From: Peter Zijlstra <peterz@infradead.org>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Andy Lutomirski <luto@kernel.org>,
Jonathan Corbet <corbet@lwn.net>,
Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
tony.luck@intel.com, ak@linux.intel.com,
tim.c.chen@linux.intel.com, linux-kernel@vger.kernel.org,
linux-doc@vger.kernel.org, kvm@vger.kernel.org,
Alyssa Milburn <alyssa.milburn@linux.intel.com>,
Daniel Sneddon <daniel.sneddon@linux.intel.com>,
antonio.gomez.iglesias@linux.intel.com,
Alyssa Milburn <alyssa.milburn@intel.com>
Subject: Re: [PATCH 1/6] x86/bugs: Add asm helpers for executing VERW
Date: Sun, 22 Oct 2023 18:16:01 +0200 [thread overview]
Message-ID: <20231022161601.GE31411@noisy.programming.kicks-ass.net> (raw)
In-Reply-To: <6439a094-23a6-4de3-aa41-bd033163e044@citrix.com>
On Sat, Oct 21, 2023 at 12:50:37AM +0100, Andrew Cooper wrote:
> On 20/10/2023 9:44 pm, Pawan Gupta wrote:
> > diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
> > index c55cc243592e..e1b623a27e1b 100644
> > --- a/arch/x86/include/asm/nospec-branch.h
> > +++ b/arch/x86/include/asm/nospec-branch.h
> > @@ -111,6 +111,24 @@
> > #define RESET_CALL_DEPTH_FROM_CALL
> > #endif
> >
> > +/*
> > + * Macro to execute VERW instruction to mitigate transient data sampling
> > + * attacks such as MDS. On affected systems a microcode update overloaded VERW
> > + * instruction to also clear the CPU buffers.
> > + *
> > + * Note: Only the memory operand variant of VERW clears the CPU buffers. To
> > + * handle the case when VERW is executed after user registers are restored, use
> > + * RIP to point the memory operand to a part NOPL instruction that contains
> > + * __KERNEL_DS.
> > + */
> > +#define __EXEC_VERW(m) verw _ASM_RIP(m)
> > +
> > +#define EXEC_VERW \
> > + __EXEC_VERW(551f); \
> > + /* nopl __KERNEL_DS(%rax) */ \
> > + .byte 0x0f, 0x1f, 0x80, 0x00, 0x00; \
> > +551: .word __KERNEL_DS; \
> > +
>
> Is this actually wise from a perf point of view?
>
> You're causing a data access to the instruction stream, and not only
> that, the immediate next instruction. Some parts don't take kindly to
> snoops hitting L1I.
>
> A better option would be to simply have
>
> .section .text.entry
> .align CACHELINE
> mds_verw_sel:
> .word __KERNEL_DS
> int3
> .align CACHELINE
>
>
> And then just have EXEC_VERW be
>
> verw mds_verw_sel(%rip)
ALTERNATIVE "", "verw mds_verw_sel(%rip)", X86_FEATURE_USER_CLEAR_CPU_BUF
But yeah, his seems like the sanest form.
next prev parent reply other threads:[~2023-10-22 16:16 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-20 20:44 [PATCH 0/6] Delay VERW Pawan Gupta
2023-10-20 20:44 ` [PATCH 1/6] x86/bugs: Add asm helpers for executing VERW Pawan Gupta
2023-10-20 23:13 ` Sean Christopherson
2023-10-21 1:00 ` Pawan Gupta
2023-10-20 23:55 ` [RESEND][PATCH " Andrew Cooper
2023-10-21 1:18 ` Pawan Gupta
2023-10-21 1:33 ` Andrew Cooper
2023-10-21 2:21 ` Pawan Gupta
2023-10-23 18:08 ` Josh Poimboeuf
2023-10-23 19:09 ` Pawan Gupta
2023-10-25 6:28 ` Pawan Gupta
2023-10-25 7:22 ` Peter Zijlstra
2023-10-25 7:52 ` Andrew Cooper
2023-10-25 8:02 ` Peter Zijlstra
2023-10-25 15:27 ` Pawan Gupta
[not found] ` <6439a094-23a6-4de3-aa41-bd033163e044@citrix.com>
2023-10-22 16:16 ` Peter Zijlstra [this message]
2023-10-20 20:45 ` [PATCH 2/6] x86/entry_64: Add VERW just before userspace transition Pawan Gupta
2023-10-23 18:22 ` Josh Poimboeuf
2023-10-23 19:13 ` Pawan Gupta
2023-10-23 19:17 ` Dave Hansen
2023-10-23 18:35 ` Josh Poimboeuf
2023-10-23 21:04 ` Pawan Gupta
2023-10-23 21:47 ` Josh Poimboeuf
2023-10-23 22:30 ` Pawan Gupta
2023-10-23 22:45 ` Dave Hansen
2023-10-24 0:00 ` Pawan Gupta
2023-10-20 20:45 ` [PATCH 3/6] x86/entry_32: " Pawan Gupta
2023-10-20 23:49 ` Andi Kleen
2023-10-21 1:28 ` Pawan Gupta
2023-10-20 20:45 ` [PATCH 4/6] x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key Pawan Gupta
2023-10-23 18:48 ` Josh Poimboeuf
2023-10-23 21:09 ` Pawan Gupta
2023-10-20 20:45 ` [PATCH 5/6] x86/bugs: Cleanup mds_user_clear Pawan Gupta
2023-10-23 8:51 ` Nikolay Borisov
2023-10-23 16:06 ` Pawan Gupta
2023-10-20 20:45 ` [PATCH 6/6] KVM: VMX: Move VERW closer to VMentry for MDS mitigation Pawan Gupta
2023-10-20 22:55 ` Sean Christopherson
2023-10-21 0:46 ` Pawan Gupta
2023-10-23 14:58 ` Sean Christopherson
2023-10-23 17:05 ` Pawan Gupta
2023-10-23 18:56 ` Josh Poimboeuf
2023-10-23 21:17 ` Pawan Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231022161601.GE31411@noisy.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=ak@linux.intel.com \
--cc=alyssa.milburn@intel.com \
--cc=alyssa.milburn@linux.intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=antonio.gomez.iglesias@linux.intel.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=daniel.sneddon@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tim.c.chen@linux.intel.com \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.