|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging-4.14] x86/spec-ctrl: Enumeration for IBPB_RET
commit 013a27047ca63834236bfd38ba4d3a8b9d828781
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Jun 14 16:18:36 2022 +0100
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Fri Nov 4 13:23:21 2022 +0000
x86/spec-ctrl: Enumeration for IBPB_RET
The IBPB_RET bit indicates that the CPU's implementation of
MSR_PRED_CMD.IBPB
does flush the RSB/RAS too.
This is part of XSA-422 / CVE-2022-23824.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
(cherry picked from commit 24496558e650535bdbd22cc04731e82276cd1b3f)
---
tools/libxl/libxl_cpuid.c | 1 +
tools/misc/xen-cpuid.c | 1 +
xen/arch/x86/spec_ctrl.c | 5 +++--
xen/include/public/arch-x86/cpufeatureset.h | 1 +
4 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c
index 25576b4d99..1b7626f7d4 100644
--- a/tools/libxl/libxl_cpuid.c
+++ b/tools/libxl/libxl_cpuid.c
@@ -281,6 +281,7 @@ int libxl_cpuid_parse_config(libxl_cpuid_policy_list
*cpuid, const char* str)
{"ssb-no", 0x80000008, NA, CPUID_REG_EBX, 26, 1},
{"psfd", 0x80000008, NA, CPUID_REG_EBX, 28, 1},
{"btc-no", 0x80000008, NA, CPUID_REG_EBX, 29, 1},
+ {"ibpb-ret", 0x80000008, NA, CPUID_REG_EBX, 30, 1},
{"nc", 0x80000008, NA, CPUID_REG_ECX, 0, 8},
{"apicidsize", 0x80000008, NA, CPUID_REG_ECX, 12, 4},
diff --git a/tools/misc/xen-cpuid.c b/tools/misc/xen-cpuid.c
index e5208cfa45..7771da4953 100644
--- a/tools/misc/xen-cpuid.c
+++ b/tools/misc/xen-cpuid.c
@@ -158,6 +158,7 @@ static const char *const str_e8b[32] =
[24] = "amd-ssbd", [25] = "virt-ssbd",
[26] = "ssb-no",
[28] = "psfd", [29] = "btc-no",
+ [30] = "ibpb-ret",
};
static const char *const str_7d0[32] =
diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index 563519ce0e..679fbac57e 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -419,7 +419,7 @@ static void __init print_details(enum ind_thunk thunk,
uint64_t caps)
* Hardware read-only information, stating immunity to certain issues, or
* suggestions of which mitigation to use.
*/
- printk(" Hardware hints:%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
+ printk(" Hardware hints:%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
(caps & ARCH_CAPS_RDCL_NO) ? " RDCL_NO"
: "",
(caps & ARCH_CAPS_IBRS_ALL) ? " IBRS_ALL"
: "",
(caps & ARCH_CAPS_RSBA) ? " RSBA"
: "",
@@ -435,7 +435,8 @@ static void __init print_details(enum ind_thunk thunk,
uint64_t caps)
(e8b & cpufeat_mask(X86_FEATURE_STIBP_ALWAYS)) ? " STIBP_ALWAYS"
: "",
(e8b & cpufeat_mask(X86_FEATURE_IBRS_FAST)) ? " IBRS_FAST"
: "",
(e8b & cpufeat_mask(X86_FEATURE_IBRS_SAME_MODE)) ? "
IBRS_SAME_MODE" : "",
- (e8b & cpufeat_mask(X86_FEATURE_BTC_NO)) ? " BTC_NO"
: "");
+ (e8b & cpufeat_mask(X86_FEATURE_BTC_NO)) ? " BTC_NO"
: "",
+ (e8b & cpufeat_mask(X86_FEATURE_IBPB_RET)) ? " IBPB_RET"
: "");
/* Hardware features which need driving to mitigate issues. */
printk(" Hardware features:%s%s%s%s%s%s%s%s%s%s%s%s\n",
diff --git a/xen/include/public/arch-x86/cpufeatureset.h
b/xen/include/public/arch-x86/cpufeatureset.h
index 746a75200a..e536ab42b3 100644
--- a/xen/include/public/arch-x86/cpufeatureset.h
+++ b/xen/include/public/arch-x86/cpufeatureset.h
@@ -265,6 +265,7 @@ XEN_CPUFEATURE(VIRT_SSBD, 8*32+25) /*
MSR_VIRT_SPEC_CTRL.SSBD */
XEN_CPUFEATURE(SSB_NO, 8*32+26) /*A Hardware not vulnerable to SSB */
XEN_CPUFEATURE(PSFD, 8*32+28) /*S MSR_SPEC_CTRL.PSFD */
XEN_CPUFEATURE(BTC_NO, 8*32+29) /*A Hardware not vulnerable to Branch
Type Confusion */
+XEN_CPUFEATURE(IBPB_RET, 8*32+30) /*A IBPB clears RSB/RAS too. */
/* Intel-defined CPU features, CPUID level 0x00000007:0.edx, word 9 */
XEN_CPUFEATURE(AVX512_4VNNIW, 9*32+ 2) /*A AVX512 Neural Network Instructions
*/
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.14
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |