From: Alejandro Vallejo <alejandro.vallejo@cloud.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: "Alejandro Vallejo" <alejandro.vallejo@cloud.com>,
"Jan Beulich" <jbeulich@suse.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>, "Wei Liu" <wl@xen.org>,
"Henry Wang" <Henry.Wang@arm.com>
Subject: [for-4.18][PATCH 2/2] x86/amd: Prevent potentially fetching wrong instruction bytes on Zen4
Date: Thu, 12 Oct 2023 18:26:01 +0100 [thread overview]
Message-ID: <20231012172601.22600-3-alejandro.vallejo@cloud.com> (raw)
In-Reply-To: <20231012172601.22600-1-alejandro.vallejo@cloud.com>
If Zen4 runs with SMT and without STIBP, then it may corrupt its own code
stream. This is erratum #1485 in the AMD specs.
Fix adapted off Linux's mailing list:
https://lore.kernel.org/lkml/D99589F4-BC5D-430B-87B2-72C20370CF57@exactcode.com/T/#u
Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com>
---
xen/arch/x86/cpu/amd.c | 11 +++++++++++
xen/arch/x86/include/asm/amd.h | 8 ++++++++
xen/arch/x86/include/asm/msr-index.h | 2 ++
3 files changed, 21 insertions(+)
diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c
index 22aa8c0085..2426e4cf15 100644
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -1166,6 +1166,17 @@ static void cf_check init_amd(struct cpuinfo_x86 *c)
if (c->x86 == 0x10)
__clear_bit(X86_FEATURE_MONITOR, c->x86_capability);
+ /*
+ * Erratum #1485: Outdated microcode on Zen4 may cause corruption
+ * in the code stream if SMT is enabled and STIBP is not. The fix
+ * is cheap, so it's applied irrespective of the loaded microcode.
+ */
+ if (!cpu_has_hypervisor && is_zen4_uarch()) {
+ rdmsrl(MSR_AMD64_BP_CFG, value);
+ wrmsrl(MSR_AMD64_BP_CFG,
+ value | AMD64_BP_CFG_SHARED_BTB_FIX);
+ }
+
if (!cpu_has_amd_erratum(c, AMD_ERRATUM_121))
opt_allow_unsafe = 1;
else if (opt_allow_unsafe < 0)
diff --git a/xen/arch/x86/include/asm/amd.h b/xen/arch/x86/include/asm/amd.h
index 5a40bcc2ba..7d18f7c66b 100644
--- a/xen/arch/x86/include/asm/amd.h
+++ b/xen/arch/x86/include/asm/amd.h
@@ -145,12 +145,20 @@
* Hygon (Fam18h) but without simple model number rules. Instead, use STIBP
* as a heuristic that distinguishes the two.
*
+ * Zen3 and Zen4 are easier to spot by model number, but it's still not a
+ * single range. We use AutoIBRS to to discriminate instead, as that's a
+ * Zen4-specific feature.
+ *
* The caller is required to perform the appropriate vendor check first.
*/
#define is_zen1_uarch() ((boot_cpu_data.x86 == 0x17 || boot_cpu_data.x86 == 0x18) && \
!boot_cpu_has(X86_FEATURE_AMD_STIBP))
#define is_zen2_uarch() (boot_cpu_data.x86 == 0x17 && \
boot_cpu_has(X86_FEATURE_AMD_STIBP))
+#define is_zen3_uarch() (boot_cpu_data.x86 == 0x19 && \
+ !boot_cpu_has(X86_FEATURE_AUTO_IBRS))
+#define is_zen4_uarch() (boot_cpu_data.x86 == 0x19 && \
+ boot_cpu_has(X86_FEATURE_AUTO_IBRS))
struct cpuinfo_x86;
int cpu_has_amd_erratum(const struct cpuinfo_x86 *, int, ...);
diff --git a/xen/arch/x86/include/asm/msr-index.h b/xen/arch/x86/include/asm/msr-index.h
index 11ffed543a..4437e8a63e 100644
--- a/xen/arch/x86/include/asm/msr-index.h
+++ b/xen/arch/x86/include/asm/msr-index.h
@@ -403,6 +403,8 @@
#define MSR_AMD64_DE_CFG 0xc0011029
#define AMD64_DE_CFG_LFENCE_SERIALISE (_AC(1, ULL) << 1)
#define MSR_AMD64_EX_CFG 0xc001102c
+#define MSR_AMD64_BP_CFG 0xc001102e
+#define AMD64_BP_CFG_SHARED_BTB_FIX (_AC(1, ULL) << 5)
#define MSR_AMD64_DE_CFG2 0xc00110e3
#define MSR_AMD64_DR0_ADDRESS_MASK 0xc0011027
--
2.34.1
next prev parent reply other threads:[~2023-10-12 17:26 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-12 17:25 [for-4.18][PATCH 0/2] Fix AMD erratum #1485 on AMD Zen4 Alejandro Vallejo
2023-10-12 17:26 ` [for-4.18][PATCH 1/2] xen/x86: Add family guards to the is_zen[12]_uarch() macros Alejandro Vallejo
2023-10-13 2:14 ` Andrew Cooper
2023-10-13 11:23 ` Alejandro Vallejo
2023-10-13 11:36 ` Roger Pau Monné
2023-10-13 14:00 ` Andrew Cooper
2023-10-12 17:26 ` Alejandro Vallejo [this message]
2023-10-13 2:28 ` [for-4.18][PATCH 2/2] x86/amd: Prevent potentially fetching wrong instruction bytes on Zen4 Andrew Cooper
2023-10-13 0:29 ` [for-4.18][PATCH 0/2] Fix AMD erratum #1485 on AMD Zen4 Henry Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231012172601.22600-3-alejandro.vallejo@cloud.com \
--to=alejandro.vallejo@cloud.com \
--cc=Henry.Wang@arm.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=roger.pau@citrix.com \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.