File xsa435-0-04.patch of Package xen.32199
From be35bc9355f2ca4800b4a11b06b8631a057dcf4b Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Wed, 19 May 2021 19:40:28 +0100
Subject: x86/spec-ctrl: Clean up MSR_MCU_OPT_CTRL handling
Introduce cpu_has_srbds_ctrl as more users are going to appear shortly.
MSR_MCU_OPT_CTRL is gaining extra functionality, meaning that the current
default_xen_mcu_opt_ctrl is no longer a good fit.
Introduce two new helpers, update_mcu_opt_ctrl() which does a full RMW cycle
on the MSR, and set_in_mcu_opt_ctrl() which lets callers configure specific
bits at a time without clobbering each other settings.
No functional change.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/acpi/power.c
+++ b/xen/arch/x86/acpi/power.c
@@ -298,8 +298,7 @@ static int enter_state(u32 state)
if ( boot_cpu_has(X86_FEATURE_IBRSB) || boot_cpu_has(X86_FEATURE_IBRS) )
wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl);
- if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
- wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl);
+ update_mcu_opt_ctrl();
done:
spin_debug_enable();
--- a/xen/arch/x86/cpu/intel.c
+++ b/xen/arch/x86/cpu/intel.c
@@ -15,6 +15,38 @@
#include "cpu.h"
/*
+ * MSR_MCU_OPT_CTRL is a collection of unrelated functionality, with separate
+ * enablement requirements, but which want to be consistent across the system.
+ */
+static uint32_t __read_mostly mcu_opt_ctrl_mask;
+static uint32_t __read_mostly mcu_opt_ctrl_val;
+
+void update_mcu_opt_ctrl(void)
+{
+ uint32_t mask = mcu_opt_ctrl_mask, lo, hi;
+
+ if ( !mask )
+ return;
+
+ rdmsr(MSR_MCU_OPT_CTRL, lo, hi);
+
+ lo &= ~mask;
+ lo |= mcu_opt_ctrl_val;
+
+ wrmsr(MSR_MCU_OPT_CTRL, lo, hi);
+}
+
+void __init set_in_mcu_opt_ctrl(uint32_t mask, uint32_t val)
+{
+ mcu_opt_ctrl_mask |= mask;
+
+ mcu_opt_ctrl_val &= ~mask;
+ mcu_opt_ctrl_val |= (val & mask);
+
+ update_mcu_opt_ctrl();
+}
+
+/*
* Processors which have self-snooping capability can handle conflicting
* memory type across CPUs by snooping its own cache. However, there exists
* CPU models in which having conflicting memory types still leads to
--- a/xen/arch/x86/smpboot.c
+++ b/xen/arch/x86/smpboot.c
@@ -367,8 +367,7 @@ void start_secondary(void *unused)
*/
if ( boot_cpu_has(X86_FEATURE_IBRSB) || boot_cpu_has(X86_FEATURE_IBRS) )
wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl);
- if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
- wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl);
+ update_mcu_opt_ctrl();
tsx_init(); /* Needs microcode. May change HLE/RTM feature bits. */
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -75,7 +75,6 @@ static bool __initdata cpu_has_bug_msbds
static bool __initdata cpu_has_bug_mds; /* Any other M{LP,SB,FB}DS combination. */
static int8_t __initdata opt_srb_lock = -1;
-uint64_t __read_mostly default_xen_mcu_opt_ctrl;
static bool __initdata opt_unpriv_mmio;
static bool __read_mostly opt_fb_clear_mmio;
@@ -486,7 +485,7 @@ static void __init print_details(enum in
(default_xen_spec_ctrl & SPEC_CTRL_PSFD) ? " PSFD+" : " PSFD-",
!(caps & ARCH_CAPS_TSX_CTRL) ? "" :
(opt_tsx & 1) ? " TSX+" : " TSX-",
- !boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ? "" :
+ !cpu_has_srbds_ctrl ? "" :
opt_srb_lock ? " SRB_LOCK+" : " SRB_LOCK-",
opt_ibpb_ctxt_switch ? " IBPB-ctxt" : "",
opt_l1d_flush ? " L1D_FLUSH" : "",
@@ -1431,38 +1430,29 @@ void __init init_speculation_mitigations
tsx_init();
}
- /* Calculate suitable defaults for MSR_MCU_OPT_CTRL */
- if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
+ /*
+ * On some SRBDS-affected hardware, it may be safe to relax srb-lock by
+ * default.
+ *
+ * All parts with SRBDS_CTRL suffer SSDP, the mechanism by which stale RNG
+ * data becomes available to other contexts. To recover the data, an
+ * attacker needs to use:
+ * - SBDS (MDS or TAA to sample the cores fill buffer)
+ * - SBDR (Architecturally retrieve stale transaction buffer contents)
+ * - DRPW (Architecturally latch stale fill buffer data)
+ *
+ * On MDS_NO parts, and with TAA_NO or TSX unavailable/disabled, and there
+ * is no unprivileged MMIO access, the RNG data doesn't need protecting.
+ */
+ if ( cpu_has_srbds_ctrl )
{
- uint64_t val;
-
- rdmsrl(MSR_MCU_OPT_CTRL, val);
-
- /*
- * On some SRBDS-affected hardware, it may be safe to relax srb-lock
- * by default.
- *
- * All parts with SRBDS_CTRL suffer SSDP, the mechanism by which stale
- * RNG data becomes available to other contexts. To recover the data,
- * an attacker needs to use:
- * - SBDS (MDS or TAA to sample the cores fill buffer)
- * - SBDR (Architecturally retrieve stale transaction buffer contents)
- * - DRPW (Architecturally latch stale fill buffer data)
- *
- * On MDS_NO parts, and with TAA_NO or TSX unavailable/disabled, and
- * there is no unprivileged MMIO access, the RNG data doesn't need
- * protecting.
- */
if ( opt_srb_lock == -1 && !opt_unpriv_mmio &&
(caps & (ARCH_CAPS_MDS_NO|ARCH_CAPS_TAA_NO)) == ARCH_CAPS_MDS_NO &&
(!cpu_has_hle || ((caps & ARCH_CAPS_TSX_CTRL) && !(opt_tsx & 1))) )
opt_srb_lock = 0;
- val &= ~MCU_OPT_CTRL_RNGDS_MITG_DIS;
- if ( !opt_srb_lock )
- val |= MCU_OPT_CTRL_RNGDS_MITG_DIS;
-
- default_xen_mcu_opt_ctrl = val;
+ set_in_mcu_opt_ctrl(MCU_OPT_CTRL_RNGDS_MITG_DIS,
+ opt_srb_lock ? 0 : MCU_OPT_CTRL_RNGDS_MITG_DIS);
}
print_details(thunk, caps);
@@ -1496,9 +1486,6 @@ void __init init_speculation_mitigations
wrmsrl(MSR_SPEC_CTRL, bsp_delay_spec_ctrl ? 0 : default_xen_spec_ctrl);
}
-
- if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
- wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl);
}
static void __init __maybe_unused build_assertions(void)
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -132,6 +132,7 @@
/* CPUID level 0x00000007:0.edx */
#define cpu_has_avx512_4vnniw boot_cpu_has(X86_FEATURE_AVX512_4VNNIW)
#define cpu_has_avx512_4fmaps boot_cpu_has(X86_FEATURE_AVX512_4FMAPS)
+#define cpu_has_srbds_ctrl boot_cpu_has(X86_FEATURE_SRBDS_CTRL)
#define cpu_has_tsx_force_abort boot_cpu_has(X86_FEATURE_TSX_FORCE_ABORT)
#define cpu_has_arch_caps boot_cpu_has(X86_FEATURE_ARCH_CAPS)
--- a/xen/include/asm-x86/processor.h
+++ b/xen/include/asm-x86/processor.h
@@ -615,6 +615,9 @@ static inline uint8_t get_cpu_family(uin
extern int8_t opt_tsx, cpu_has_tsx_ctrl;
void tsx_init(void);
+void update_mcu_opt_ctrl(void);
+void set_in_mcu_opt_ctrl(uint32_t mask, uint32_t val);
+
void amd_check_zenbleed(void);
#endif /* !__ASSEMBLY__ */
--- a/xen/include/asm-x86/spec_ctrl.h
+++ b/xen/include/asm-x86/spec_ctrl.h
@@ -108,8 +108,6 @@ extern int8_t opt_pv_l1tf_hwdom, opt_pv_
*/
extern paddr_t l1tf_addr_mask, l1tf_safe_maddr;
-extern uint64_t default_xen_mcu_opt_ctrl;
-
static inline void init_shadow_spec_ctrl_state(void)
{
struct cpu_info *info = get_cpu_info();