Xen project Mailing List

Re: [Xen-devel] [PATCH SpectreV1+L1TF v6 4/9] spec: add l1tf-barrier

From: Norbert Manthey <nmanthey@xxxxxxxxx>

Date: Fri, 15 Feb 2019 10:13:25 +0100

Autocrypt: addr=nmanthey@xxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFoJQc0BEADM8Z7hB7AnW6ErbSMsYkKh4HLAPfoM+wt7Fd7axHurcOgFJEBOY2gz0isR /EDiGxYyTgxt5PZHJIfra0OqXRbWuLltbjhJACbu35eaAo8UM4/awgtYx3O1UCbIlvHGsYDg kXjF8bBrVjPu0+g55XizX6ot/YPAgmWTdH8qXoLYVZVWJilKlTqpYEVvarSn/BVgCbIsQIps K93sOTN9eJKDSqHvbkgKl9XG3WsZ703431egIpIZpfN0zZtzumdZONb7LiodcFHJ717vvd89 3Hv2bYv8QLSfYsZcSnyU0NVzbPhb1WtaduwXwNmnX1qHJuExzr8EnRT1pyhVSqouxt+xkKbV QD9r+cWLChumg3g9bDLzyrOTlEfAUNxIqbzSt03CRR43dWgfgGiLDcrqC2b1QR886WDpz4ok xX3fdLaqN492s/3c59qCGNG30ebAj8AbV+v551rsfEba+IWTvvoQnbstc6vKJCc2uG8rom5o eHG/bP1Ug2ht6m/0uWRyFq9C27fpU9+FDhb0ZsT4UwOCbthe35/wBZUg72zDpT/h5lm64G6C 0TRqYRgYcltlP705BJafsymmAXOZ1nTCuXnYAB9G9LzZcKKq5q0rP0kp7KRDbniirCUfp7jK VpPCOUEc3tS1RdCCSeWNuVgzLnJdR8W2h9StuEbb7hW4aFhwRQARAQABtCROb3JiZXJ0IE1h bnRoZXkgPG5tYW50aGV5QGFtYXpvbi5kZT6JAj0EEwEIACcFAloJQc0CGyMFCQlmAYAFCwkI BwIGFQgJCgsCBBYCAwECHgECF4AACgkQZ+8yS8zN62ajmQ/6AlChoY5UlnUaH/jgcabyAfUC XayHgCcpL1SoMKvc2rCA8PF0fza3Ep2Sw0idLqC/LyAYbI6gMYavSZsLcsvY6KYAZKeaEriG 7R6cSdrbmRcKpPjwvv4iY6G0DBTeaqfNjGe1ECY8u522LprDQVquysJIf3YaEyxoK/cLSb0c kjzpqI1P9Vh+8BQb5H9gWpakbhFIwbRGHdAF1roT7tezmEshFS0IURJ2ZFEI+ZgWgtl1MBwN sBt65im7x5gDo25h8A5xC9gLXTc4j3tk+3huaZjUJ9mCbtI12djVtspjNvDyUPQ5Mxw2Jwar C3/ZC+Nkb+VlymmErpnEUZNltcq8gsdYND4TlNbZ2JhD0ibiYFQPkyuCVUiVtimXfh6po9Yt OkE0DIgEngxMYfTTx01Zf6iwrbi49eHd/eQQw3zG5nn+yZsEG8UcP1SCrUma8p93KiKOedoL n43kTg4RscdZMjj4v6JkISBcGTR4uotMYP4M0zwjklnFXPmrZ6/E5huzUpH9B7ZIe/SUu8Ur xww/4dN6rfqbNzMxmya8VGlEQZgUMWcck+cPrRLB09ZOk4zq9i/yaHDEZA1HNOfQ9UCevXV5 7seXSX7PCY6WDAdsT3+FuaoQ7UoWN3rdpb+064QKZ0FsHeGzUd7MZtlgU4EKrh25mTSNZYRs nTz2zT/J33e5Ag0EWglBzQEQAKioD1gSELj3Y47NE11oPkzWWdxKZdVr8B8VMu6nVAAGFRSf Dms4ZmwGY27skMmOH2srnZyTfm9FaTKr8RI+71Fh9nfB9PMmwzA7OIY9nD73/HqPywzTTleG MlALmnuY6xFRSDmqmvxDHgWyzB4TgPWt8+hW3+TJKCx2RgLAdSuULZla4lia+NlS8WNRUDGK sFJCCB3BW5I/cocfpBEUqLbbmnPuD9UKpEnFcYWD9YaDNcBTjSc7iDsvtpdrBXg5VETOz/TQ /CmVs9h/5zug8O4bXxHEEJpCAxs4cGKxowBqx/XJfkwdWeo/LdaeR+LRbXvq4A32HSkyj9sV vygwt2OFEk493JGik8qtAA/oPvuqVPJGacxmZ7zKR12c0mnKCHiexFJzFbC7MSiUhhe8nNiM p6Sl6EZmsTUXhV2bd2M12Bqcss3TTJ1AcW04T4HYHVCSxwl0dVfcf3TIaH0BSPiwFxz0FjMk 10umoRvUhYYoYpPFCz8dujXBlfB8q2tnHltEfoi/EIptt1BMNzTYkHKArj8Fwjf6K+nQ3a8p 1cWfkYpA5bRqbhbplzpa0u1Ex0hZk6pka0qcVgqmH31O2OcSsqeKfUfHkzj3Q6dmuwm1je/f HWH9N1gDPEp1RB5bIxPnOG1Z4SNl9oVQJhc4qoJiqbvkciivYcH7u2CBkboFABEBAAGJAiUE GAEIAA8FAloJQc0CGwwFCQlmAYAACgkQZ+8yS8zN62YU9Q//WTnN28aBX1EhDidVho80Ql2b tV1cDRh/vWTcM4qoM8vzW4+F/Ive6wDVAJ7zwAv8F8WPzy+acxtHLkyYk14M6VZ1eSy0kV0+ RZQdQ+nPtlb1MoDKw2N5zhvs8A+WD8xjDIA9i21hQ/BNILUBINuYKyR19448/41szmYIEhuJ R2fHoLzNdXNKWQnN3/NPTuvpjcrkXKJm2k32qfiys9KBcZX8/GpuMCc9hMuymzOr+YlXo4z4 1xarEJoPOQOXnrmxN4Y30/qmf70KHLZ0GQccIm/o/XSOvNGluaYv0ZVJXHoCnYvTbi0eYvz5 OfOcndqLOfboq9kVHC6Yye1DLNGjIVoShJGSsphxOx2ryGjHwhzqDrLiRkV82gh6dUHKxBWd DXfirT8a4Gz/tY9PMxan67aSxQ5ONpXe7g7FrfrAMe91XRTf50G3rHb8+AqZfxZJFrBn+06i p1cthq7rJSlYCqna2FedTUT+tK1hU9O0aK4ZYYcRzuTRxjd4gKAWDzJ1F/MQ12ftrfCAvs7U sVbXv2TndGIleMnheYv1pIrXEm0+sdz5v91l2/TmvkyyWT8s2ksuZis9luh+OubeLxHq090C hfavI9WxhitfYVsfo2kr3EotGG1MnW+cOkCIX68w+3ZS4nixZyJ/TBa7RcTDNr+gjbiGMtd9 pEddsOqYwOs=

Cc: Juergen Gross <jgross@xxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Martin Pohlack <mpohlack@xxxxxxxxx>, wipawel@xxxxxxxxx, Julien Grall <julien.grall@xxxxxxx>, David Woodhouse <dwmw@xxxxxxxxxxxx>, "Martin Mazein\(amazein\)" <amazein@xxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julian Stecklina <jsteckli@xxxxxxxxx>, Bjoern Doebel <doebel@xxxxxxxxx>

Delivery-date: Fri, 15 Feb 2019 09:14:02 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Openpgp: preference=signencrypt

On 2/12/19 14:44, Jan Beulich wrote: >>>> On 08.02.19 at 14:44, <nmanthey@xxxxxxxxx> wrote: >> To control the runtime behavior on L1TF vulnerable platforms better, the >> command line option l1tf-barrier is introduced. This option controls >> whether on vulnerable x86 platforms the lfence instruction is used to >> prevent speculative execution from bypassing the evaluation of >> conditionals that are protected with the evaluate_nospec macro. >> >> By now, Xen is capable of identifying L1TF vulnerable hardware. However, >> this information cannot be used for alternative patching, as a CPU feature >> is required. To control alternative patching with the command line option, >> a new x86 feature "X86_FEATURE_SC_L1TF_VULN" is introduced. This feature >> is used to patch the lfence instruction into the arch_barrier_nospec_true >> function. The feature is enabled only if L1TF vulnerable hardware is >> detected and the command line option does not prevent using this feature. >> >> The status of hyperthreading is not considered when automatically enabling >> adding the lfence instruction, because platforms without hyperthreading >> can still be vulnerable to L1TF in case the L1 cache is not flushed >> properly. >> >> Signed-off-by: Norbert Manthey <nmanthey@xxxxxxxxx> >> >> --- >> >> Notes: >> v6: Move disabling l1tf-barrier into spec-ctrl=no >> Use gap in existing flags >> Force barrier based on commandline, independently of L1TF detection >> >> docs/misc/xen-command-line.pandoc | 14 ++++++++++---- >> xen/arch/x86/spec_ctrl.c | 17 +++++++++++++++-- >> xen/include/asm-x86/cpufeatures.h | 1 + >> xen/include/asm-x86/spec_ctrl.h | 1 + >> 4 files changed, 27 insertions(+), 6 deletions(-) >> >> diff --git a/docs/misc/xen-command-line.pandoc >> b/docs/misc/xen-command-line.pandoc >> --- a/docs/misc/xen-command-line.pandoc >> +++ b/docs/misc/xen-command-line.pandoc >> @@ -483,9 +483,9 @@ accounting for hardware capabilities as enumerated via >> CPUID. >> >> Currently accepted: >> >> -The Speculation Control hardware features `ibrsb`, `stibp`, `ibpb`, >> -`l1d-flush` and `ssbd` are used by default if available and applicable. >> They >> can >> -be ignored, e.g. `no-ibrsb`, at which point Xen won't use them itself, and >> +The Speculation Control hardware features `ibrsb`, `stibp`, `ibpb`, >> `l1d-flush`, >> +`l1tf-barrier` and `ssbd` are used by default if available and applicable. >> They >> +can be ignored, e.g. `no-ibrsb`, at which point Xen won't use them itself, >> and >> won't offer them to guests. >> >> ### cpuid_mask_cpu >> @@ -1896,7 +1896,7 @@ By default SSBD will be mitigated at runtime (i.e >> `ssbd=runtime`). >> ### spec-ctrl (x86) >> > `= List of [ <bool>, xen=<bool>, {pv,hvm,msr-sc,rsb}=<bool>, >> > bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd,eager-fpu, >> -> l1d-flush}=<bool> ]` >> +> l1d-flush,l1tf-barrier}=<bool> ]` >> >> Controls for speculative execution sidechannel mitigations. By default, >> Xen >> will pick the most appropriate mitigations based on compiled in support, >> @@ -1962,6 +1962,12 @@ Irrespective of Xen's setting, the feature is >> virtualised for HVM guests to >> use. By default, Xen will enable this mitigation on hardware believed to >> be >> vulnerable to L1TF. >> >> +On hardware vulnerable to L1TF, the `l1tf-barrier=` option can be used to >> force >> +or prevent Xen from protecting evaluations inside the hypervisor with a >> barrier >> +instruction to not load potentially secret information into L1 cache. By >> +default, Xen will enable this mitigation on hardware believed to be >> vulnerable >> +to L1TF. >> + >> ### sync_console >> > `= <boolean>` >> >> diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c >> --- a/xen/arch/x86/spec_ctrl.c >> +++ b/xen/arch/x86/spec_ctrl.c >> @@ -21,6 +21,7 @@ >> #include <xen/lib.h> >> #include <xen/warning.h> >> >> +#include <asm/cpuid.h> >> #include <asm/microcode.h> >> #include <asm/msr.h> >> #include <asm/processor.h> >> @@ -50,6 +51,7 @@ bool __read_mostly opt_ibpb = true; >> bool __read_mostly opt_ssbd = false; >> int8_t __read_mostly opt_eager_fpu = -1; >> int8_t __read_mostly opt_l1d_flush = -1; >> +int8_t __read_mostly opt_l1tf_barrier = -1; >> >> bool __initdata bsp_delay_spec_ctrl; >> uint8_t __read_mostly default_xen_spec_ctrl; >> @@ -91,6 +93,8 @@ static int __init parse_spec_ctrl(const char *s) >> if ( opt_pv_l1tf_domu < 0 ) >> opt_pv_l1tf_domu = 0; >> >> + opt_l1tf_barrier = 0; >> + >> disable_common: >> opt_rsb_pv = false; >> opt_rsb_hvm = false; >> @@ -157,6 +161,8 @@ static int __init parse_spec_ctrl(const char *s) >> opt_eager_fpu = val; >> else if ( (val = parse_boolean("l1d-flush", s, ss)) >= 0 ) >> opt_l1d_flush = val; >> + else if ( (val = parse_boolean("l1tf-barrier", s, ss)) >= 0 ) >> + opt_l1tf_barrier = val; >> else >> rc = -EINVAL; >> >> @@ -248,7 +254,7 @@ static void __init print_details(enum ind_thunk thunk, >> uint64_t caps) >> "\n"); >> >> /* Settings for Xen's protection, irrespective of guests. */ >> - printk(" Xen settings: BTI-Thunk %s, SPEC_CTRL: %s%s, Other:%s%s\n", >> + printk(" Xen settings: BTI-Thunk %s, SPEC_CTRL: %s%s, Other:%s%s%s\n", >> thunk == THUNK_NONE ? "N/A" : >> thunk == THUNK_RETPOLINE ? "RETPOLINE" : >> thunk == THUNK_LFENCE ? "LFENCE" : >> @@ -258,7 +264,8 @@ static void __init print_details(enum ind_thunk thunk, >> uint64_t caps) >> !boot_cpu_has(X86_FEATURE_SSBD) ? "" : >> (default_xen_spec_ctrl & SPEC_CTRL_SSBD) ? " SSBD+" : " SSBD-", >> opt_ibpb ? " IBPB" : "", >> - opt_l1d_flush ? " L1D_FLUSH" : ""); >> + opt_l1d_flush ? " L1D_FLUSH" : "", >> + opt_l1tf_barrier ? " L1TF_BARRIER" : >> ""); >> >> /* L1TF diagnostics, printed if vulnerable or PV shadowing is in use. >> */ >> if ( cpu_has_bug_l1tf || opt_pv_l1tf_hwdom || opt_pv_l1tf_domu ) >> @@ -842,6 +849,12 @@ void __init init_speculation_mitigations(void) >> else if ( opt_l1d_flush == -1 ) >> opt_l1d_flush = cpu_has_bug_l1tf && !(caps & ARCH_CAPS_SKIP_L1DFL); >> >> + /* By default, enable L1TF_VULN on L1TF-vulnerable hardware */ >> + if ( opt_l1tf_barrier == -1 ) >> + opt_l1tf_barrier = cpu_has_bug_l1tf; >> + if ( opt_l1tf_barrier > 0) >> + setup_force_cpu_cap(X86_FEATURE_SC_L1TF_VULN); > Did we end with a misunderstanding in the v5 discussion? I didn't > answer your question regarding whether to also consider L1D > flush availability (on top of my request to consider SMT) with a > straight "yes", but I think it was still clear that my more extensive > response boiled down to a "yes". Oh, I see now - the same topic > was discussed in two places, and for the second I then said that > with the "for now" aspect properly stated (which you now do) > I'd be fine. > > So let me put it this way: Is taking into consideration at least > opt_smt and opt_l1d_flush (but putting on the side the "too > early" aspect of the determination here) very difficult to do, > or would that leave un-addressed concerns of yours? If not, > may I ask that you go at least that little step further? As said > before - we'd like to avoid penalizing configurations as well as > setups which aren't affected. In particular it would seem > pretty bad of us to further penalize people who have set > "smt=0" and who use up-to-date microcode. I understand that smt=0 should not be penalized. However, only if flushing is used as well, smt=0 is actually safe. I will extend the logic to set the CPU flag automatically in case L1TF hardware has been detected, and smt!=0 or !L1D-flush, i.e. opt_l1tf_barrier = cpu_has_bug_l1tf && (opt_smt != 0 || opt_l1d_flush == 0); > > Also in the second if() there's yet again a missing blank. Will fix. Best, Norbert > > Jan > Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrer: Christian Schlaeger, Ralf Herbrich Ust-ID: DE 289 237 879 Eingetragen am Amtsgericht Charlottenburg HRB 149173 B _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.