[PATCH] target/i386: Export RFDS bit to guests

[PATCH] target/i386: Export RFDS bit to guests

[Pawan Gupta]

Register File Data Sampling (RFDS) is a CPU side-channel vulnerability
that may expose stale register value. CPUs that set RFDS_NO bit in MSR
IA32_ARCH_CAPABILITIES indicate that they are not vulnerable to RFDS.
Similarly, RFDS_CLEAR indicates that CPU is affected by RFDS, and has
the microcode to help mitigate RFDS.

Make RFDS_CLEAR and RFDS_NO bits available to guests.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
---
 target/i386/cpu.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 9a210d8d9290..693a5e0fb2ce 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1158,8 +1158,8 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             NULL, "sbdr-ssdp-no", "fbsdp-no", "psdp-no",
             NULL, "fb-clear", NULL, NULL,
             NULL, NULL, NULL, NULL,
-            "pbrsb-no", NULL, "gds-no", NULL,
-            NULL, NULL, NULL, NULL,
+            "pbrsb-no", NULL, "gds-no", "rfds-no",
+            "rfds-clear", NULL, NULL, NULL,
         },
         .msr = {
             .index = MSR_IA32_ARCH_CAPABILITIES,

base-commit: a1932d7cd6507d4d9db2044a54731fff3e749bac
-- 
2.34.1

Re: [PATCH] target/i386: Export RFDS bit to guests

[Zhao Liu]

Hi Pawan,

On Wed, Mar 13, 2024 at 07:53:23AM -0700, Pawan Gupta wrote:
> Date: Wed, 13 Mar 2024 07:53:23 -0700
> From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> Subject: [PATCH] target/i386: Export RFDS bit to guests
> 
> Register File Data Sampling (RFDS) is a CPU side-channel vulnerability
> that may expose stale register value. CPUs that set RFDS_NO bit in MSR
> IA32_ARCH_CAPABILITIES indicate that they are not vulnerable to RFDS.
> Similarly, RFDS_CLEAR indicates that CPU is affected by RFDS, and has
> the microcode to help mitigate RFDS.
> 
> Make RFDS_CLEAR and RFDS_NO bits available to guests.

Are these two bits going to be supported by microcode updates to
existing products?

(Let me aslo attach the related spec to make it easy for more people to
learn about backgrounds: 
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.html)

> Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> ---
>  target/i386/cpu.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

LGTM,

Reviewed-by: Zhao Liu <zhao1.liu@intel.com>

Re: [PATCH] target/i386: Export RFDS bit to guests

[Pawan Gupta]

On Fri, Mar 15, 2024 at 03:50:18PM +0800, Zhao Liu wrote:
> > Make RFDS_CLEAR and RFDS_NO bits available to guests.
> 
> Are these two bits going to be supported by microcode updates to
> existing products?

RFDS_CLEAR is supported by the microcode update that is needed to
mitigate RFDS. RFDS_NO will be supported by future unaffected parts and
some of the existing parts. AFAIK, not all unaffected existing parts
will get RFDS_NO, for such parts KVM synthesizes RFDS_NO.

> (Let me aslo attach the related spec to make it easy for more people to
> learn about backgrounds: 
> https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.html)
> 
> > Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> > ---
> >  target/i386/cpu.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> LGTM,
> 
> Reviewed-by: Zhao Liu <zhao1.liu@intel.com>

Thank you.

Re: [PATCH] target/i386: Export RFDS bit to guests

[Xiaoyao Li]

On 3/13/2024 10:53 PM, Pawan Gupta wrote:
> Register File Data Sampling (RFDS) is a CPU side-channel vulnerability
> that may expose stale register value. CPUs that set RFDS_NO bit in MSR
> IA32_ARCH_CAPABILITIES indicate that they are not vulnerable to RFDS.
> Similarly, RFDS_CLEAR indicates that CPU is affected by RFDS, and has
> the microcode to help mitigate RFDS.
> 
> Make RFDS_CLEAR and RFDS_NO bits available to guests.

What's the status of KVM part?

> Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> ---
>   target/i386/cpu.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index 9a210d8d9290..693a5e0fb2ce 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -1158,8 +1158,8 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
>               NULL, "sbdr-ssdp-no", "fbsdp-no", "psdp-no",
>               NULL, "fb-clear", NULL, NULL,
>               NULL, NULL, NULL, NULL,
> -            "pbrsb-no", NULL, "gds-no", NULL,
> -            NULL, NULL, NULL, NULL,
> +            "pbrsb-no", NULL, "gds-no", "rfds-no",
> +            "rfds-clear", NULL, NULL, NULL,
>           },
>           .msr = {
>               .index = MSR_IA32_ARCH_CAPABILITIES,
> 
> base-commit: a1932d7cd6507d4d9db2044a54731fff3e749bac

Re: [PATCH] target/i386: Export RFDS bit to guests

[Pawan Gupta]

On Tue, Mar 19, 2024 at 12:22:08PM +0800, Xiaoyao Li wrote:
> On 3/13/2024 10:53 PM, Pawan Gupta wrote:
> > Register File Data Sampling (RFDS) is a CPU side-channel vulnerability
> > that may expose stale register value. CPUs that set RFDS_NO bit in MSR
> > IA32_ARCH_CAPABILITIES indicate that they are not vulnerable to RFDS.
> > Similarly, RFDS_CLEAR indicates that CPU is affected by RFDS, and has
> > the microcode to help mitigate RFDS.
> > 
> > Make RFDS_CLEAR and RFDS_NO bits available to guests.
> 
> What's the status of KVM part?

KVM part is already upstreamed and backported:

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.8.1&id=50d33b98b1e23d1cd8743b3cac7a0ae5718b8b00

Re: [PATCH] target/i386: Export RFDS bit to guests

[Xiaoyao Li]

On 3/19/2024 11:08 PM, Pawan Gupta wrote:
> On Tue, Mar 19, 2024 at 12:22:08PM +0800, Xiaoyao Li wrote:
>> On 3/13/2024 10:53 PM, Pawan Gupta wrote:
>>> Register File Data Sampling (RFDS) is a CPU side-channel vulnerability
>>> that may expose stale register value. CPUs that set RFDS_NO bit in MSR
>>> IA32_ARCH_CAPABILITIES indicate that they are not vulnerable to RFDS.
>>> Similarly, RFDS_CLEAR indicates that CPU is affected by RFDS, and has
>>> the microcode to help mitigate RFDS.
>>>
>>> Make RFDS_CLEAR and RFDS_NO bits available to guests.
>>
>> What's the status of KVM part?
> 
> KVM part is already upstreamed and backported:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.8.1&id=50d33b98b1e23d1cd8743b3cac7a0ae5718b8b00

I see. It was not sent to kvm maillist and not merged through KVM tree.

With KVM part in palce,

Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>

Re: [PATCH] target/i386: Export RFDS bit to guests

[Pawan Gupta]

On Wed, Mar 20, 2024 at 08:23:39AM +0800, Xiaoyao Li wrote:
> On 3/19/2024 11:08 PM, Pawan Gupta wrote:
> > On Tue, Mar 19, 2024 at 12:22:08PM +0800, Xiaoyao Li wrote:
> > > On 3/13/2024 10:53 PM, Pawan Gupta wrote:
> > > > Register File Data Sampling (RFDS) is a CPU side-channel vulnerability
> > > > that may expose stale register value. CPUs that set RFDS_NO bit in MSR
> > > > IA32_ARCH_CAPABILITIES indicate that they are not vulnerable to RFDS.
> > > > Similarly, RFDS_CLEAR indicates that CPU is affected by RFDS, and has
> > > > the microcode to help mitigate RFDS.
> > > > 
> > > > Make RFDS_CLEAR and RFDS_NO bits available to guests.
> > > 
> > > What's the status of KVM part?
> > 
> > KVM part is already upstreamed and backported:
> > 
> > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.8.1&id=50d33b98b1e23d1cd8743b3cac7a0ae5718b8b00
> 
> I see. It was not sent to kvm maillist and not merged through KVM tree.
> 
> With KVM part in palce,
> 
> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>

Thanks.

Re: [PATCH] target/i386: Export RFDS bit to guests

[Paolo Bonzini]

Queued, thanks.

Paolo