[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen staging-4.6] x86/spec-ctrl: Introduce an option to control L1D_FLUSH for HVM HAP guests



commit 4b12b44b21a9d724beaff3330bfd2db57640e416
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue May 29 18:44:16 2018 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Aug 14 17:39:57 2018 +0100

    x86/spec-ctrl: Introduce an option to control L1D_FLUSH for HVM HAP guests
    
    This mitigation requires up-to-date microcode, and is enabled by default on
    affected hardware if available, and is used for HVM guests
    
    The default for SMT/Hyperthreading is far more complicated to reason about,
    not least because we don't know if the user is going to want to run any HVM
    guests to begin with.  If a explicit default isn't given, nag the user to
    perform a risk assessment and choose an explicit default, and leave other
    configuration to the toolstack.
    
    This is part of XSA-273 / CVE-2018-3620.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    (cherry picked from commit 3bd36952dab60290f33d6791070b57920e10754b)
---
 docs/misc/xen-command-line.markdown |  9 ++++++++-
 xen/arch/x86/hvm/vmx/vmcs.c         |  5 +++++
 xen/arch/x86/spec_ctrl.c            | 40 +++++++++++++++++++++++++++++++++++--
 xen/include/asm-x86/hvm/vmx/vmcs.h  | 13 ++++++++++++
 xen/include/asm-x86/spec_ctrl.h     |  1 +
 5 files changed, 65 insertions(+), 3 deletions(-)

diff --git a/docs/misc/xen-command-line.markdown 
b/docs/misc/xen-command-line.markdown
index 4b6532e99b..ff80b2c85a 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -1466,7 +1466,8 @@ false disable the quirk workaround, which is also the 
default.
 
 ### spec-ctrl (x86)
 > `= List of [ <bool>, xen=<bool>, {pv,hvm,msr-sc,rsb}=<bool>,
->              bti-thunk=retpoline|lfence|jmp, 
{ibrs,ibpb,ssbd,eager-fpu}=<bool> ]`
+>              bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd,eager-fpu,
+>              l1d-flush}=<bool> ]`
 
 Controls for speculative execution sidechannel mitigations.  By default, Xen
 will pick the most appropriate mitigations based on compiled in support,
@@ -1521,6 +1522,12 @@ from using fully eager FPU context switches.  This is 
currently implemented as
 a global control.  By default, Xen will choose to use fully eager context
 switches on hardware believed to speculate past #NM exceptions.
 
+On hardware supporting L1D_FLUSH, the `l1d-flush=` option can be used to force
+or prevent Xen from issuing an L1 data cache flush on each VMEntry.
+Irrespective of Xen's setting, the feature is virtualised for HVM guests to
+use.  By default, Xen will enable this mitigation on hardware believed to be
+vulnerable to L1TF.
+
 ### sync\_console
 > `= <boolean>`
 
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index e99c0a54a2..3d88145274 100644
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -38,6 +38,7 @@
 #include <asm/hvm/vmx/vmcs.h>
 #include <asm/flushtlb.h>
 #include <asm/shadow.h>
+#include <asm/spec_ctrl.h>
 #include <asm/tboot.h>
 
 static bool_t __read_mostly opt_vpid_enabled = 1;
@@ -1281,6 +1282,10 @@ static int construct_vmcs(struct vcpu *v)
         vmx_vlapic_msr_changed(v);
     }
 
+    if ( opt_l1d_flush && paging_mode_hap(d) )
+        rc = vmx_add_msr(v, MSR_FLUSH_CMD, VMX_MSR_GUEST_LOADONLY)
+             ?: vmx_write_guest_loadonly_msr(v, MSR_FLUSH_CMD, FLUSH_CMD_L1D);
+
  out:
     vmx_vmcs_exit(v);
 
diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index 5b839022b1..2040776e85 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -23,6 +23,7 @@
 #include <asm/microcode.h>
 #include <asm/msr.h>
 #include <asm/processor.h>
+#include <asm/setup.h>
 #include <asm/spec_ctrl.h>
 #include <asm/spec_ctrl_asm.h>
 
@@ -45,6 +46,7 @@ static int8_t __initdata opt_ibrs = -1;
 bool_t __read_mostly opt_ibpb = 1;
 bool_t __read_mostly opt_ssbd = 0;
 int8_t __read_mostly opt_eager_fpu = -1;
+int8_t __read_mostly opt_l1d_flush = -1;
 
 bool_t __initdata bsp_delay_spec_ctrl;
 uint8_t __read_mostly default_xen_spec_ctrl;
@@ -122,6 +124,7 @@ static int __init parse_spec_ctrl(char *s)
             opt_ibrs = 0;
             opt_ibpb = 0;
             opt_ssbd = 0;
+            opt_l1d_flush = 0;
         }
         else if ( val > 0 )
             rc = -EINVAL;
@@ -177,6 +180,8 @@ static int __init parse_spec_ctrl(char *s)
             opt_ssbd = val;
         else if ( (val = parse_boolean("eager-fpu", s, ss)) >= 0 )
             opt_eager_fpu = val;
+        else if ( (val = parse_boolean("l1d-flush", s, ss)) >= 0 )
+            opt_l1d_flush = val;
         else
             rc = -EINVAL;
 
@@ -274,7 +279,7 @@ static void __init print_details(enum ind_thunk thunk, 
uint64_t caps)
 #endif
 
     /* Settings for Xen's protection, irrespective of guests. */
-    printk("  Xen settings: BTI-Thunk %s, SPEC_CTRL: %s%s, Other:%s\n",
+    printk("  Xen settings: BTI-Thunk %s, SPEC_CTRL: %s%s, Other:%s%s\n",
            thunk == THUNK_NONE      ? "N/A" :
            thunk == THUNK_RETPOLINE ? "RETPOLINE" :
            thunk == THUNK_LFENCE    ? "LFENCE" :
@@ -283,7 +288,8 @@ static void __init print_details(enum ind_thunk thunk, 
uint64_t caps)
            (default_xen_spec_ctrl & SPEC_CTRL_IBRS)  ? "IBRS+" :  "IBRS-",
            !boot_cpu_has(X86_FEATURE_SSBD)           ? "" :
            (default_xen_spec_ctrl & SPEC_CTRL_SSBD)  ? " SSBD+" : " SSBD-",
-           opt_ibpb                                  ? " IBPB"  : "");
+           opt_ibpb                                  ? " IBPB"  : "",
+           opt_l1d_flush                             ? " L1D_FLUSH" : "");
 
     /* L1TF diagnostics, printed if vulnerable or PV shadowing is in use. */
     if ( cpu_has_bug_l1tf || opt_pv_l1tf )
@@ -855,6 +861,36 @@ void __init init_speculation_mitigations(void)
             opt_pv_l1tf = OPT_PV_L1TF_DOMU;
     }
 
+    /*
+     * By default, enable L1D_FLUSH on L1TF-vulnerable hardware, unless
+     * instructed to skip the flush on vmentry by our outer hypervisor.
+     */
+    if ( !boot_cpu_has(X86_FEATURE_L1D_FLUSH) )
+        opt_l1d_flush = 0;
+    else if ( opt_l1d_flush == -1 )
+        opt_l1d_flush = cpu_has_bug_l1tf && !(caps & ARCH_CAPS_SKIP_L1DFL);
+
+    /*
+     * We do not disable HT by default on affected hardware.
+     *
+     * Firstly, if the user intends to use exclusively PV, or HVM shadow
+     * guests, HT isn't a concern and should remain fully enabled.  Secondly,
+     * safety for HVM HAP guests can be arranged by the toolstack with core
+     * parking, pinning or cpupool configurations, including mixed setups.
+     *
+     * However, if we are on affected hardware, with HT enabled, and the user
+     * hasn't explicitly chosen whether to use HT or not, nag them to do so.
+     */
+    if ( opt_smt == -1 && cpu_has_bug_l1tf &&
+         boot_cpu_data.x86_num_siblings > 1 )
+    {
+        printk("******************************************************\n");
+        printk("Booted on L1TF-vulnerable hardware with SMT/Hyperthreading\n");
+        printk("enabled.  Please assess your configuration and choose an\n");
+        printk("explicit 'smt=<bool>' setting.  See XSA-273.\n");
+        printk("******************************************************\n");
+    }
+
     print_details(thunk, caps);
 
     /*
diff --git a/xen/include/asm-x86/hvm/vmx/vmcs.h 
b/xen/include/asm-x86/hvm/vmx/vmcs.h
index 8aefe89f20..76549e811d 100644
--- a/xen/include/asm-x86/hvm/vmx/vmcs.h
+++ b/xen/include/asm-x86/hvm/vmx/vmcs.h
@@ -554,6 +554,19 @@ static inline int vmx_write_guest_msr(struct vcpu *v, 
uint32_t msr,
     return 0;
 }
 
+static inline int vmx_write_guest_loadonly_msr(struct vcpu *v, uint32_t msr,
+                                               uint64_t val)
+{
+    struct vmx_msr_entry *ent = vmx_find_msr(v, msr, VMX_MSR_GUEST_LOADONLY);
+
+    if ( !ent )
+        return -ESRCH;
+
+    ent->data = val;
+
+    return 0;
+}
+
 void vmx_disable_intercept_for_msr(struct vcpu *v, u32 msr, int type);
 void vmx_enable_intercept_for_msr(struct vcpu *v, u32 msr, int type);
 void vmx_vmcs_switch(struct vmcs_struct *from, struct vmcs_struct *to);
diff --git a/xen/include/asm-x86/spec_ctrl.h b/xen/include/asm-x86/spec_ctrl.h
index 4d21e434e4..ee7f18d52d 100644
--- a/xen/include/asm-x86/spec_ctrl.h
+++ b/xen/include/asm-x86/spec_ctrl.h
@@ -29,6 +29,7 @@ void init_speculation_mitigations(void);
 extern bool_t opt_ibpb;
 extern bool_t opt_ssbd;
 extern int8_t opt_eager_fpu;
+extern int8_t opt_l1d_flush;
 
 extern bool_t bsp_delay_spec_ctrl;
 extern uint8_t default_xen_spec_ctrl;
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.6

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.