Home| summaryrefslogtreecommitdiff |
diff options
| author | Jan Beulich <jbeulich@suse.com> | 2018-06-06 14:39:02 +0200 |
|---|---|---|
| committer | Jan Beulich <jbeulich@suse.com> | 2018-06-06 14:39:02 +0200 |
| commit | a379559d2dbb44d4f881ac087f7a7cde9e06ec15 (patch) | |
| tree | c2437aaff78d5d15187ae2ecbb6c9efe0f81d67f | |
| parent | a3756fe31a51fe81da858136e637df391c74d7e1 (diff) | |
- Delete bogus patches.xen/0001-SSB-Xen-build-fix.patch, replaced
by the three ones below.
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
requested (bsc#1087082 CVE-2018-3639).
- xen/x86/process: Allow runtime control of Speculative Store
Bypass (bsc#1087082 CVE-2018-3639).
- xen/x86/bugs: Rename _RDS to _SSBD (bsc#1087082 CVE-2018-3639).
suse-commit: 4c7b76b6da61cf1d8e66f0f9d0332c7dda12f68d
| -rw-r--r-- | arch/x86/include/asm/thread_info.h | 2 | ||||
| -rw-r--r-- | arch/x86/kernel/cpu/bugs.c | 5 | ||||
| -rw-r--r-- | arch/x86/kernel/process-xen.c | 33 |
3 files changed, 38 insertions, 2 deletions
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h index 58dbed1eba8c..4a14c58cc04a 100644 --- a/arch/x86/include/asm/thread_info.h +++ b/arch/x86/include/asm/thread_info.h @@ -155,7 +155,7 @@ struct thread_info { (_TIF_IO_BITMAP|_TIF_NOTSC|_TIF_BLOCKSTEP|_TIF_SSBD) #else -#define _TIF_WORK_CTXSW (_TIF_NOTSC /*todo | _TIF_BLOCKSTEP */) +#define _TIF_WORK_CTXSW (_TIF_NOTSC /*todo | _TIF_BLOCKSTEP */ | _TIF_SSBD) #endif #define _TIF_WORK_CTXSW_PREV (_TIF_WORK_CTXSW|_TIF_USER_RETURN_NOTIFY) #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW|_TIF_DEBUG) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index cbac5034dc96..f0eaa2480d59 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -823,6 +823,11 @@ static void x86_amd_ssbd_disable(void) { u64 msrval = x86_amd_ls_cfg_base | x86_amd_ls_cfg_ssbd_mask; +#ifdef CONFIG_XEN + if (x86_amd_ls_cfg_base & x86_amd_ls_cfg_ssbd_mask) + return; +#endif + if (boot_cpu_has(X86_FEATURE_AMD_SSBD)) wrmsrl(MSR_AMD64_LS_CFG, msrval); } diff --git a/arch/x86/kernel/process-xen.c b/arch/x86/kernel/process-xen.c index 589121c9da8b..197092c244f7 100644 --- a/arch/x86/kernel/process-xen.c +++ b/arch/x86/kernel/process-xen.c @@ -23,6 +23,7 @@ #include <asm/i387.h> #include <asm/debugreg.h> #include <asm/spec_ctrl.h> +#include <asm/spec-ctrl.h> #include <xen/evtchn.h> struct kmem_cache *task_xstate_cachep; @@ -193,9 +194,34 @@ int set_tsc_mode(unsigned int val) return 0; } +static __always_inline void __speculative_store_bypass_update(int rds) +{ + u64 msr; + + if (static_cpu_has(X86_FEATURE_AMD_SSBD)) { + msr = x86_amd_ls_cfg_base | ssbd_tif_to_amd_ls_cfg(rds); +#ifdef CONFIG_XEN + /* + * At the moment Xen does not virtualize LS_CFG, and it + * unconditionally sets the flag in question (unless disabled). + * Avoid the MSR write when possible, as it triggers a (rate + * limited) hypervisor log message. (This could be further + * enhanced by also avoiding the write if the bit is fixed to + * zero, but that would be more involved. If any guest is to + * rely on the feature, Xen better had it enabled globally.) + */ + if (!(x86_amd_ls_cfg_base & x86_amd_ls_cfg_ssbd_mask)) +#endif + wrmsrl(MSR_AMD64_LS_CFG, msr); + } else { + msr = x86_spec_ctrl_base | ssbd_tif_to_spec_ctrl(rds); + wrmsrl(MSR_IA32_SPEC_CTRL, msr); + } +} + void speculative_store_bypass_update(void) { - /* Nothing to do for Xen here */ + __speculative_store_bypass_update(current_thread_info()->flags); } void __switch_to_xtra(struct task_struct *prev_p, struct task_struct *next_p) @@ -224,6 +250,11 @@ void __switch_to_xtra(struct task_struct *prev_p, struct task_struct *next_p) else hard_enable_TSC(); } + + if (test_tsk_thread_flag(prev_p, TIF_SSBD) ^ + test_tsk_thread_flag(next_p, TIF_SSBD)) + __speculative_store_bypass_update(test_tsk_thread_flag(next_p, TIF_SSBD)); + propagate_user_return_notify(prev_p, next_p); } |