From: David Woodhouse <dwmw2@infradead.org>
To: Thomas Gleixner <tglx@linutronix.de>,
KarimAllah Ahmed <karahmed@amazon.de>
Cc: linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
Andrea Arcangeli <aarcange@redhat.com>,
Andy Lutomirski <luto@kernel.org>,
Arjan van de Ven <arjan@linux.intel.com>,
Ashok Raj <ashok.raj@intel.com>,
Asit Mallick <asit.k.mallick@intel.com>,
Borislav Petkov <bp@suse.de>,
Dan Williams <dan.j.williams@intel.com>,
Dave Hansen <dave.hansen@intel.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
Joerg Roedel <joro@8bytes.org>,
Jun Nakajima <jun.nakajima@intel.com>,
Laura Abbott <labbott@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Paolo Bonzini <pbonzini@redhat.co
Subject: Re: [RFC 05/10] x86/speculation: Add basic IBRS support infrastructure
Date: Tue, 23 Jan 2018 20:58:36 +0000 [thread overview]
Message-ID: <1516741116.13558.11.camel@infradead.org> (raw)
In-Reply-To: <alpine.DEB.2.20.1801211524160.1998@nanos>
[-- Attachment #1: Type: text/plain, Size: 4341 bytes --]
On Sun, 2018-01-21 at 15:31 +0100, Thomas Gleixner wrote:
> >
> > XX: Do we want a microcode blacklist?
>
> Oh yes, we want a microcode blacklist. Ideally we refuse to load the
> affected microcode in the first place and if its already loaded then at
> least avoid to use the borked features.
>
> PR texts promising that Intel is committed to transparency in this matter
> are not sufficient. Intel, please provide the facts, i.e. a proper list of
> micro codes and affected SKUs, ASAP.
They've finally published one, at
https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/microcode-update-guidance.pdf
For shits and giggles, you can compare it with the one at
https://kb.vmware.com/s/article/52345
Intel's seems to be a bit rushed. For example for Broadwell-EX 406F1
they say "0x25, 0x23" are bad, but VMware's list says 0x0B000025 and I
have a CPU with 0x0B0000xx. So I've "corrected" their numbers in
attempt at a blacklist patch accordingly, and likewise for some Skylake
SKUs. But there are others in Intel's list that I can't easily
proofread for them right now. Am I missing something?
diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index b720dacac051..52855d1a4f9a 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -102,6 +102,57 @@ static void probe_xeon_phi_r3mwait(struct cpuinfo_x86 *c)
ELF_HWCAP2 |= HWCAP2_RING3MWAIT;
}
+/*
+ * Early microcode releases for the Spectre v2 mitigation were broken:
+ * https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/microcode-update-guidance.pdf
+ * VMware also has a list at https://kb.vmware.com/s/article/52345
+ */
+struct sku_microcode {
+ u8 model;
+ u8 stepping;
+ u32 microcode;
+};
+static const struct sku_microcode spectre_bad_microcodes[] = {
+ { INTEL_FAM6_KABYLAKE_DESKTOP, 0x0B, 0x80 },
+ { INTEL_FAM6_KABYLAKE_MOBILE, 0x0A, 0x80 },
+ { INTEL_FAM6_KABYLAKE_MOBILE, 0x0A, 0x80 },
+ { INTEL_FAM6_KABYLAKE_MOBILE, 0x09, 0x80 },
+ { INTEL_FAM6_KABYLAKE_DESKTOP, 0x09, 0x80 },
+ { INTEL_FAM6_SKYLAKE_X, 0x04, 0x0200003C },
+ { INTEL_FAM6_SKYLAKE_MOBILE, 0x03, 0x000000C2 },
+ { INTEL_FAM6_SKYLAKE_DESKTOP, 0x03, 0x000000C2 },
+ { INTEL_FAM6_BROADWELL_CORE, 0x04, 0x28 },
+ { INTEL_FAM6_BROADWELL_GT3E, 0x01, 0x0000001B },
+ { INTEL_FAM6_HASWELL_ULT, 0x01, 0x21 },
+ { INTEL_FAM6_HASWELL_GT3E, 0x01, 0x18 },
+ { INTEL_FAM6_HASWELL_CORE, 0x03, 0x23 },
+ { INTEL_FAM6_IVYBRIDGE_X, 0x04, 0x42a },
+ { INTEL_FAM6_HASWELL_X, 0x02, 0x3b },
+ { INTEL_FAM6_HASWELL_X, 0x04, 0x10 },
+ { INTEL_FAM6_HASWELL_CORE, 0x03, 0x23 },
+ { INTEL_FAM6_BROADWELL_XEON_D, 0x02, 0x14 },
+ { INTEL_FAM6_BROADWELL_XEON_D, 0x03, 0x7000011 },
+ { INTEL_FAM6_BROADWELL_GT3E, 0x01, 0x0000001B },
+ /* For 406F1 Intel says "0x25, 0x23" while VMware says 0x0B000025
+ * and a real CPU has a firmware in the 0x0B0000xx range. So: */
+ { INTEL_FAM6_BROADWELL_X, 0x01, 0x0b000025 },
+ { INTEL_FAM6_KABYLAKE_DESKTOP, 0x09, 0x80 },
+ { INTEL_FAM6_SKYLAKE_X, 0x03, 0x100013e },
+ { INTEL_FAM6_SKYLAKE_X, 0x04, 0x200003c },
+};
+
+static int bad_spectre_microcode(struct cpuinfo_x86 *c)
+{
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(spectre_bad_microcodes); i++) {
+ if (c->x86_model == spectre_bad_microcodes[i].model &&
+ c->x86_mask == spectre_bad_microcodes[i].stepping)
+ return (c->microcode <= spectre_bad_microcodes[i].microcode);
+ }
+ return 0;
+}
+
static void early_init_intel(struct cpuinfo_x86 *c)
{
u64 misc_enable;
@@ -122,6 +173,18 @@ static void early_init_intel(struct cpuinfo_x86 *c)
if (c->x86 >= 6 && !cpu_has(c, X86_FEATURE_IA64))
c->microcode = intel_get_microcode_revision();
+ if ((cpu_has(c, X86_FEATURE_SPEC_CTRL) ||
+ cpu_has(c, X86_FEATURE_AMD_SPEC_CTRL) ||
+ cpu_has(c, X86_FEATURE_AMD_PRED_CMD) ||
+ cpu_has(c, X86_FEATURE_AMD_STIBP)) && bad_spectre_microcode(c)) {
+ pr_warn("Intel Spectre v2 broken microcode detected; disabling SPEC_CTRL\n");
+ clear_cpu_cap(c, X86_FEATURE_SPEC_CTRL);
+ clear_cpu_cap(c, X86_FEATURE_STIBP);
+ clear_cpu_cap(c, X86_FEATURE_AMD_SPEC_CTRL);
+ clear_cpu_cap(c, X86_FEATURE_AMD_PRED_CMD);
+ clear_cpu_cap(c, X86_FEATURE_AMD_STIBP);
+ }
+
/*
* Atom erratum AAE44/AAF40/AAG38/AAH41:
*
[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5213 bytes --]
next prev parent reply other threads:[~2018-01-23 20:58 UTC|newest]
Thread overview: 135+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-20 19:22 [RFC 00/10] Speculation Control feature support KarimAllah Ahmed
2018-01-20 19:22 ` [RFC 01/10] x86/speculation: Add basic support for IBPB KarimAllah Ahmed
2018-01-20 19:22 ` [RFC 02/10] x86/kvm: Add IBPB support KarimAllah Ahmed
2018-01-20 20:18 ` Woodhouse, David
2018-01-22 18:56 ` Jim Mattson
2018-01-22 19:31 ` Jim Mattson
2018-01-20 19:22 ` [RFC 03/10] x86/speculation: Use Indirect Branch Prediction Barrier in context switch KarimAllah Ahmed
2018-01-20 19:22 ` [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process KarimAllah Ahmed
2018-01-20 21:06 ` Woodhouse, David
2018-01-22 18:29 ` Tim Chen
2018-01-21 11:22 ` Peter Zijlstra
2018-01-21 12:04 ` David Woodhouse
2018-01-21 14:07 ` H.J. Lu
2018-01-22 10:19 ` Peter Zijlstra
2018-01-22 10:23 ` David Woodhouse
2018-01-21 16:21 ` Ingo Molnar
2018-01-21 16:25 ` Arjan van de Ven
2018-01-21 22:20 ` Woodhouse, David
2018-01-29 6:35 ` Jon Masters
2018-01-29 14:07 ` Peter Zijlstra
2018-01-20 19:22 ` [RFC 05/10] x86/speculation: Add basic IBRS support infrastructure KarimAllah Ahmed
2018-01-21 14:31 ` Thomas Gleixner
2018-01-21 14:56 ` Borislav Petkov
2018-01-22 9:51 ` Peter Zijlstra
2018-01-22 12:06 ` Borislav Petkov
2018-01-22 13:30 ` Greg Kroah-Hartman
2018-01-22 13:36 ` Woodhouse, David
2018-01-21 15:25 ` David Woodhouse
2018-01-23 20:58 ` David Woodhouse [this message]
2018-01-24 8:47 ` Peter Zijlstra
2018-01-24 9:02 ` David Woodhouse
2018-01-24 9:10 ` Greg Kroah-Hartman
2018-01-24 15:09 ` Arjan van de Ven
2018-01-24 15:18 ` David Woodhouse
2018-01-24 9:34 ` Peter Zijlstra
2018-01-24 10:49 ` Henrique de Moraes Holschuh
2018-01-24 12:30 ` David Woodhouse
2018-01-24 12:14 ` David Woodhouse
2018-01-24 12:29 ` Peter Zijlstra
2018-01-24 12:58 ` David Woodhouse
2018-01-29 20:14 ` [RFC,05/10] " Eduardo Habkost
2018-01-29 20:17 ` David Woodhouse
2018-01-29 20:42 ` Eduardo Habkost
2018-01-29 20:44 ` Arjan van de Ven
2018-01-29 21:02 ` David Woodhouse
2018-01-29 21:37 ` Jim Mattson
2018-01-29 21:50 ` Eduardo Habkost
2018-01-29 22:12 ` Jim Mattson
2018-01-30 1:22 ` Eduardo Habkost
2018-01-29 22:25 ` Andi Kleen
2018-01-30 1:37 ` Eduardo Habkost
2018-01-29 21:37 ` Andi Kleen
2018-01-29 21:44 ` Eduardo Habkost
2018-01-29 22:10 ` Konrad Rzeszutek Wilk
2018-01-30 1:12 ` Eduardo Habkost
2018-01-30 0:23 ` Linus Torvalds
2018-01-30 1:03 ` Jim Mattson
2018-01-30 3:13 ` Andi Kleen
2018-01-31 15:03 ` Paolo Bonzini
2018-01-31 15:07 ` Dr. David Alan Gilbert
2018-01-30 1:32 ` Arjan van de Ven
2018-01-30 3:32 ` Linus Torvalds
2018-01-30 12:04 ` Eduardo Habkost
2018-01-30 13:54 ` Arjan van de Ven
2018-01-30 8:22 ` David Woodhouse
2018-01-30 11:35 ` David Woodhouse
2018-01-30 11:56 ` Dr. David Alan Gilbert
2018-01-30 12:11 ` Christian Borntraeger
2018-01-30 14:46 ` Christophe de Dinechin
2018-01-30 14:52 ` Christian Borntraeger
2018-01-30 14:56 ` Christophe de Dinechin
2018-01-30 15:33 ` Christian Borntraeger
2018-01-30 20:46 ` Alan Cox
2018-01-31 10:05 ` Christophe de Dinechin
2018-01-31 10:15 ` Thomas Gleixner
2018-01-31 11:04 ` Dr. David Alan Gilbert
2018-01-31 11:52 ` Borislav Petkov
2018-01-31 12:30 ` Dr. David Alan Gilbert
2018-01-31 13:18 ` Borislav Petkov
2018-01-31 14:04 ` Dr. David Alan Gilbert
2018-01-31 14:44 ` Eduardo Habkost
2018-01-31 16:28 ` Borislav Petkov
2018-01-31 11:07 ` Christophe de Dinechin
2018-01-31 15:00 ` Eduardo Habkost
2018-01-31 15:11 ` Arjan van de Ven
2018-01-31 10:03 ` [RFC 05/10] " Christophe de Dinechin
2018-01-20 19:22 ` [RFC 06/10] x86/speculation: Add inlines to control Indirect Branch Speculation KarimAllah Ahmed
2018-01-20 19:22 ` [RFC 07/10] x86: Simplify spectre_v2 command line parsing KarimAllah Ahmed
2018-01-20 19:22 ` [RFC 08/10] x86/idle: Control Indirect Branch Speculation in idle KarimAllah Ahmed
2018-01-20 19:23 ` [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation KarimAllah Ahmed
2018-01-21 19:14 ` Andy Lutomirski
2018-01-23 16:12 ` Tom Lendacky
2018-01-23 16:20 ` Woodhouse, David
2018-01-23 22:37 ` Tom Lendacky
2018-01-23 22:49 ` Andi Kleen
2018-01-23 23:14 ` Woodhouse, David
2018-01-23 23:22 ` Andi Kleen
2018-01-24 0:47 ` Tim Chen
2018-01-24 1:00 ` Andy Lutomirski
2018-01-24 1:22 ` David Woodhouse
2018-01-24 1:59 ` Van De Ven, Arjan
2018-01-24 3:25 ` Andy Lutomirski
[not found] ` <CA+55aFxUEPHc7JRQG3zmxEsfmfJOiJa1QqFBKCBNb5Tt5vfiSg@mail.gmail.com>
2018-01-21 20:28 ` David Woodhouse
2018-01-21 21:35 ` Linus Torvalds
2018-01-21 22:00 ` David Woodhouse
2018-01-21 22:27 ` Linus Torvalds
2018-01-22 16:27 ` David Woodhouse
2018-01-23 7:29 ` Ingo Molnar
2018-01-23 7:53 ` Ingo Molnar
2018-01-23 9:27 ` Ingo Molnar
2018-01-23 9:37 ` David Woodhouse
2018-01-23 15:01 ` Dave Hansen
2018-01-23 9:30 ` David Woodhouse
2018-01-23 10:15 ` Ingo Molnar
2018-01-23 10:27 ` David Woodhouse
2018-01-23 10:44 ` Ingo Molnar
2018-01-23 10:23 ` Ingo Molnar
2018-02-04 18:43 ` Thomas Gleixner
2018-02-04 20:22 ` David Woodhouse
2018-02-06 9:14 ` David Woodhouse
2018-01-23 20:16 ` Pavel Machek
2018-01-20 19:23 ` [RFC 10/10] x86/enter: Use IBRS on syscall and interrupts KarimAllah Ahmed
2018-01-21 13:50 ` Konrad Rzeszutek Wilk
2018-01-21 14:40 ` KarimAllah Ahmed
2018-01-21 17:22 ` Dave Hansen
2018-01-21 14:02 ` [RFC 00/10] Speculation Control feature support Konrad Rzeszutek Wilk
2018-01-22 21:27 ` David Woodhouse
-- strict thread matches above, loose matches on Subject: below --
2018-01-29 22:29 [RFC,05/10] x86/speculation: Add basic IBRS support infrastructure David Dunn
2018-01-29 22:41 ` Andi Kleen
2018-01-29 22:49 ` Jim Mattson
2018-01-30 1:10 ` Eduardo Habkost
2018-01-30 1:20 ` David Dunn
2018-01-30 1:30 ` Eduardo Habkost
2018-01-29 23:51 ` Fred Jacobs
2018-01-30 1:08 ` Eduardo Habkost
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1516741116.13558.11.camel@infradead.org \
--to=dwmw2@infradead.org \
--cc=Janakarajan.Natarajan@amd.com \
--cc=aarcange@redhat.com \
--cc=ak@linux.intel.com \
--cc=arjan@linux.intel.com \
--cc=ashok.raj@intel.com \
--cc=asit.k.mallick@intel.com \
--cc=bp@suse.de \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=joro@8bytes.org \
--cc=jun.nakajima@intel.com \
--cc=karahmed@amazon.de \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mhiramat@kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.co \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).