[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] x86/SVM: restrict hardware SSBD update upon guest VIRT_SPEC_CTRL write

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 8 Dec 2022 12:24:54 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9Fjreq8M49cgfRSguLDlB8os5Le7I82LY33Pfvxzqu4=; b=bKuUNZatmZEMAGZQjStFEbM0rhIxyogcgibXsPbCHKpyIqDtcKSngydVI5hz8aecIgh2MWbYxFHI5WExMqFfB+QTbTg4U8mg37wLte0O7IYvWbsXEnl3m4FJR8oZtiuByEWT2604VmxELqOg+Qu6SyZyyksAakIjQB699JOn3bO3GTh/kPAQMqUbWBhR6CsMARpwqBhUQxZsuG1wdLR0oDTUe2ded6pUsEn72OrVaxXy9Xtbd5YWwO+W9F3N7UHUTBhYBHeX/3olNFHoZtygwOnuk0KeO88XIHNu9LZP1UZJT8bvG8pxwl//+bdW7GHCqJa0qOY+qkJwR1/p1KjkMg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KfEvJxxvojO48+hClQQdu3DFqnRLS1TMlgW9hHwqMNvhbrClCHXu1cfuvLByLNIYsUK6vxI5l2wAoLoFZBTmbYFl32wHo5K02dl9M4olDfl3NLR1MIWzvXsjUXrwlb91+oEnP1U0y+SiGTVa69ptGjKrQZSx1fH7XlaP5HWNtHeY/4Smph7Id3v81UG9FzvfAkntqBXx62BsZ6TB82b/a7Jacrm8DQaptACSHci0ljzlUsibSElmX9KXMb6ocTJapgW8Du5IwymXnJJxdQoejFjASekB4XZ+qJR1kencjiimEwtrAAuDEqxsRTtPbKtx4wxpap2ZQ/mYWz+hK59hLw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Thu, 08 Dec 2022 11:25:18 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
core_set_legacy_ssbd() counts the number of times SSBD is being enabled
via LS_CFG on a core. This assumes that calls there only occur if the
state actually changes. While svm_ctxt_switch_{to,from}() conform to
this, guest_wrmsr() doesn't: It also calls the function when the bit
doesn't actually change. Extend the conditional there accordingly.

Fixes: b2030e6730a2 ("amd/virt_ssbd: set SSBD at vCPU context switch")
Reported-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
This is the less intrusive but more fragile variant of a fix. The
alternative would be to have core_set_legacy_ssbd() record per-thread
state, such that the necessary checking can be done there.

This wants properly testing on affected hardware. From Andrew's
description it's also not clear whether this really is addressing that
problem, or yet another one in this same area.

--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -699,12 +699,16 @@ int guest_wrmsr(struct vcpu *v, uint32_t
         }
         else
         {
+            uint64_t orig = msrs->virt_spec_ctrl.raw;
+
             msrs->virt_spec_ctrl.raw = val & SPEC_CTRL_SSBD;
-            if ( v == curr )
-                /*
-                 * Propagate the value to hardware, as it won't be set on guest
-                 * resume path.
-                 */
+            if ( v == curr &&
+                 /*
+                  * Propagate the value to hardware, as it won't be set on 
guest
+                  * resume path. But only do so if the bit actually changed, to
+                  * avoid issues with core_set_legacy_ssbd()'s refcounting.
+                  */
+                 ((val ^ orig) & SPEC_CTRL_SSBD) )
                 amd_set_legacy_ssbd(val & SPEC_CTRL_SSBD);
         }
         break;

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.