kernel / kernel-source

Clone
Source Code
GIT

Blame patches.suse/x86-cpu-amd-Add-Spectral-Chicken.patch

ALP-current ALP-current-GA ALP-current-RT ALP-current-RT-GA SLE12-SP5 SLE12-SP5-AZURE SLE12-SP5-RT SLE15-SP2-EB SLE15-SP3-RT-LTSS SLE15-SP4-RT-LTSS SLE15-SP5 SLE15-SP5-AZURE SLE15-SP5-RT SLE15-SP6 SLE15-SP6-AZURE SLE15-SP6-AZURE-GA SLE15-SP6-GA SLE15-SP6-RT SLE15-SP6-RT-GA linux-next master packaging scripts slowroll stable vanilla
  1.   888eddd4fd1e487559f6a6cf1b44bfe17b8ae897
  2.   patches.suse
  3.   x86-cpu-amd-Add-Spectral-Chicken.patch
Blob History Raw
Borislav Petkov 739064 
From: Peter Zijlstra <peterz@infradead.org>
Borislav Petkov 739064 
Date: Tue, 14 Jun 2022 23:16:04 +0200
Borislav Petkov 739064 
Subject: x86/cpu/amd: Add Spectral Chicken
Borislav Petkov 739064 
Git-commit: d7caac991feeef1b871ee6988fd2c9725df09039
Borislav Petkov d06c64 
Patch-mainline: v5.19-rc4
Borislav Petkov 739064 
References: bsc#1199657 CVE-2022-29900 CVE-2022-29901
Borislav Petkov 739064
Borislav Petkov 739064 
Zen2 uarchs have an undocumented, unnamed, MSR that contains a chicken
Borislav Petkov 739064 
bit for some speculation behaviour. It needs setting.
Borislav Petkov 739064
Borislav Petkov 739064 
Note: very belatedly AMD released naming; it's now officially called
Borislav Petkov 739064 
      MSR_AMD64_DE_CFG2 and MSR_AMD64_DE_CFG2_SUPPRESS_NOBR_PRED_BIT
Borislav Petkov 739064 
      but shall remain the SPECTRAL CHICKEN.
Borislav Petkov 739064
Borislav Petkov 739064 
Suggested-by: Andrew Cooper <Andrew.Cooper3@citrix.com>
Borislav Petkov 739064 
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Borislav Petkov 739064 
Signed-off-by: Borislav Petkov <bp@suse.de>
Borislav Petkov 739064 
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Borislav Petkov 739064 
Signed-off-by: Borislav Petkov <bp@suse.de>
Borislav Petkov 739064 
---
Borislav Petkov 739064 
 arch/x86/include/asm/msr-index.h |    3 +++
Borislav Petkov 739064 
 arch/x86/kernel/cpu/amd.c        |   26 +++++++++++++++++++++++++-
Borislav Petkov 739064 
 arch/x86/kernel/cpu/cpu.h        |    2 ++
Borislav Petkov 739064 
 arch/x86/kernel/cpu/hygon.c      |    6 ++++++
Borislav Petkov 739064 
 4 files changed, 36 insertions(+), 1 deletion(-)
Borislav Petkov 739064
Borislav Petkov 739064 
--- a/arch/x86/include/asm/msr-index.h
Borislav Petkov 739064 
+++ b/arch/x86/include/asm/msr-index.h
Borislav Petkov 739064 
@@ -425,6 +425,9 @@
Borislav Petkov 739064 
 /* Fam 17h MSRs */
Borislav Petkov 739064 
 #define MSR_F17H_IRPERF			0xc00000e9
Borislav Petkov 739064
Borislav Petkov 739064 
+#define MSR_ZEN2_SPECTRAL_CHICKEN	0xc00110e3
Borislav Petkov 739064 
+#define MSR_ZEN2_SPECTRAL_CHICKEN_BIT	BIT_ULL(1)
Borislav Petkov 739064 
+
Borislav Petkov 739064 
 /* Fam 16h MSRs */
Borislav Petkov 739064 
 #define MSR_F16H_L2I_PERF_CTL		0xc0010230
Borislav Petkov 739064 
 #define MSR_F16H_L2I_PERF_CTR		0xc0010231
Borislav Petkov 739064 
--- a/arch/x86/kernel/cpu/amd.c
Borislav Petkov 739064 
+++ b/arch/x86/kernel/cpu/amd.c
Borislav Petkov 739064 
@@ -875,6 +875,26 @@ static void init_amd_bd(struct cpuinfo_x
Borislav Petkov 739064 
 	clear_rdrand_cpuid_bit(c);
Borislav Petkov 739064 
 }
Borislav Petkov 739064
Borislav Petkov 739064 
+void init_spectral_chicken(struct cpuinfo_x86 *c)
Borislav Petkov 739064 
+{
Borislav Petkov 739064 
+	u64 value;
Borislav Petkov 739064 
+
Borislav Petkov 739064 
+	/*
Borislav Petkov 739064 
+	 * On Zen2 we offer this chicken (bit) on the altar of Speculation.
Borislav Petkov 739064 
+	 *
Borislav Petkov 739064 
+	 * This suppresses speculation from the middle of a basic block, i.e. it
Borislav Petkov 739064 
+	 * suppresses non-branch predictions.
Borislav Petkov 739064 
+	 *
Borislav Petkov 739064 
+	 * We use STIBP as a heuristic to filter out Zen2 from the rest of F17H
Borislav Petkov 739064 
+	 */
Borislav Petkov 739064 
+	if (!cpu_has(c, X86_FEATURE_HYPERVISOR) && cpu_has(c, X86_FEATURE_AMD_STIBP)) {
Borislav Petkov 739064 
+		if (!rdmsrl_safe(MSR_ZEN2_SPECTRAL_CHICKEN, &value)) {
Borislav Petkov 739064 
+			value |= MSR_ZEN2_SPECTRAL_CHICKEN_BIT;
Borislav Petkov 739064 
+			wrmsrl_safe(MSR_ZEN2_SPECTRAL_CHICKEN, value);
Borislav Petkov 739064 
+		}
Borislav Petkov 739064 
+	}
Borislav Petkov 739064 
+}
Borislav Petkov 739064 
+
Borislav Petkov 739064 
 static void init_amd_zn(struct cpuinfo_x86 *c)
Borislav Petkov 739064 
 {
Borislav Petkov 739064 
 	set_cpu_cap(c, X86_FEATURE_ZEN);
Borislav Petkov 739064 
@@ -920,7 +940,11 @@ static void init_amd(struct cpuinfo_x86
Borislav Petkov 739064 
 	case 0x12: init_amd_ln(c); break;
Borislav Petkov 739064 
 	case 0x15: init_amd_bd(c); break;
Borislav Petkov 739064 
 	case 0x16: init_amd_jg(c); break;
Borislav Petkov 739064 
-	case 0x17: init_amd_zn(c); break;
Borislav Petkov 739064 
+	case 0x17:
Borislav Petkov 739064 
+		init_spectral_chicken(c);
Borislav Petkov 739064 
+		init_amd_zn(c);
Borislav Petkov 739064 
+	break;
Borislav Petkov 739064 
+
Borislav Petkov 739064 
 	}
Borislav Petkov 739064
Borislav Petkov 739064 
 	/*
Borislav Petkov 739064 
--- a/arch/x86/kernel/cpu/cpu.h
Borislav Petkov 739064 
+++ b/arch/x86/kernel/cpu/cpu.h
Borislav Petkov 739064 
@@ -60,6 +60,8 @@ extern void tsx_disable(void);
Borislav Petkov 739064 
 static inline void tsx_init(void) { }
Borislav Petkov 739064 
 #endif /* CONFIG_CPU_SUP_INTEL */
Borislav Petkov 739064
Borislav Petkov 739064 
+extern void init_spectral_chicken(struct cpuinfo_x86 *c);
Borislav Petkov 739064 
+
Borislav Petkov 739064 
 extern void get_cpu_cap(struct cpuinfo_x86 *c);
Borislav Petkov 739064 
 extern void cpu_detect_cache_sizes(struct cpuinfo_x86 *c);
Borislav Petkov 739064 
 extern void x86_spec_ctrl_setup_ap(void);
Borislav Petkov 739064 
--- a/arch/x86/kernel/cpu/hygon.c
Borislav Petkov 739064 
+++ b/arch/x86/kernel/cpu/hygon.c
Borislav Petkov 739064 
@@ -318,6 +318,12 @@ static void init_hygon(struct cpuinfo_x8
Borislav Petkov 739064 
 	/* get apicid instead of initial apic id from cpuid */
Borislav Petkov 739064 
 	c->apicid = hard_smp_processor_id();
Borislav Petkov 739064
Borislav Petkov 739064 
+	/*
Borislav Petkov 739064 
+	 * XXX someone from Hygon needs to confirm this DTRT
Borislav Petkov 739064 
+	 *
Borislav Petkov 739064 
+	init_spectral_chicken(c);
Borislav Petkov 739064 
+	 */
Borislav Petkov 739064 
+
Borislav Petkov 739064 
 	set_cpu_cap(c, X86_FEATURE_ZEN);
Borislav Petkov 739064 
 	set_cpu_cap(c, X86_FEATURE_CPB);
Borislav Petkov 739064
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.