Xen project Mailing List

Re: x86: AMD Zen1 Div leakage

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Thu, 10 Aug 2023 11:25:07 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nFh5j+/Ea8FtWyGUl8QN8SBTkjmEGr3KdohpylwSnao=; b=BkiI2hbYQPw/+MhjMCh1uPBf3QGMqthmFiL30k/dLTCBMxH9ZkjIs6pRm4dt3lYOyrQmMOoZf4G+Jy4Q/aiEExa496tmFZ8HKmKrhBqKdLBhH81driaYGc5r+1j8BKXLWXxSKsnrU+UWfvTkxLzytvxGXU8CC3o9PmxrK1ujz8APtft5PgLw41mgg8JhJrpLrVEAX9gO6yIb+0XznMO3H8JSVjysHK3eOMdEiSZvRaoV85fKYR6ZJSRrWd3tS/rhMK/ECa8ib4E4X8Yvnq+JwcobuzpEwzgRp3zaxqzQxT9HbUlDWShKXg3k8hYz7sNt1A8bfh9XjH2ujCHMdre3rw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=icnt9KSl8Od1ggSs4QerhHUn5Ye76Z0Sj5qsTm8HY1XuGf0exvAq8e76h5LpwGFAWtIN6G2ld34M4InpK4wzl22BWAIC29Z7zPY5Wlfpm75cuyUcHn1Wf+t2J/NEirKc5Y7MG/05sFaYmUdNG4upm9/+sua4rpP18b+2B4n/fiPBzXHSEbrrStFKGg9YW8vhXm2ND3PKKnQbkT42vt76MCxO1/dSZjDIFe9w9uyvKY3JKzacY11MMEAqubREiSHlZ7fSXO9tQmghogdpRGWLmhjjSi3yfIUGTBToP0P5gA8GjLbwV65yPtD+Ewcq+Qhr2kRKFLUPHhs9I5WTkBWacA==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 10 Aug 2023 09:25:24 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 09.08.2023 22:29, Andrew Cooper wrote: > This popped up with insufficient time to organise a response before the > pile of fixes yesterday. > > https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html > > Per my current understanding: > > * There is a single integer divider in a Zen1 pipeline. When SMT is > active, it services uops from both threads. > > * It latches the result of the last calculation performed, but forwards > said result transiently in the case of #DE (i.e. meltdown-like). > > If this is accurate, then there's a nice covert channel between the two > threads, where they can communicate by issuing specific divides, without > ever leaving userspace. (It's easy to hide a #DE in the shadow of some > other misprediction, and not suffer a real divide exception.) > > But, div isn't a serialising uop, so the advice of "don't divide > secrets" is tantamount to useless. Transient execution can pick up a > div uop from any misaligned instruction, and end up caculating on > arbitrary operands. > > > In SMT=0 cases, we can scrub in Xen by executing 0 / 1, and would need > to go in the same place as VERW on Intel (i.e. very late in the > return-to-guest path). Executing 1 / 1 may be yet slightly cheaper, unless there's special casing of 0 as the dividend in hardware (in which case I would wonder whether then the result would actually be latched). Is putting this on the exit path going to be enough? Without also scrubbing on entry what was latched, speculation inside Xen could be "driven" (to a limited degree) from the outside (i.e. spectre-like). > In SMT=1 cases, I can't see any fix. It's very much like L1TF/MDS, and > cooperating threads can snatch data a cycle or two after it was placed > in the channel. I agree, ... > As yet, I haven't started any patches to this effect, but it would be > nice to have more clarity from AMD first. ... provided nothing new turns up in what exactly the issue is. The Linux commit that attempts to address this deals with this inside the #DE handler, apparently assuming the issue can only occur when #DE is actually raised. Your (and my limited) understanding go in a different direction, though. Jan

References:

x86: AMD Zen1 Div leakage
- From: Andrew Cooper

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.