From patchwork Fri Aug 23 18:53:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Mattson X-Patchwork-Id: 13775715 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B944A1922CB for ; Fri, 23 Aug 2024 18:53:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439233; cv=none; b=Vc3t2xX6DCp2/YwBNFr2MWMubpvfRi+/oB9c73YeNmPPNG6f2HK6U+G3I6bCZKIg4SUxxzWPJa9+vkXcO9b2azeDqIJ59+ybTlD01IfvoSJt9XxefWA2fk1R3NeRZBxlKExgooFDQGV8NPsh/3JCTKY4F+QCJ9En9+qjP1D5oss= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439233; c=relaxed/simple; bh=DbKaS9v1hLowfyFA8YQtCHNg0LVk6j3k68viAaH4Ds4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Content-Type; b=jLyvb6PAmld43xnmqcyt2GruM6meuRtJStFDT0IH96qhwhnaOeAkm+ijL1qK4AF1WZYi/TmW1djK9c7NfVhBiTG1SIFLKGr8ESKbJc5jwBziipAbH5qx8gTf3wKeVu0Y/SsV1YYrfjsYX7ffwW3fPsIq50X9YmMKnFQpXxoZn3M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SIglpl5b; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SIglpl5b" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6ac83a71d45so39616547b3.3 for ; Fri, 23 Aug 2024 11:53:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1724439231; x=1725044031; darn=vger.kernel.org; h=to:from:subject:message-id:references:mime-version:in-reply-to:date :from:to:cc:subject:date:message-id:reply-to; bh=KwMz41rbAs2jbwtsewipMfgHdQI9fhKtFZZhcI6NPZQ=; b=SIglpl5bZPDomhELz8oeoutz/1F8flJgR2x64o3hT48VMIBeBy7n11zVgxOctbUk3X 4C1JSOOeH+aMFJ1qEAJ9etODDQs+yCiyBbQxnR7MQNBNobUnMfyNmWnAHoTTY3xyZYPt 82fOqII5HTxi/UJKoAAApU+iYhqgmvte9NEf2DtgCgjtL9lAkUDoE+3YfLSrF9wTEyQr /1jlm0NWyDyjNDyMKnMoi7ZdHDZYz4XpE7tjFOlfmRFeyD2DEHdyeJ/lNcEc1ioddpRH XjbYPVcNOfUPbHjd+cJIOkOSH8SXyQwBalarP6pke/fypUIHHDUvIGQKwe/82yzC47AW FYkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724439231; x=1725044031; h=to:from:subject:message-id:references:mime-version:in-reply-to:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KwMz41rbAs2jbwtsewipMfgHdQI9fhKtFZZhcI6NPZQ=; b=NCZ6o64410/CCN+za7TfT9m+hGk/4BpLfAsl5TM1vsTM1m3ENWKfeGkQ18sJcsswoh ghL63wKSyuyOc2gBgjRbLJdzdN4yGcEkrrTZxiRBmMZea27guI8hbWk96+acuH2rq8ZA NrCic8Q4ShhVACSz5xh0aYwKCTdV96YYHA4qdq5McUv6uZUQqgp0H8AqJav75QbgurB7 RMkVp8PYKqzUs45R23Rf3bYEjdQfEgpfUO127fzPvbh55O92buWcxs66Jc28JBVlxCwo gPRLMuquKC3AUf9+VGYwhU5kRa5z2UUkh425gpTuOLD+XrQOe5cTM9d/StLkd4SK9Jel CGWQ== X-Forwarded-Encrypted: i=1; AJvYcCXAUFMpEncBJ7lV+42C0YGdqPzn0ZPLmW6FoH4SW4sSp0xB8zUtgoFf7C5Tu5zo83DkyuQ=@vger.kernel.org X-Gm-Message-State: AOJu0YxmRaMRiOy2MrsRHhCCJidcYvNLqQwHzI9JeLuVi506SZ9aTrGP N91IIQWx/1P0XtHMq4Dgna8vN8UYce/2KrG9vykdgU215zm05F9IPbJmUgfYNRfpv3SABxUjRE/ q5XPg+zV9pA== X-Google-Smtp-Source: AGHT+IGt9OG3rVzE5j5b6W9ETNhjDkmgngAjvjwYxKrJostWZwYoOunXg/OItHw0FTuwyj8ghTwOFVUov2j50A== X-Received: from loggerhead.c.googlers.com ([fda3:e722:ac3:cc00:f3:525d:ac13:60e1]) (user=jmattson job=sendgmr) by 2002:a05:690c:408a:b0:691:55ea:85e6 with SMTP id 00721157ae682-6c628b96609mr66577b3.7.1724439230622; Fri, 23 Aug 2024 11:53:50 -0700 (PDT) Date: Fri, 23 Aug 2024 11:53:10 -0700 In-Reply-To: <20240823185323.2563194-1-jmattson@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240823185323.2563194-1-jmattson@google.com> X-Mailer: git-send-email 2.46.0.295.g3b9ea8a38a-goog Message-ID: <20240823185323.2563194-2-jmattson@google.com> Subject: [PATCH v3 1/4] x86/cpufeatures: Clarify semantics of X86_FEATURE_IBPB From: Jim Mattson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Sean Christopherson , Paolo Bonzini , Pawan Gupta , Josh Poimboeuf , Jim Mattson , Sandipan Das , Kai Huang , x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Since this synthetic feature bit is set on AMD CPUs that don't flush the RSB on an IBPB, indicate as much in the comment, to avoid potential confusion with the Intel IBPB semantics. Signed-off-by: Jim Mattson --- arch/x86/include/asm/cpufeatures.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index dd4682857c12..cabd6b58e8ec 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -215,7 +215,7 @@ #define X86_FEATURE_SPEC_STORE_BYPASS_DISABLE ( 7*32+23) /* Disable Speculative Store Bypass. */ #define X86_FEATURE_LS_CFG_SSBD ( 7*32+24) /* AMD SSBD implementation via LS_CFG MSR */ #define X86_FEATURE_IBRS ( 7*32+25) /* "ibrs" Indirect Branch Restricted Speculation */ -#define X86_FEATURE_IBPB ( 7*32+26) /* "ibpb" Indirect Branch Prediction Barrier */ +#define X86_FEATURE_IBPB ( 7*32+26) /* "ibpb" Indirect Branch Prediction Barrier without RSB flush */ #define X86_FEATURE_STIBP ( 7*32+27) /* "stibp" Single Thread Indirect Branch Predictors */ #define X86_FEATURE_ZEN ( 7*32+28) /* Generic flag for all Zen and newer */ #define X86_FEATURE_L1TF_PTEINV ( 7*32+29) /* L1TF workaround PTE inversion */ From patchwork Fri Aug 23 18:53:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Mattson X-Patchwork-Id: 13775716 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 40DA21925A2 for ; Fri, 23 Aug 2024 18:53:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439234; cv=none; b=qkAH83/hB9xcY3l8Buq5pb4XIKMZyDNC9p/BpCaW61rccPhBfzm2vTPXnmk9rQnC9pCtXFkKOnh0bjFn6umfFBEVqfc4afUbGKS1qdaphoUwP8shYed6BO5WUxS47WSVFDwDIwihfeG3d1JuvsEd33WVvpAgUwUyIPSe46EubGE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439234; c=relaxed/simple; bh=uHc5J3RzDDJvtU0LNEUNZxZe+FsaP8Fvj2w4uMXoM3w=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=luRx8bV42nM7LcYBai2XBs5bxr+b4QkJkZpIgHm6dJarZBpnLSef7e1pYxEP7j6ZYmpG3B+TQOsmSyUQ70RGqIFBB0uDHRlG/5Lh8e7yS9H/G8Br3irHccAo95GqUfWG5GvhavG2CeTzMnGHHwSfLRh5yz5rT3a4sQP+75YEitg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=sFbdNYcq; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="sFbdNYcq" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2d3df5f6c80so2181975a91.3 for ; Fri, 23 Aug 2024 11:53:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1724439232; x=1725044032; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=ZETR8JbkOV1DUbkusF4BDItYK3NtrFWqCwoBAa+9Gio=; b=sFbdNYcqRmcKQ7HFOIGjvBRzSpspUOI2JNCBeFWs7buuZLHBBBT77n7QnjF57WUhSg 21o3944SEu9w3XR0w6Ifzj0h/8HRAOFdFjZ1HO424hXQjXlt6ODHwARoOrp7DwG1ig9Q fLmULbOBg8j6pud/pYXsNBFIVDsvoWycfGvakhyMp4EexZSK2rhHn3uKGQeaP6nTcnKk vQdmyPQ9dbuMfSSDroQTo90mh6eXSH59DFsl5j50GtIXpihIn8X08K5fMieheSmMKYKQ /djCbtgOYYuCrhzxjs7jeojY4iuMhV5KSmITyf4h5lpkOC+fOIzVa8DpqGdCmRz4VChi zW5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724439232; x=1725044032; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZETR8JbkOV1DUbkusF4BDItYK3NtrFWqCwoBAa+9Gio=; b=d/t8r/kdrWYukWmM5RKWjevfnIvGDF4cvN9+ftt33wipggX3Tb9tTb+vI+a6frEdHI ncLb5CIOI56xL7ymUNInNtDHQTgNH73D0TTFnpxA7pQuMBLZCV4DfAmad8ecCYLTqZnm jYaiozWLdJrl4jemiH4yzZQkovT2ZuiXcUzmqDJjNj+mukoaLACP7VWER7wniNw92quC rr2/bqjMzzNrRZFppsa4r5K2GcDcHZ+3mIGMSj3eroIWSz72k1K4w2LHl1eBdMZb/OZS 5NbF/kLxVWgiIMJEdSxf0ZffT7Nt5sVc/XgTVbczBY/FFLakJP9+ATFMy0dqwjjZZ3uM dN/g== X-Forwarded-Encrypted: i=1; AJvYcCU/P02hb72Spz9ki7isXvU7PBfqIplz/c1D4nadWpMOKK2e3LU3jzhScuPQdo4qZc7iDrY=@vger.kernel.org X-Gm-Message-State: AOJu0YxFDWHHrnWKXLOMPqns2MGQUvY2C4ZAmb5tMi4yCVlUcb7ZAprA 1heEbFZqx080Wx1L8BqC1aSTylSp1KTU3wU9szBqqS/q92ApPpjymlsDxIzwNLm3nRoELZd0Y3f e5uqf3Lh47Q== X-Google-Smtp-Source: AGHT+IFrE3/dZuZEWBYCH+nx6VHpdfBAScy4icMsZdcE+pOFSv5UyNOPdpTb+8GRWuu32pm/OiOLJ4TxN42mBw== X-Received: from loggerhead.c.googlers.com ([fda3:e722:ac3:cc00:f3:525d:ac13:60e1]) (user=jmattson job=sendgmr) by 2002:a17:90b:33c4:b0:2d3:d084:6da3 with SMTP id 98e67ed59e1d1-2d646d90759mr26893a91.3.1724439232349; Fri, 23 Aug 2024 11:53:52 -0700 (PDT) Date: Fri, 23 Aug 2024 11:53:11 -0700 In-Reply-To: <20240823185323.2563194-1-jmattson@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240823185323.2563194-1-jmattson@google.com> X-Mailer: git-send-email 2.46.0.295.g3b9ea8a38a-goog Message-ID: <20240823185323.2563194-3-jmattson@google.com> Subject: [PATCH v3 2/4] x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET From: Jim Mattson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Sean Christopherson , Paolo Bonzini , Pawan Gupta , Josh Poimboeuf , Jim Mattson , Sandipan Das , Kai Huang , x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Venkatesh Srinivas AMD's initial implementation of IBPB did not clear the return address predictor. Beginning with Zen4, AMD's IBPB *does* clear the return address predictor. This behavior is enumerated by CPUID.80000008H:EBX.IBPB_RET[bit 30]. Define X86_FEATURE_AMD_IBPB_RET for use in KVM_GET_SUPPORTED_CPUID, when determining cross-vendor capabilities. Suggested-by: Venkatesh Srinivas Signed-off-by: Jim Mattson --- arch/x86/include/asm/cpufeatures.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index cabd6b58e8ec..0ed131f160dc 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -348,6 +348,7 @@ #define X86_FEATURE_CPPC (13*32+27) /* "cppc" Collaborative Processor Performance Control */ #define X86_FEATURE_AMD_PSFD (13*32+28) /* Predictive Store Forwarding Disable */ #define X86_FEATURE_BTC_NO (13*32+29) /* Not vulnerable to Branch Type Confusion */ +#define X86_FEATURE_AMD_IBPB_RET (13*32+30) /* IBPB clears return address predictor */ #define X86_FEATURE_BRS (13*32+31) /* "brs" Branch Sampling available */ /* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */ From patchwork Fri Aug 23 18:53:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Mattson X-Patchwork-Id: 13775717 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5BCA5192D6B for ; Fri, 23 Aug 2024 18:53:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439236; cv=none; b=jZwPtutCojOvzW5tOHPdDnTIyOzQYq2EnchPZv1wkAHp65n87kVWnwQiTlxXbCf55uPtwaFfEFBTaOmGmuggTRqgQoUIzjmiE/78A0NCZqIivretMQVFyw8LKwlTb2sH0HoZYYEMD6hH/NUmDGmlA1+EoozBiLsqCIlCjFS1eEY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439236; c=relaxed/simple; bh=NbZ6C/T+ZCVhDcFWCkfg5AfdlArNrEwsL3Hq4JGm01U=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=DTpphaZajnz8lIQZMxU/K01MaceSt4UR9f88trq4829iYHWomRt5phWkoPjX6GtREWtrdSU5qdUFD15hcSleAJPHKbaA2zZNMN8DftSF25CR4k9noCY5FzuJlXTx4CFREj6dZZG6EF0S9tPIN+IXugvICVaIFqz/DTRv/TwH7fw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=AB7cH2+N; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="AB7cH2+N" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-e11703f1368so3255136276.1 for ; Fri, 23 Aug 2024 11:53:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1724439234; x=1725044034; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=MZhuyhwkXzq5TLpNWTsJTlY8QsgB091bBfZe2SCWV7A=; b=AB7cH2+NFVAmFBTOcluuqyZUyS7gRY/HCenqd8+oaI/JRk/JmzPey5sY3ux4lvZQyj iEyK0SKHNSWvk1+TyWSLsL0zPRoaXiG5VWzxLDf1aTlJKBJ7Es8FGlAIhjiF/uf+xERj 9RcaAAgZMOv7QvMYgsZD95jZGqgOSNjxPKoTmrjdF4ri2ZqhqPOYfZ1jM2b5gQTx2F7G /y0pS5TzPhuRg92vEZBYkCta6uTeGesplSjaAU18eHLnmrNKMYKRnx+aFzfD3+9th0fk L6aH9IGrTTOWFF8PMrtf9cbgeFD4euuGHqLmF61rpF0yeFSEnQc2/1IQKtSnyhK1MSE5 zqwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724439234; x=1725044034; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=MZhuyhwkXzq5TLpNWTsJTlY8QsgB091bBfZe2SCWV7A=; b=OPzSwEKGm485dsO7PDDunDuwvzMNGQzgEyj5xR5r4PbUi42id40mfqUZ8k7e8xm13b a1ckITa5wFBN0338s8Rw88KNiHJWoFyOGOrXbSUEq1UJv/mUlkhzLLOWmHsxCo0LMZpj x52IkQsu/8mSbjFEq/VHaE4rLdTTRBTdC9edB18cUl1g2m8EqO59KB7ZOF65dJe6/8Ks KStOrXcsqy0NkWR8vbxL/V3m9syi6IkWr4gVEyVqhVUDLqlCcJ7r6jkAlE5O0/8uF016 L46VPcz8jEZJ6eIYO/IHJGBBWVTF1Xn8Q7V8YI+mYCJDxq+Xz/qxmXCCvF42raxeorxH ivsg== X-Forwarded-Encrypted: i=1; AJvYcCVne6PCslvdvx69e/G8ZnxJ3hwX/2rr0w+neQazYeq5mRQppX+5of48E0JwhPeF6ikmmIc=@vger.kernel.org X-Gm-Message-State: AOJu0YwvgmhLhdfEcoUJYUkMYHSUNe1C3T1+bscgbOcZYDID5ttxHPlj oX536NGVt6TaQqRWw+5ani9HJKKUGulC7znRVfhlu3sTBwaUUzs19aVxUOUQAZ7EOoZ8lrb33Jw g6SeIh/ftdw== X-Google-Smtp-Source: AGHT+IEypgUJ5wnYpxkM8UoctfuiVZ7zGv0wV5gsWQk1EXSBHETI8UYVQUPub68MaSVJRIAEV6qFA/ajyKJHpw== X-Received: from loggerhead.c.googlers.com ([fda3:e722:ac3:cc00:f3:525d:ac13:60e1]) (user=jmattson job=sendgmr) by 2002:a25:bf91:0:b0:e16:67ca:e24f with SMTP id 3f1490d57ef6-e17a865aba3mr4635276.10.1724439234156; Fri, 23 Aug 2024 11:53:54 -0700 (PDT) Date: Fri, 23 Aug 2024 11:53:12 -0700 In-Reply-To: <20240823185323.2563194-1-jmattson@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240823185323.2563194-1-jmattson@google.com> X-Mailer: git-send-email 2.46.0.295.g3b9ea8a38a-goog Message-ID: <20240823185323.2563194-4-jmattson@google.com> Subject: [PATCH v3 3/4] KVM: x86: Advertise AMD_IBPB_RET to userspace From: Jim Mattson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Sean Christopherson , Paolo Bonzini , Pawan Gupta , Josh Poimboeuf , Jim Mattson , Sandipan Das , Kai Huang , x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Tom Lendacky This is an inherent feature of IA32_PRED_CMD[0], so it is trivially virtualizable (as long as IA32_PRED_CMD[0] is virtualized). Suggested-by: Tom Lendacky Signed-off-by: Jim Mattson --- arch/x86/kvm/cpuid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 2617be544480..ec7b2ca3b4d3 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -751,7 +751,7 @@ void kvm_set_cpu_caps(void) F(CLZERO) | F(XSAVEERPTR) | F(WBNOINVD) | F(AMD_IBPB) | F(AMD_IBRS) | F(AMD_SSBD) | F(VIRT_SSBD) | F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_STIBP_ALWAYS_ON) | - F(AMD_PSFD) + F(AMD_PSFD) | F(AMD_IBPB_RET) ); /* From patchwork Fri Aug 23 18:53:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Mattson X-Patchwork-Id: 13775718 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9FFD819307E for ; Fri, 23 Aug 2024 18:53:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439238; cv=none; b=IXpHGUMcphvizr5LSz7qVya7PeiadYY/NmduU9/tjnnfigTevJIp7eb4aQ1P3JQPgyLRfmEbCwCzon6Vnq2rO8a2CVWgdpnHQH99R36oQPfmQyled1IL3NhThEXniIaHXI8xGMK/Ew/Izlo5eT0meeGNVh+gHbBNP1jCmKTnwH0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1724439238; c=relaxed/simple; bh=MyBiTMGpmZrrLOJsOFwtm0ilk6ZZtI1A1HrN6ZN27qU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=r2l5XPr2KeYoaPGfbUBieIpBCdVL7Ep1SKezuCC0ZDqdwSgUxDPh+aRCHfPXBE/tQkrRjm45fMzBHXqp1C2l9JLOttHb13xtnDmi2kw4yehgIuTFA89ha1qFHn7nlpKbgaab99qE2sRSQbJyt/tWEcZzpqZThgqYSfTHhaI9pas= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=GcbRO07+; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="GcbRO07+" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2021be03c53so22443855ad.3 for ; Fri, 23 Aug 2024 11:53:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1724439236; x=1725044036; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=gVFZNv4GWRiUrVz98MUMToFQTqhf2FOUUV+ADB4mKm4=; b=GcbRO07+U4WdwIujPbNy9/nYewb64VZcOKHcs9PyPeX10MhJwMH4ieTcGKdGZZGF+O h6kLc0mCO+5i05vHrNyRdkjmoE4erRJFGqloQ5Xs8e+TTApGuwe3jp9Hymgujfi1SiDt MxB8d8ufQf7zXlqKGCY58Gqi+UEVVlvEXzFyeSOUhdz8rc45sbfUiKuudUIK/jf6eGIY n9gUlh24oh+Y9ZZu/M5uKXn8IbRmnnfVHUnzZNEO7xNY3YXJrV5ZQYb0bqdjEB9Q1dS7 SUQe42Kf747fGaIyYEGwgKn0cQY3rexpbpGgBfI2FDFme+pI49W/aBi4vyU4doQTZARf CPQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724439236; x=1725044036; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=gVFZNv4GWRiUrVz98MUMToFQTqhf2FOUUV+ADB4mKm4=; b=Pi7ZOLGWP+7vNv/SUgi5IKks+viUI+mzWX23eRCxnV1QJxC+KSjBHFJDZIw+Nua/R4 cz/8HFYYQyXdN7FoRBPngCyjn6B7sj9k9Ec3HzAKBXWqF1m5RIfUWcymJC6NM9WFu6rr IBMDvtsRbMp6y70B4QtHeiENAFYUZ6Z07juWnnToXebcg72SML94lH2MuRySQUZTuX31 XwJQVeslBymAH2huUF2Bhss/mCo8UGEJkbChucADzdcaYnHfGI9PLMeMA9QXDbWInXdC jEx9hbLnIAKQh94sJXuayRW6IsSoylbsmCIK8oVlX/MKjYGr/yUdlQH9GR3nxMge3Yo5 R+HA== X-Forwarded-Encrypted: i=1; AJvYcCVRn5ON0uQIrgS6R126otDuwxhbMwpd74UcHztfPeZL/FPB5jyM5Qfxr98OjsQsOVVqkpc=@vger.kernel.org X-Gm-Message-State: AOJu0Yy8MZgOYeHoO8ygOVrrym7vlrj2YLZ4ug43x0ZYZbO9SjX6q1zZ iydnXHQ+IE/kkUTQiZwx4E7Yete+yq+pycjcSW2FyTFTo0D+gjqStC39r9cSGDB8J9fsMEZhLZG IZJ7UO47GYQ== X-Google-Smtp-Source: AGHT+IEaaQ0Woq0T5ahHq+3E7nfEsKVxnKK6BQo6ogJ10ZT5yXqN8LciMB4mft0oDRdWnpV0B08MFc8oBeGZ+Q== X-Received: from loggerhead.c.googlers.com ([fda3:e722:ac3:cc00:f3:525d:ac13:60e1]) (user=jmattson job=sendgmr) by 2002:a17:902:c40e:b0:200:86f4:fa1b with SMTP id d9443c01a7336-2039e4a7403mr2517075ad.4.1724439235807; Fri, 23 Aug 2024 11:53:55 -0700 (PDT) Date: Fri, 23 Aug 2024 11:53:13 -0700 In-Reply-To: <20240823185323.2563194-1-jmattson@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240823185323.2563194-1-jmattson@google.com> X-Mailer: git-send-email 2.46.0.295.g3b9ea8a38a-goog Message-ID: <20240823185323.2563194-5-jmattson@google.com> Subject: [PATCH v3 4/4] KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB From: Jim Mattson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Sean Christopherson , Paolo Bonzini , Pawan Gupta , Josh Poimboeuf , Jim Mattson , Sandipan Das , Kai Huang , x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Venkatesh Srinivas From Intel's documention [1], "CPUID.(EAX=07H,ECX=0):EDX[26] enumerates support for indirect branch restricted speculation (IBRS) and the indirect branch predictor barrier (IBPB)." Further, from [2], "Software that executed before the IBPB command cannot control the predicted targets of indirect branches (4) executed after the command on the same logical processor," where footnote 4 reads, "Note that indirect branches include near call indirect, near jump indirect and near return instructions. Because it includes near returns, it follows that **RSB entries created before an IBPB command cannot control the predicted targets of returns executed after the command on the same logical processor.**" [emphasis mine] On the other hand, AMD's IBPB "may not prevent return branch predictions from being specified by pre-IBPB branch targets" [3]. However, some AMD processors have an "enhanced IBPB" [terminology mine] which does clear the return address predictor. This feature is enumerated by CPUID.80000008:EDX.IBPB_RET[bit 30] [4]. Adjust the cross-vendor features enumerated by KVM_GET_SUPPORTED_CPUID accordingly. [1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/cpuid-enumeration-and-architectural-msrs.html [2] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/speculative-execution-side-channel-mitigations.html#Footnotes [3] https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1040.html [4] https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24594.pdf Fixes: 0c54914d0c52 ("KVM: x86: use Intel speculation bugs and features as derived in generic x86 code") Suggested-by: Venkatesh Srinivas Signed-off-by: Jim Mattson --- arch/x86/kvm/cpuid.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index ec7b2ca3b4d3..c8d7d928ffc7 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -690,7 +690,9 @@ void kvm_set_cpu_caps(void) kvm_cpu_cap_set(X86_FEATURE_TSC_ADJUST); kvm_cpu_cap_set(X86_FEATURE_ARCH_CAPABILITIES); - if (boot_cpu_has(X86_FEATURE_IBPB) && boot_cpu_has(X86_FEATURE_IBRS)) + if (boot_cpu_has(X86_FEATURE_AMD_IBPB_RET) && + boot_cpu_has(X86_FEATURE_AMD_IBPB) && + boot_cpu_has(X86_FEATURE_AMD_IBRS)) kvm_cpu_cap_set(X86_FEATURE_SPEC_CTRL); if (boot_cpu_has(X86_FEATURE_STIBP)) kvm_cpu_cap_set(X86_FEATURE_INTEL_STIBP); @@ -759,6 +761,8 @@ void kvm_set_cpu_caps(void) * arch/x86/kernel/cpu/bugs.c is kind enough to * record that in cpufeatures so use them. */ + if (boot_cpu_has(X86_FEATURE_SPEC_CTRL)) + kvm_cpu_cap_set(X86_FEATURE_AMD_IBPB_RET); if (boot_cpu_has(X86_FEATURE_IBPB)) kvm_cpu_cap_set(X86_FEATURE_AMD_IBPB); if (boot_cpu_has(X86_FEATURE_IBRS))