[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen stable-4.17] x86/cpu-policy: Hide CLWB by default on SKX/CLX/CPX

commit bbf22355951dab5a66ac400b03cb9c88d2dc859f
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Mon Feb 27 15:36:49 2023 +0000
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Aug 8 16:02:17 2023 +0100

    x86/cpu-policy: Hide CLWB by default on SKX/CLX/CPX
    
    The August 2023 microcode for GDS has an impact on the CLWB instruction.  
See
    code comments for full details.
    
    This is part of XSA-435 / CVE-2022-40982
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    (cherry picked from commit 2dd06b4ea10891750af38e4a0e1efaeb0a9b3518)
---
 xen/arch/x86/cpu-policy.c                   | 25 +++++++++++++++++++++++++
 xen/arch/x86/cpu/intel.c                    | 14 ++++++++++++++
 xen/include/public/arch-x86/cpufeatureset.h |  2 +-
 3 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/cpu-policy.c b/xen/arch/x86/cpu-policy.c
index db926a1c66..f0f2c8a1c0 100644
--- a/xen/arch/x86/cpu-policy.c
+++ b/xen/arch/x86/cpu-policy.c
@@ -434,6 +434,18 @@ static void __init 
guest_common_max_feature_adjustments(uint32_t *fs)
         __set_bit(X86_FEATURE_ARCH_CAPS, fs);
         __set_bit(X86_FEATURE_RSBA, fs);
         __set_bit(X86_FEATURE_RRSBA, fs);
+
+        /*
+         * The Gather Data Sampling microcode mitigation (August 2023) has an
+         * adverse performance impact on the CLWB instruction on SKX/CLX/CPX.
+         *
+         * We hid CLWB in the host policy to stop Xen using it, but VMs which
+         * have previously seen the CLWB feature can safely run on this CPU.
+         */
+        if ( boot_cpu_data.x86 == 6 &&
+             boot_cpu_data.x86_model == INTEL_FAM6_SKYLAKE_X &&
+             raw_cpu_policy.feat.clwb )
+            __set_bit(X86_FEATURE_CLWB, fs);
     }
 }
 
@@ -456,6 +468,19 @@ static void __init 
guest_common_default_feature_adjustments(uint32_t *fs)
              boot_cpu_data.x86_model == INTEL_FAM6_IVYBRIDGE &&
              cpu_has_rdrand && !is_forced_cpu_cap(X86_FEATURE_RDRAND) )
             __clear_bit(X86_FEATURE_RDRAND, fs);
+
+        /*
+         * The Gather Data Sampling microcode mitigation (August 2023) has an
+         * adverse performance impact on the CLWB instruction on SKX/CLX/CPX.
+         *
+         * We hid CLWB in the host policy to stop Xen using it, but re-added
+         * it to the max policy to let VMs migrate in.  Re-hide it in the
+         * default policy to disuade VMs from using it in the common case.
+         */
+        if ( boot_cpu_data.x86 == 6 &&
+             boot_cpu_data.x86_model == INTEL_FAM6_SKYLAKE_X &&
+             raw_cpu_policy.feat.clwb )
+            __clear_bit(X86_FEATURE_CLWB, fs);
     }
 
     /*
diff --git a/xen/arch/x86/cpu/intel.c b/xen/arch/x86/cpu/intel.c
index dc6a0c7807..b40ac696e6 100644
--- a/xen/arch/x86/cpu/intel.c
+++ b/xen/arch/x86/cpu/intel.c
@@ -3,6 +3,8 @@
 #include <xen/string.h>
 #include <xen/bitops.h>
 #include <xen/smp.h>
+
+#include <asm/intel-family.h>
 #include <asm/processor.h>
 #include <asm/msr.h>
 #include <asm/uaccess.h>
@@ -556,6 +558,18 @@ static void cf_check init_intel(struct cpuinfo_x86 *c)
        if ((opt_cpu_info && !(c->apicid & (c->x86_num_siblings - 1))) ||
            c == &boot_cpu_data )
                intel_log_freq(c);
+
+       /*
+        * The Gather Data Sampling microcode mitigation (August 2023) has an
+        * adverse performance impact on the CLWB instruction on SKX/CLX/CPX.
+        *
+        * On this model, CLWB has equivalent behaviour to CLFLUSHOPT but the
+        * latter is not impacted.  Hide CLWB to cause Xen to fall back to
+        * using CLFLUSHOPT instead.
+        */
+       if (c == &boot_cpu_data &&
+           c->x86 == 6 && c->x86_model == INTEL_FAM6_SKYLAKE_X)
+               setup_clear_cpu_cap(X86_FEATURE_CLWB);
 }
 
 const struct cpu_dev intel_cpu_dev = {
diff --git a/xen/include/public/arch-x86/cpufeatureset.h 
b/xen/include/public/arch-x86/cpufeatureset.h
index 03b694589a..2fc8158024 100644
--- a/xen/include/public/arch-x86/cpufeatureset.h
+++ b/xen/include/public/arch-x86/cpufeatureset.h
@@ -199,7 +199,7 @@ XEN_CPUFEATURE(ADX,           5*32+19) /*A  ADCX, ADOX 
instructions */
 XEN_CPUFEATURE(SMAP,          5*32+20) /*S  Supervisor Mode Access Prevention 
*/
 XEN_CPUFEATURE(AVX512_IFMA,   5*32+21) /*A  AVX-512 Integer Fused Multiply Add 
*/
 XEN_CPUFEATURE(CLFLUSHOPT,    5*32+23) /*A  CLFLUSHOPT instruction */
-XEN_CPUFEATURE(CLWB,          5*32+24) /*A  CLWB instruction */
+XEN_CPUFEATURE(CLWB,          5*32+24) /*!A CLWB instruction */
 XEN_CPUFEATURE(PROC_TRACE,    5*32+25) /*   Processor Trace */
 XEN_CPUFEATURE(AVX512PF,      5*32+26) /*A  AVX-512 Prefetch Instructions */
 XEN_CPUFEATURE(AVX512ER,      5*32+27) /*A  AVX-512 Exponent & Reciprocal 
Instrs */
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.17

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.