[patch 2/8] MDS basics 2

[Thomas Gleixner <tglx@linutronix.de>]

Subject: [patch 2/8] x86/speculation/mds: Add mds_clear_cpu_buffer()
From: Thomas Gleixner <tglx@linutronix.de>

The Microarchitectural Data Sampling (MDS) vulernabilities are mitigated by
clearing the affected CPU buffers. The mechanism for clearing the buffers
uses the unused and obsolete VERW instruction in combination with a
microcode update which triggers a CPU buffer clear when VERW is executed.

Provide a inline function with the assembly magic. The argument of the VERW
instruction must be a memory operand.

The function takes a pointer to a static key, so different call sites can
depend on different static keys for controlling the invocation. This avoids
the conditionals at the call sites and allows for fine grained control,
e.g. the SMT only CPU buffer clearing on idle entry can be enabled
independent of the exit to user space clear.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/include/asm/nospec-branch.h |   19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -314,6 +314,25 @@ do {									\
 	preempt_enable();						\
 } while (0)
 
+#include <asm/segment.h>
+
+/**
+ * mds_clear_cpu_buffers - Mitigation for MDS vulnerability
+ *
+ * This uses the otherwise unused and obsolete VERW instruction in
+ * combination with microcode which triggers a CPU buffer flush when the
+ * instruction is executed.
+ */
+static inline void mds_clear_cpu_buffers(struct static_key_false *key)
+{
+	if (static_branch_likely(key)) {
+		static const u16 ds = __KERNEL_DS;
+
+		/* Has to be memory form, don't modify to use a register */
+		asm volatile("verw %[ds]" : : "i" (0), [ds] "m" (ds));
+	}
+}
+
 DECLARE_STATIC_KEY_FALSE(switch_to_cond_stibp);
 DECLARE_STATIC_KEY_FALSE(switch_mm_cond_ibpb);
 DECLARE_STATIC_KEY_FALSE(switch_mm_always_ibpb);