Xen project Mailing List

Re: [PATCH v2 3/3] x86/cpu-policy: Derive RSBA/RRSBA for guest policies

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 2 Jun 2023 12:20:19 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RBsFjGD3+jKSEeftv2gzESuerJ44HzCH2QPGO/EjaQQ=; b=SxsszsmdqogC76s/xfnSNNlKSTnLfOUZBoDhYKUyJr+e8XQ/qVtqH6+alVbdVuoszsGcnkPa2uVOZabhN+QzmcWqZgzCdQf6slenkgThxiVJs02MrOu9p2tTOiALclcWtaNMpx7q44j+WBN4h8fvv+WLXqk7tMu+jSVUVts2R8GCIMFJ9vEGDMvawiyXLDeM712lFT9fY8VSM3HWI7pgIGVNQONtELZJkehW+w3v3ZRr8Y6tEWlr1hWv2b9PdUC6e8vOMyrG0+eYzUuEyRCxVy0/+Do7f0YyDqd0KtjK5GF+tLxdH0LLgLhgxUocYQ5RMTrKdEMpGV1oaVrqqaSyYQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nQVa6nkkBN1WB7OOnb1++YbXvYJFaojxuIhS8PFtk8vnYllx1VcCFkJDvdM5kJ1NR5VRmmzHoTfBVSSVQC7u9/ledy+MthcMou0OzbcJ19w+ktsEejz9NyNZUVxC1qi9npd8yW6BLNzY7rZkAB5Altp3gEcXbvOw07FUwN5xZ1IGxCOB12zrRCyRBEjDBw9SL7DMHcCrIfAz75g65rRPvk/zvaxJW9gxc4WGbjzZl/HIEDGV9RWSJh0es1g/dLS27jOzWNLX3RxSwJqKo1pp4pS+9rKof7C3W3tlktxRnB9HVKdDleT2N6Q3OJoVLeqSdNn/O5BgnJSW0ag/4xGsPw==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 02 Jun 2023 10:21:10 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 01.06.2023 16:48, Andrew Cooper wrote: > The RSBA bit, "RSB Alternative", means that the RSB may use alternative > predictors when empty. From a practical point of view, this mean "Retpoline > not safe". > > Enhanced IBRS (officially IBRS_ALL in Intel's docs, previously IBRS_ATT) is a > statement that IBRS is implemented in hardware (as opposed to the form > retrofitted to existing CPUs in microcode). > > The RRSBA bit, "Restricted-RSBA", is a combination of RSBA, and the eIBRS > property that predictions are tagged with the mode in which they were learnt. > Therefore, it means "when eIBRS is active, the RSB may fall back to > alternative predictors but restricted to the current prediction mode". As > such, it's stronger statement than RSBA, but still means "Retpoline not safe". > > CPUs are not expected to enumerate both RSBA and RRSBA. > > Add feature dependencies for EIBRS and RRSBA. While technically they're not > linked, absolutely nothing good can of letting the guest see RRSBA without Nit: missing "come"? > EIBRS. Nor can anything good come of a guest seeing EIBRS without IBRSB. > Furthermore, we use this dependency to simplify the max derivation logic. >[...] > @@ -532,6 +541,21 @@ static void __init calculate_pv_def_policy(void) > guest_common_default_feature_adjustments(fs); > > sanitise_featureset(fs); > + > + /* > + * If the host suffers from RSBA of any form, and the guest can see > + * MSR_ARCH_CAPS, reflect the appropriate RSBA/RRSBA property to the > guest > + * depending on the visibility of eIBRS. > + */ > + if ( test_bit(X86_FEATURE_ARCH_CAPS, fs) && > + (cpu_has_rsba || cpu_has_rrsba) ) > + { > + bool eibrs = test_bit(X86_FEATURE_EIBRS, fs); > + > + __set_bit(eibrs ? X86_FEATURE_RRSBA > + : X86_FEATURE_RSBA, fs); > + } > + > x86_cpu_featureset_to_policy(fs, p); > recalculate_xstate(p); > } > @@ -664,6 +688,21 @@ static void __init calculate_hvm_def_policy(void) > __set_bit(X86_FEATURE_VIRT_SSBD, fs); > > sanitise_featureset(fs); > + > + /* > + * If the host suffers from RSBA of any form, and the guest can see > + * MSR_ARCH_CAPS, reflect the appropriate RSBA/RRSBA property to the > guest > + * depending on the visibility of eIBRS. > + */ > + if ( test_bit(X86_FEATURE_ARCH_CAPS, fs) && > + (cpu_has_rsba || cpu_has_rrsba) ) > + { > + bool eibrs = test_bit(X86_FEATURE_EIBRS, fs); > + > + __set_bit(eibrs ? X86_FEATURE_RRSBA > + : X86_FEATURE_RSBA, fs); > + } > + > x86_cpu_featureset_to_policy(fs, p); > recalculate_xstate(p); > } > @@ -786,6 +825,20 @@ void recalculate_cpuid_policy(struct domain *d) > > sanitise_featureset(fs); > > + /* > + * If the host suffers from RSBA of any form, and the guest can see > + * MSR_ARCH_CAPS, reflect the appropriate RSBA/RRSBA property to the > guest > + * depending on the visibility of eIBRS. > + */ > + if ( test_bit(X86_FEATURE_ARCH_CAPS, fs) && > + (cpu_has_rsba || cpu_has_rrsba) ) > + { > + bool eibrs = test_bit(X86_FEATURE_EIBRS, fs); > + > + __set_bit(eibrs ? X86_FEATURE_RRSBA > + : X86_FEATURE_RSBA, fs); > + } Now that we have the same code and comment even a 3rd time, surely this wants to be put in a helper? What about a tool stack request leading to us setting the 2nd of the two bits here, while the other was already set? IOW wouldn't we better clear the other bit explicitly? (Due to the EIBRS dependency or RRSBA I think this can really only happen when the tool stack requests RSBA+EIBRS, as the deep deps clearing doesn't know the concept of "negative" dependencies.) Similarly what about a tool stack (and ultimately admin) request setting both RSBA and RRSBA? Wouldn't we better clear the respectively wrong bit then? People may do this in their guest configs "just to be on the safe side" (once expressing this in guest configs is possible, of course), and due to the max policies having both bits set this also won't occur "automatically". Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.