kernel / kernel-source

Clone
Source Code
GIT

Blame patches.suse/x86-speculation-mmio-Enable-CPU-Fill-buffer-clearing-on-idle.patch

ALP-current ALP-current-GA ALP-current-RT ALP-current-RT-GA SLE12-SP5 SLE12-SP5-AZURE SLE12-SP5-RT SLE15-SP2-EB SLE15-SP3-RT-LTSS SLE15-SP4-RT-LTSS SLE15-SP5 SLE15-SP5-AZURE SLE15-SP5-RT SLE15-SP6 SLE15-SP6-AZURE SLE15-SP6-AZURE-GA SLE15-SP6-GA SLE15-SP6-RT SLE15-SP6-RT-GA linux-next master packaging scripts slowroll stable vanilla
  1.   5da3dcaeccd99d29f61d6b3d8acb1a8b74592df0
  2.   patches.suse
  3.   x86-speculation-mmio-Enable-CPU-Fill-buffer-clearing-on-idle.patch
Blob History Raw
Borislav Petkov 66ff39 
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Borislav Petkov 66ff39 
Date: Thu, 19 May 2022 20:31:12 -0700
Borislav Petkov 66ff39 
Subject: x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
Borislav Petkov 66ff39 
Git-commit: 99a83db5a605137424e1efe29dc0573d6a5b6316
Borislav Petkov 66ff39 
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git
Borislav Petkov 66ff39 
Patch-mainline: Queued in tip for v5.19
Borislav Petkov 66ff39 
References: bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
When the CPU is affected by Processor MMIO Stale Data vulnerabilities,
Borislav Petkov 66ff39 
Fill Buffer Stale Data Propagator (FBSDP) can propagate stale data out
Borislav Petkov 66ff39 
of Fill buffer to uncore buffer when CPU goes idle. Stale data can then
Borislav Petkov 66ff39 
be exploited with other variants using MMIO operations.
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
Mitigate it by clearing the Fill buffer before entering idle state.
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Borislav Petkov 66ff39 
Co-developed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Borislav Petkov 66ff39 
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Borislav Petkov 66ff39 
Signed-off-by: Borislav Petkov <bp@suse.de>
Borislav Petkov 66ff39 
---
Borislav Petkov 66ff39 
 arch/x86/kernel/cpu/bugs.c | 16 ++++++++++++++--
Borislav Petkov 66ff39 
 1 file changed, 14 insertions(+), 2 deletions(-)
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
Borislav Petkov 66ff39 
index d2cc7dbba5e2..56d5dea5e128 100644
Borislav Petkov 66ff39 
--- a/arch/x86/kernel/cpu/bugs.c
Borislav Petkov 66ff39 
+++ b/arch/x86/kernel/cpu/bugs.c
Borislav Petkov 66ff39 
@@ -433,6 +433,14 @@ static void __init mmio_select_mitigation(void)
Borislav Petkov 66ff39 
 	else
Borislav Petkov 66ff39 
 		static_branch_enable(&mmio_stale_data_clear);
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
+	/*
Borislav Petkov 66ff39 
+	 * If Processor-MMIO-Stale-Data bug is present and Fill Buffer data can
Borislav Petkov 66ff39 
+	 * be propagated to uncore buffers, clearing the Fill buffers on idle
Borislav Petkov 66ff39 
+	 * is required irrespective of SMT state.
Borislav Petkov 66ff39 
+	 */
Borislav Petkov 66ff39 
+	if (!(ia32_cap & ARCH_CAP_FBSDP_NO))
Borislav Petkov 66ff39 
+		static_branch_enable(&mds_idle_clear);
Borislav Petkov 66ff39 
+
Borislav Petkov 66ff39 
 	/*
Borislav Petkov 66ff39 
 	 * Check if the system has the right microcode.
Borislav Petkov 66ff39 
 	 *
Borislav Petkov 66ff39 
@@ -1225,6 +1233,8 @@ static void update_indir_branch_cond(void)
Borislav Petkov 66ff39 
 /* Update the static key controlling the MDS CPU buffer clear in idle */
Borislav Petkov 66ff39 
 static void update_mds_branch_idle(void)
Borislav Petkov 66ff39 
 {
Borislav Petkov 66ff39 
+	u64 ia32_cap = x86_read_arch_cap_msr();
Borislav Petkov 66ff39 
+
Borislav Petkov 66ff39 
 	/*
Borislav Petkov 66ff39 
 	 * Enable the idle clearing if SMT is active on CPUs which are
Borislav Petkov 66ff39 
 	 * affected only by MSBDS and not any other MDS variant.
Borislav Petkov 66ff39 
@@ -1236,10 +1246,12 @@ static void update_mds_branch_idle(void)
Borislav Petkov 66ff39 
 	if (!boot_cpu_has_bug(X86_BUG_MSBDS_ONLY))
Borislav Petkov 66ff39 
 		return;
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
-	if (sched_smt_active())
Borislav Petkov 66ff39 
+	if (sched_smt_active()) {
Borislav Petkov 66ff39 
 		static_branch_enable(&mds_idle_clear);
Borislav Petkov 66ff39 
-	else
Borislav Petkov 66ff39 
+	} else if (mmio_mitigation == MMIO_MITIGATION_OFF ||
Borislav Petkov 66ff39 
+		   (ia32_cap & ARCH_CAP_FBSDP_NO)) {
Borislav Petkov 66ff39 
 		static_branch_disable(&mds_idle_clear);
Borislav Petkov 66ff39 
+	}
Borislav Petkov 66ff39 
 }
Borislav Petkov 66ff39
Borislav Petkov 66ff39 
 #define MDS_MSG_SMT "MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details.\n"
Borislav Petkov 66ff39
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.