[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v2] x86/SVM: restrict hardware SSBD update upon guest VIRT_SPEC_CTRL write

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 15 Dec 2022 09:20:21 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wb5l1KXUiBOGjR+uZCpnTrAK3ThRH8BMlU5i4PVgkJA=; b=c/DyhXv8bI/xNlSdmDT6dVps0mwzxtQ6Lo5ljDAJcZCUlRrWpp7yNfUL6XQmigKHwH1HasjH+URq1/K7HKI3WcnjMsolIhog5poOJkj0/cEKxeHVL+J91J+axUXSjpPkET+71tPMd2/PX/AzCIjFGzqtqsnBNCoAqPa0v3mtCVY99NGhNO+V7hjdsJjjWYLlCvcMNs9TMFipl385kaywMUaTT9ABfNh8xG2oWuNP8xUMd5739j/49EWod+l54inFEdT1pHNX/3pTcfCP7bcGVEOUGz3caacoNF6o+u8S8Bc6lQFk9B4giHQDscWc/Hi0niMZ9rp6LMGpv72jNV67Kw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CIsjrOkCdIzdMBKpgkUyeahcsl04XTWsYLUGKzyQ8RUBgTTnLSNccNu2OBKIXCb0PHMqlnkJ8sAWys0ruI7rDcOmY0Ax7NbTYbTvJ9h+lYNTF/f2pUrNLvBw/x5xKhJNWql37oWnKhpNRN+hQhI4qesLI3qOZ41MKT0da9Kxo+JMclivafJrlyT4B3EynFqJjBNDzLp5PXEEjopXtbNQGYij4PWzFX8xtnALkBG/ou4BZs1+l92rtLz9af7tmcywUIKE4Gd5gp9nn5CyWDekgyD3u8ltcnXntDd7xib3Lprz2r6MgJ++uOWPIBf7Z2faYXAP44Aq8DIRtKS1x5Ng7g==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Thu, 15 Dec 2022 08:20:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
core_set_legacy_ssbd() counts the number of times SSBD is being enabled
via LS_CFG on a core. This assumes that calls there only occur if the
state actually changes. While svm_ctxt_switch_{to,from}() conform to
this, guest_wrmsr() doesn't: It also calls the function when the bit
doesn't actually change. Make core_set_legacy_ssbd() track per-thread
enabled state by converting the "count" field to a bitmap, thus allowing
to skip redundant enable/disable requests, constraining
amd_setup_legacy_ssbd() accordingly.

Fixes: b2030e6730a2 ("amd/virt_ssbd: set SSBD at vCPU context switch")
Reported-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
This wants properly testing on affected hardware. From Andrew's
description it's also not clear whether this really is addressing that
problem, or yet another one in this same area.
---
v2: Change core_set_legacy_ssbd() itself rather than the problematic
    caller.

--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -744,7 +744,7 @@ void amd_init_ssbd(const struct cpuinfo_
 
 static struct ssbd_ls_cfg {
     spinlock_t lock;
-    unsigned int count;
+    unsigned long enabled;
 } __cacheline_aligned *ssbd_ls_cfg;
 static unsigned int __ro_after_init ssbd_max_cores;
 #define AMD_FAM17H_MAX_SOCKETS 2
@@ -757,6 +757,11 @@ bool __init amd_setup_legacy_ssbd(void)
            boot_cpu_data.x86_num_siblings <= 1 || opt_ssbd)
                return true;
 
+       if (boot_cpu_data.x86_num_siblings > BITS_PER_LONG ||
+           (boot_cpu_data.x86_num_siblings &
+            (boot_cpu_data.x86_num_siblings - 1)))
+               return false;
+
        /*
         * One could be forgiven for thinking that c->x86_max_cores is the
         * correct value to use here.
@@ -800,10 +805,12 @@ static void core_set_legacy_ssbd(bool en
                              c->cpu_core_id];
 
        spin_lock_irqsave(&status->lock, flags);
-       status->count += enable ? 1 : -1;
-       ASSERT(status->count <= c->x86_num_siblings);
-       if (enable ? status->count == 1 : !status->count)
+       if (!enable)
+               __clear_bit(c->apicid & (c->x86_num_siblings - 1), 
&status->enabled);
+       if (!status->enabled)
                BUG_ON(!set_legacy_ssbd(c, enable));
+       if (enable)
+               __set_bit(c->apicid & (c->x86_num_siblings - 1), 
&status->enabled);
        spin_unlock_irqrestore(&status->lock, flags);
 }

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.