Re: [PATCH] x86/emulator: workaround for AMD erratum 573

All of lore.kernel.org
 help / color / mirror / Atom feed

* Re: [PATCH] x86/emulator: workaround for AMD erratum 573
       [not found] <mailman.4490.1323956364.12970.xen-devel@lists.xensource.com>
@ 2011-12-15 17:52 ` Boris Ostrovsky
  2011-12-16  8:26   ` Jan Beulich
  0 siblings, 1 reply; 5+ messages in thread
From: Boris Ostrovsky @ 2011-12-15 17:52 UTC (permalink / raw)
  To: Jan Beulich; +Cc: xen-devel

>--- a/xen/include/asm-x86/amd.h
> +++ b/xen/include/asm-x86/amd.h
> @@ -134,6 +134,12 @@
>       AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf),	\
>   		        AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0x1, 0x0))
>
> +#define AMD_ERRATUM_573							\
> +    AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x0f, 0x0, 0x0, 0xff, 0xf),	\
> +                       AMD_MODEL_RANGE(0x10, 0x0, 0x0, 0xff, 0xf),	\
> +                       AMD_MODEL_RANGE(0x11, 0x0, 0x0, 0xff, 0xf),	\
> +                       AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0xff, 0xf))

Families 0xf and 0x11 are not affected by erratum 573.

-boris

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] x86/emulator: workaround for AMD erratum 573
  2011-12-15 17:52 ` [PATCH] x86/emulator: workaround for AMD erratum 573 Boris Ostrovsky
@ 2011-12-16  8:26   ` Jan Beulich
  2011-12-16 14:15     ` Boris Ostrovsky
  0 siblings, 1 reply; 5+ messages in thread
From: Jan Beulich @ 2011-12-16  8:26 UTC (permalink / raw)
  To: Boris Ostrovsky; +Cc: xen-devel

>>> On 15.12.11 at 18:52, Boris Ostrovsky <boris.ostrovsky@amd.com> wrote:
>> --- a/xen/include/asm-x86/amd.h
>> +++ b/xen/include/asm-x86/amd.h
>> @@ -134,6 +134,12 @@
>>       AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf),	\
>>   		        AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0x1, 0x0))
>>
>> +#define AMD_ERRATUM_573							\
>> +    AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x0f, 0x0, 0x0, 0xff, 0xf),	\
>> +                       AMD_MODEL_RANGE(0x10, 0x0, 0x0, 0xff, 0xf),	\
>> +                       AMD_MODEL_RANGE(0x11, 0x0, 0x0, 0xff, 0xf),	\
>> +                       AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0xff, 0xf))
> 
> Families 0xf and 0x11 are not affected by erratum 573.

Are you saying that these two documents

33610 Rev. 3.48 December 2011
41788 Rev. 3.10 December 2011

both wrong? For fam 0xf it may be that we can set a lower bound for
pre-NPT ones if those indeed are unaffected (but we'd like to be sure
this is the case) - that would appear to be all with a model below 0x40.

Please clarify.

Jan

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] x86/emulator: workaround for AMD erratum 573
  2011-12-16  8:26   ` Jan Beulich
@ 2011-12-16 14:15     ` Boris Ostrovsky
  0 siblings, 0 replies; 5+ messages in thread
From: Boris Ostrovsky @ 2011-12-16 14:15 UTC (permalink / raw)
  To: Jan Beulich; +Cc: xen-devel

On 12/16/11 03:26, Jan Beulich wrote:
>>>> On 15.12.11 at 18:52, Boris Ostrovsky<boris.ostrovsky@amd.com>  wrote:
>>> --- a/xen/include/asm-x86/amd.h
>>> +++ b/xen/include/asm-x86/amd.h
>>> @@ -134,6 +134,12 @@
>>>        AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf),	\
>>>    		        AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0x1, 0x0))
>>>
>>> +#define AMD_ERRATUM_573							\
>>> +    AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x0f, 0x0, 0x0, 0xff, 0xf),	\
>>> +                       AMD_MODEL_RANGE(0x10, 0x0, 0x0, 0xff, 0xf),	\
>>> +                       AMD_MODEL_RANGE(0x11, 0x0, 0x0, 0xff, 0xf),	\
>>> +                       AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0xff, 0xf))
>>
>> Families 0xf and 0x11 are not affected by erratum 573.
>
> Are you saying that these two documents
>
> 33610 Rev. 3.48 December 2011
> 41788 Rev. 3.10 December 2011
>
> both wrong? For fam 0xf it may be that we can set a lower bound for
> pre-NPT ones if those indeed are unaffected (but we'd like to be sure
> this is the case) - that would appear to be all with a model below 0x40.
>
> Please clarify.


Sorry, my bad. You are right --- somehow I thought it was only 10h and 12h.

-boris

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH] x86/emulator: workaround for AMD erratum 573
@ 2011-12-15 13:16 Jan Beulich
  2011-12-15 16:53 ` Keir Fraser
  0 siblings, 1 reply; 5+ messages in thread
From: Jan Beulich @ 2011-12-15 13:16 UTC (permalink / raw)
  To: xen-devel@lists.xensource.com

[-- Attachment #1: Type: text/plain, Size: 2716 bytes --]

The only cases where we might end up emulating fsincos (as any other
x87 operations without memory operands) are
- when a HVM guest is in real mode (not applicable on AMD)
- between two half page table updates in PAE mode (unlikely, and not
  doing the emulation here does affect only performance, not
  correctness)
- when a guest maliciously (or erroneously) modifies an (MMIO or page
  table update) instruction under emulation (unspecified behavior)

Hence, in order to avoid the erratum to cause harm to the entire host,
don't emulate fsincos on the affected AMD CPU families.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/tools/tests/x86_emulator/x86_emulate.c
+++ b/tools/tests/x86_emulator/x86_emulate.c
@@ -9,5 +9,7 @@ typedef bool bool_t;
 
 #define BUG() abort()
 
+#define cpu_has_amd_erratum(nr) 0
+
 #include "x86_emulate/x86_emulate.h"
 #include "x86_emulate/x86_emulate.c"
--- a/xen/arch/x86/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate.c
@@ -10,8 +10,14 @@
  */
 
 #include <asm/x86_emulate.h>
+#include <asm/processor.h> /* current_cpu_info */
+#include <asm/amd.h> /* cpu_has_amd_erratum() */
 
 /* Avoid namespace pollution. */
 #undef cmpxchg
+#undef cpuid
+
+#define cpu_has_amd_erratum(nr) \
+        cpu_has_amd_erratum(&current_cpu_data, AMD_ERRATUM_##nr)
 
 #include "x86_emulate/x86_emulate.c"
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2761,6 +2761,9 @@ x86_emulate(
     case 0xd9: /* FPU 0xd9 */
         switch ( modrm )
         {
+        case 0xfb: /* fsincos */
+            fail_if(cpu_has_amd_erratum(573));
+            /* fall through */
         case 0xc0 ... 0xc7: /* fld %stN */
         case 0xc8 ... 0xcf: /* fxch %stN */
         case 0xd0: /* fnop */
@@ -2786,7 +2789,6 @@ x86_emulate(
         case 0xf8: /* fprem */
         case 0xf9: /* fyl2xp1 */
         case 0xfa: /* fsqrt */
-        case 0xfb: /* fsincos */
         case 0xfc: /* frndint */
         case 0xfd: /* fscale */
         case 0xfe: /* fsin */
--- a/xen/include/asm-x86/amd.h
+++ b/xen/include/asm-x86/amd.h
@@ -134,6 +134,12 @@
     AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf),	\
 		        AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0x1, 0x0))
 
+#define AMD_ERRATUM_573							\
+    AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x0f, 0x0, 0x0, 0xff, 0xf),	\
+                       AMD_MODEL_RANGE(0x10, 0x0, 0x0, 0xff, 0xf),	\
+                       AMD_MODEL_RANGE(0x11, 0x0, 0x0, 0xff, 0xf),	\
+                       AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0xff, 0xf))
+
 struct cpuinfo_x86;
 int cpu_has_amd_erratum(const struct cpuinfo_x86 *, int, ...);
 




[-- Attachment #2: amd-erratum-573.patch --]
[-- Type: text/plain, Size: 2758 bytes --]

x86/emulator: workaround for AMD erratum 573

The only cases where we might end up emulating fsincos (as any other
x87 operations without memory operands) are
- when a HVM guest is in real mode (not applicable on AMD)
- between two half page table updates in PAE mode (unlikely, and not
  doing the emulation here does affect only performance, not
  correctness)
- when a guest maliciously (or erroneously) modifies an (MMIO or page
  table update) instruction under emulation (unspecified behavior)

Hence, in order to avoid the erratum to cause harm to the entire host,
don't emulate fsincos on the affected AMD CPU families.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/tools/tests/x86_emulator/x86_emulate.c
+++ b/tools/tests/x86_emulator/x86_emulate.c
@@ -9,5 +9,7 @@ typedef bool bool_t;
 
 #define BUG() abort()
 
+#define cpu_has_amd_erratum(nr) 0
+
 #include "x86_emulate/x86_emulate.h"
 #include "x86_emulate/x86_emulate.c"
--- a/xen/arch/x86/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate.c
@@ -10,8 +10,14 @@
  */
 
 #include <asm/x86_emulate.h>
+#include <asm/processor.h> /* current_cpu_info */
+#include <asm/amd.h> /* cpu_has_amd_erratum() */
 
 /* Avoid namespace pollution. */
 #undef cmpxchg
+#undef cpuid
+
+#define cpu_has_amd_erratum(nr) \
+        cpu_has_amd_erratum(&current_cpu_data, AMD_ERRATUM_##nr)
 
 #include "x86_emulate/x86_emulate.c"
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2761,6 +2761,9 @@ x86_emulate(
     case 0xd9: /* FPU 0xd9 */
         switch ( modrm )
         {
+        case 0xfb: /* fsincos */
+            fail_if(cpu_has_amd_erratum(573));
+            /* fall through */
         case 0xc0 ... 0xc7: /* fld %stN */
         case 0xc8 ... 0xcf: /* fxch %stN */
         case 0xd0: /* fnop */
@@ -2786,7 +2789,6 @@ x86_emulate(
         case 0xf8: /* fprem */
         case 0xf9: /* fyl2xp1 */
         case 0xfa: /* fsqrt */
-        case 0xfb: /* fsincos */
         case 0xfc: /* frndint */
         case 0xfd: /* fscale */
         case 0xfe: /* fsin */
--- a/xen/include/asm-x86/amd.h
+++ b/xen/include/asm-x86/amd.h
@@ -134,6 +134,12 @@
     AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf),	\
 		        AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0x1, 0x0))
 
+#define AMD_ERRATUM_573							\
+    AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x0f, 0x0, 0x0, 0xff, 0xf),	\
+                       AMD_MODEL_RANGE(0x10, 0x0, 0x0, 0xff, 0xf),	\
+                       AMD_MODEL_RANGE(0x11, 0x0, 0x0, 0xff, 0xf),	\
+                       AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0xff, 0xf))
+
 struct cpuinfo_x86;
 int cpu_has_amd_erratum(const struct cpuinfo_x86 *, int, ...);
 

[-- Attachment #3: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] x86/emulator: workaround for AMD erratum 573
  2011-12-15 13:16 Jan Beulich
@ 2011-12-15 16:53 ` Keir Fraser
  0 siblings, 0 replies; 5+ messages in thread
From: Keir Fraser @ 2011-12-15 16:53 UTC (permalink / raw)
  To: Jan Beulich, xen-devel@lists.xensource.com

On 15/12/2011 13:16, "Jan Beulich" <JBeulich@suse.com> wrote:

> The only cases where we might end up emulating fsincos (as any other
> x87 operations without memory operands) are
> - when a HVM guest is in real mode (not applicable on AMD)
> - between two half page table updates in PAE mode (unlikely, and not
>   doing the emulation here does affect only performance, not
>   correctness)
> - when a guest maliciously (or erroneously) modifies an (MMIO or page
>   table update) instruction under emulation (unspecified behavior)
> 
> Hence, in order to avoid the erratum to cause harm to the entire host,
> don't emulate fsincos on the affected AMD CPU families.
> 
> Signed-off-by: Jan Beulich <jbeulich@suse.com>

Acked-by: Keir Fraser <keir@xen.org>

> --- a/tools/tests/x86_emulator/x86_emulate.c
> +++ b/tools/tests/x86_emulator/x86_emulate.c
> @@ -9,5 +9,7 @@ typedef bool bool_t;
>  
>  #define BUG() abort()
>  
> +#define cpu_has_amd_erratum(nr) 0
> +
>  #include "x86_emulate/x86_emulate.h"
>  #include "x86_emulate/x86_emulate.c"
> --- a/xen/arch/x86/x86_emulate.c
> +++ b/xen/arch/x86/x86_emulate.c
> @@ -10,8 +10,14 @@
>   */
>  
>  #include <asm/x86_emulate.h>
> +#include <asm/processor.h> /* current_cpu_info */
> +#include <asm/amd.h> /* cpu_has_amd_erratum() */
>  
>  /* Avoid namespace pollution. */
>  #undef cmpxchg
> +#undef cpuid
> +
> +#define cpu_has_amd_erratum(nr) \
> +        cpu_has_amd_erratum(&current_cpu_data, AMD_ERRATUM_##nr)
>  
>  #include "x86_emulate/x86_emulate.c"
> --- a/xen/arch/x86/x86_emulate/x86_emulate.c
> +++ b/xen/arch/x86/x86_emulate/x86_emulate.c
> @@ -2761,6 +2761,9 @@ x86_emulate(
>      case 0xd9: /* FPU 0xd9 */
>          switch ( modrm )
>          {
> +        case 0xfb: /* fsincos */
> +            fail_if(cpu_has_amd_erratum(573));
> +            /* fall through */
>          case 0xc0 ... 0xc7: /* fld %stN */
>          case 0xc8 ... 0xcf: /* fxch %stN */
>          case 0xd0: /* fnop */
> @@ -2786,7 +2789,6 @@ x86_emulate(
>          case 0xf8: /* fprem */
>          case 0xf9: /* fyl2xp1 */
>          case 0xfa: /* fsqrt */
> -        case 0xfb: /* fsincos */
>          case 0xfc: /* frndint */
>          case 0xfd: /* fscale */
>          case 0xfe: /* fsin */
> --- a/xen/include/asm-x86/amd.h
> +++ b/xen/include/asm-x86/amd.h
> @@ -134,6 +134,12 @@
>      AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf), \
>        AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0x1, 0x0))
>  
> +#define AMD_ERRATUM_573       \
> +    AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x0f, 0x0, 0x0, 0xff, 0xf), \
> +                       AMD_MODEL_RANGE(0x10, 0x0, 0x0, 0xff, 0xf), \
> +                       AMD_MODEL_RANGE(0x11, 0x0, 0x0, 0xff, 0xf), \
> +                       AMD_MODEL_RANGE(0x12, 0x0, 0x0, 0xff, 0xf))
> +
>  struct cpuinfo_x86;
>  int cpu_has_amd_erratum(const struct cpuinfo_x86 *, int, ...);
>  
> 
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2011-12-16 14:15 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <mailman.4490.1323956364.12970.xen-devel@lists.xensource.com>
2011-12-15 17:52 ` [PATCH] x86/emulator: workaround for AMD erratum 573 Boris Ostrovsky
2011-12-16  8:26   ` Jan Beulich
2011-12-16 14:15     ` Boris Ostrovsky
2011-12-15 13:16 Jan Beulich
2011-12-15 16:53 ` Keir Fraser

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.