufeatures.h
+++ b/xen/include/asm-x86/cpufeatures.h
@@ -26,8 +26,7 @@ XEN_CPUFEATURE(LFENCE_DISPATCH, (FSCAPINTS+0)*32+12) /* lfence set as Dispatch S
 XEN_CPUFEATURE(IND_THUNK_LFENCE,(FSCAPINTS+0)*32+13) /* Use IND_THUNK_LFENCE */
 XEN_CPUFEATURE(IND_THUNK_JMP,   (FSCAPINTS+0)*32+14) /* Use IND_THUNK_JMP */
 XEN_CPUFEATURE(XEN_IBPB,        (FSCAPINTS+0)*32+15) /* IBRSB || IBPB */
-XEN_CPUFEATURE(XEN_IBRS_SET,    (FSCAPINTS+0)*32+16) /* IBRSB && IRBS set in Xen */
-XEN_CPUFEATURE(XEN_IBRS_CLEAR,  (FSCAPINTS+0)*32+17) /* IBRSB && IBRS clear in Xen */
+XEN_CPUFEATURE(SC_MSR,          (FSCAPINTS+0)*32+16) /* MSR_SPEC_CTRL used by Xen */
 XEN_CPUFEATURE(RSB_NATIVE,      (FSCAPINTS+0)*32+18) /* RSB overwrite needed for native */
 XEN_CPUFEATURE(RSB_VMEXIT,      (FSCAPINTS+0)*32+19) /* RSB overwrite needed for vmexit */
 XEN_CPUFEATURE(NO_XPTI,         (FSCAPINTS+0)*32+20) /* XPTI mitigation not in use */
diff --git a/xen/include/asm-x86/nops.h b/xen/include/asm-x86/nops.h
index b744895..913e9f0 100644
--- a/xen/include/asm-x86/nops.h
+++ b/xen/include/asm-x86/nops.h
@@ -62,9 +62,10 @@
 #define ASM_NOP8 _ASM_MK_NOP(K8_NOP8)
 
 #define ASM_NOP17 ASM_NOP8; ASM_NOP7; ASM_NOP2
-#define ASM_NOP22 ASM_NOP8; ASM_NOP8; ASM_NOP6
 #define ASM_NOP24 ASM_NOP8; ASM_NOP8; ASM_NOP8
+#define ASM_NOP25 ASM_NOP8; ASM_NOP8; ASM_NOP7; ASM_NOP2
 #define ASM_NOP33 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP7; ASM_NOP2
+#define ASM_NOP36 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP4
 #define ASM_NOP40 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8
 
 #define ASM_NOP_MAX 8
diff --git a/xen/include/asm-x86/spec_ctrl.h b/xen/include/asm-x86/spec_ctrl.h
index 059e291..7d7c42e 100644
--- a/xen/include/asm-x86/spec_ctrl.h
+++ b/xen/include/asm-x86/spec_ctrl.h
@@ -52,14 +52,14 @@ static always_inline void spec_ctrl_enter_idle(struct cpu_info *info)
     barrier();
     info->spec_ctrl_flags |= SCF_use_shadow;
     barrier();
-    asm volatile ( ALTERNATIVE(ASM_NOP3, "wrmsr", X86_FEATURE_XEN_IBRS_SET)
+    asm volatile ( ALTERNATIVE(ASM_NOP3, "wrmsr", X86_FEATURE_SC_MSR)
                    :: "a" (val), "c" (MSR_SPEC_CTRL), "d" (0) : "memory" );
 }
 
 /* WARNING! `ret`, `call *`, `jmp *` not safe before this call. */
 static always_inline void spec_ctrl_exit_idle(struct cpu_info *info)
 {
-    uint32_t val = SPEC_CTRL_IBRS;
+    uint32_t val = info->xen_spec_ctrl;
 
     /*
      * Disable shadowing before updating the MSR.  There are no SMP issues
@@ -67,7 +67,7 @@ static always_inline void spec_ctrl_exit_idle(struct cpu_info *info)
      */
     info->spec_ctrl_flags &= ~SCF_use_shadow;
     barrier();
-    asm volatile ( ALTERNATIVE(ASM_NOP3, "wrmsr", X86_FEATURE_XEN_IBRS_SET)
+    asm volatile ( ALTERNATIVE(ASM_NOP3, "wrmsr", X86_FEATURE_SC_MSR)
                    :: "a" (val), "c" (MSR_SPEC_CTRL), "d" (0) : "memory" );
 }
 
diff --git a/xen/include/asm-x86/spec_ctrl_asm.h b/xen/include/asm-x86/spec_ctrl_asm.h
index 39fb4f8..17dd2cc 100644
--- a/xen/include/asm-x86/spec_ctrl_asm.h
+++ b/xen/include/asm-x86/spec_ctrl_asm.h
@@ -117,7 +117,7 @@
     mov %\tmp, %rsp                 /* Restore old %rsp */
 .endm
 
-.macro DO_SPEC_CTRL_ENTRY_FROM_VMEXIT ibrs_val:req
+.macro DO_SPEC_CTRL_ENTRY_FROM_VMEXIT
 /*
  * Requires %rbx=current, %rsp=regs/cpuinfo
  * Clobbers %rax, %rcx, %rdx
@@ -138,11 +138,11 @@
     andb $~SCF_use_shadow, CPUINFO_spec_ctrl_flags(%rsp)
 
     /* Load Xen's intended value. */
-    mov $\ibrs_val, %eax
+    movzbl CPUINFO_xen_spec_ctrl(%rsp), %eax
     wrmsr
 .endm
 
-.macro DO_SPEC_CTRL_ENTRY maybexen:req ibrs_val:req
+.macro DO_SPEC_CTRL_ENTRY maybexen:req
 /*
  * Requires %rsp=regs (also cpuinfo if !maybexen)
  * Requires %r14=stack_end (if maybexen)
@@ -167,12 +167,12 @@
         setnz %al
         not %eax
         and %al, STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14)
+        movzbl STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax
     .else
         andb $~SCF_use_shadow, CPUINFO_spec_ctrl_flags(%rsp)
+        movzbl CPUINFO_xen_spec_ctrl(%rsp), %eax
     .endif
 
-    /* Load Xen's intended value. */
-    mov $\ibrs_val, %eax
     wrmsr
 .endm
 
@@ -220,47 +220,32 @@
 #define SPEC_CTRL_ENTRY_FROM_VMEXIT                                     \
     ALTERNATIVE __stringify(ASM_NOP40),                                 \
         DO_OVERWRITE_RSB, X86_FEATURE_RSB_VMEXIT;                       \
-    ALTERNATIVE_2 __stringify(ASM_NOP33),                               \
-        __stringify(DO_SPEC_CTRL_ENTRY_FROM_VMEXIT                      \
-                    ibrs_val=SPEC_CTRL_IBRS),                           \
-        X86_FEATURE_XEN_IBRS_SET,                                       \
-        __stringify(DO_SPEC_CTRL_ENTRY_FROM_VMEXIT                      \
-                    ibrs_val=0),                                        \
-        X86_FEATURE_XEN_IBRS_CLEAR
+    ALTERNATIVE __stringify(ASM_NOP36),                                 \
+        DO_SPEC_CTRL_ENTRY_FROM_VMEXIT, X86_FEATURE_SC_MSR
 
 /* Use after an entry from PV context (syscall/sysenter/int80/int82/etc). */
 #define SPEC_CTRL_ENTRY_FROM_PV                                         \
     ALTERNATIVE __stringify(ASM_NOP40),                                 \
         DO_OVERWRITE_RSB, X86_FEATURE_RSB_NATIVE;                       \
-    ALTERNATIVE_2 __stringify(ASM_NOP22),                               \
-        __stringify(DO_SPEC_CTRL_ENTRY maybexen=0                       \
-                    ibrs_val=SPEC_CTRL_IBRS),                           \
-        X86_FEATURE_XEN_IBRS_SET,                                       \
-        __stringify(DO_SPEC_CTRL_ENTRY maybexen=0 ibrs_val=0),          \
-        X86_FEATURE_XEN_IBRS_CLEAR
+    ALTERNATIVE __stringify(ASM_NOP25),                                 \
+        __stringify(DO_SPEC_CTRL_ENTRY maybexen=0), X86_FEATURE_SC_MSR
 
 /* Use in interrupt/exception context.  May interrupt Xen or PV context. */
 #define SPEC_CTRL_ENTRY_FROM_INTR                                       \
     ALTERNATIVE __stringify(ASM_NOP40),                                 \
         DO_OVERWRITE_RSB, X86_FEATURE_RSB_NATIVE;                       \
-    ALTERNATIVE_2 __stringify(ASM_NOP33),                               \
-        __stringify(DO_SPEC_CTRL_ENTRY maybexen=1                       \
-                    ibrs_val=SPEC_CTRL_IBRS),                           \
-        X86_FEATURE_XEN_IBRS_SET,                                       \
-        __stringify(DO_SPEC_CTRL_ENTRY maybexen=1 ibrs_val=0),          \
-        X86_FEATURE_XEN_IBRS_CLEAR
+    ALTERNATIVE __stringify(ASM_NOP33),                                 \
+        __stringify(DO_SPEC_CTRL_ENTRY maybexen=1), X86_FEATURE_SC_MSR
 
 /* Use when exiting to Xen context. */
 #define SPEC_CTRL_EXIT_TO_XEN                                           \
-    ALTERNATIVE_2 __stringify(ASM_NOP17),                               \
-        DO_SPEC_CTRL_EXIT_TO_XEN, X86_FEATURE_XEN_IBRS_SET,             \
-        DO_SPEC_CTRL_EXIT_TO_XEN, X86_FEATURE_XEN_IBRS_CLEAR
+    ALTERNATIVE __stringify(ASM_NOP17),                                 \
+        DO_SPEC_CTRL_EXIT_TO_XEN, X86_FEATURE_SC_MSR
 
 /* Use when exiting to guest context. */
 #define SPEC_CTRL_EXIT_TO_GUEST                                         \
-    ALTERNATIVE_2 __stringify(ASM_NOP24),                               \
-        DO_SPEC_CTRL_EXIT_TO_GUEST, X86_FEATURE_XEN_IBRS_SET,           \
-        DO_SPEC_CTRL_EXIT_TO_GUEST, X86_FEATURE_XEN_IBRS_CLEAR
+    ALTERNATIVE __stringify(ASM_NOP24),                                 \
+        DO_SPEC_CTRL_EXIT_TO_GUEST, X86_FEATURE_SC_MSR
 
 /* TODO: Drop these when the alternatives infrastructure is NMI/#MC safe. */
 .macro SPEC_CTRL_ENTRY_FROM_INTR_IST
-- 
2.1.4
generated by cgit v1.2.3 (git 2.26.2) at 2024-10-07 04:19:02 +0000