From patchwork Wed Oct 23 13:58:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11206883 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E8DBA112B for ; Wed, 23 Oct 2019 13:59:54 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B893E2173B for ; Wed, 23 Oct 2019 13:59:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="K2AME3WV" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B893E2173B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iNH9i-0004jk-U2; Wed, 23 Oct 2019 13:58:30 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iNH9h-0004j7-Nm for xen-devel@lists.xenproject.org; Wed, 23 Oct 2019 13:58:29 +0000 X-Inumbo-ID: 2ac94fca-f59d-11e9-947f-12813bfff9fa Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 2ac94fca-f59d-11e9-947f-12813bfff9fa; Wed, 23 Oct 2019 13:58:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1571839099; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4VuKkBqZ2Kta2Y4r87MDlI7noHQgx33B3BrfYmdOdtI=; b=K2AME3WVkqrp63d6Q5dVMJ/yYMutcHSlj/03lDwABwTF6TmVgwigMh9D metlAIw/3UNzFz4WgRmNyMcngu4FarQ6LaOg0IdNDXSxc83SAPCGxsXuE 6iNXroAxxHQhp68bV5mD4+4pHrsmtumJOoqrb2ARLQuCP2HyNWGbrv+GM g=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa4.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: IZib/t/EeiHoxXWGbWQFKYxxaO6mATIdDlrRkU89FjB42teDowVqZSw04zSOlMH3ODuXJKlKEN w8SUC4fz4yTfgNTPO14OgMf6+4BiRhzfZ65Yhhn3fUYjcNuWfRSUC636AoQ5nQ7qsMe8MJqisT p3LUovIzvcXAPFYaMpatkAPQ/erVxak7dfnTFZqDXLXZLmxP3My0P2PRkxowU9Na5ixqc+Ramw Fkdcg9L2LGNc7Y4Iiq+NKbsGUMesY2PQ38mBOam1nEzRPWvbU4tT4GSWS9F9K94UcsdbbtcNq3 hsI= X-SBRS: 2.7 X-MesageID: 7760075 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.68,221,1569297600"; d="scan'208";a="7760075" From: Andrew Cooper To: Xen-devel Date: Wed, 23 Oct 2019 14:58:09 +0100 Message-ID: <20191023135812.21348-5-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20191023135812.21348-1-andrew.cooper3@citrix.com> References: <20191023135812.21348-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v3 4/7] x86/nospec: Rename and rework l1tf-barrier as branch-harden X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Andrew Cooper , Wei Liu , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" l1tf-barrier is an inappropriate name, and came about because of restrictions on could be discussed publicly when the patches were proposed. In practice, it is for general Spectre v1 mitigations, and is necessary in all cases. An adversary which can control speculation in Xen can leak data in cross-core (BCBS, etc) or remote (NetSpectre) scenarios - the problem is not limited to just L1TF with HT active. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monné CC: Juergen Gross v3: * New In principle it should be tristate and being disabled by default on parts which don't speculate, but it is too late in 4.13 to organise this. --- docs/misc/xen-command-line.pandoc | 11 +++++------ xen/arch/x86/spec_ctrl.c | 17 +++++++---------- xen/include/asm-x86/cpufeatures.h | 2 +- xen/include/asm-x86/nospec.h | 2 +- xen/include/asm-x86/spec_ctrl.h | 2 +- 5 files changed, 15 insertions(+), 19 deletions(-) diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line.pandoc index 67df80c50d..e37a13ed11 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -1960,7 +1960,7 @@ By default SSBD will be mitigated at runtime (i.e `ssbd=runtime`). ### spec-ctrl (x86) > `= List of [ , xen=, {pv,hvm,msr-sc,rsb,md-clear}=, > bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd,eager-fpu, -> l1d-flush,l1tf-barrier}= ]` +> l1d-flush,branch-harden}= ]` Controls for speculative execution sidechannel mitigations. By default, Xen will pick the most appropriate mitigations based on compiled in support, @@ -2032,11 +2032,10 @@ Irrespective of Xen's setting, the feature is virtualised for HVM guests to use. By default, Xen will enable this mitigation on hardware believed to be vulnerable to L1TF. -On hardware vulnerable to L1TF, the `l1tf-barrier=` option can be used to force -or prevent Xen from protecting evaluations inside the hypervisor with a barrier -instruction to not load potentially secret information into L1 cache. By -default, Xen will enable this mitigation on hardware believed to be vulnerable -to L1TF. +If Xen is compiled with `CONFIG_SPECULATIVE_HARDEN_BRANCH`, the +`branch-harden=` boolean can be used to force or prevent Xen from using +speculation barriers to protect selected conditional branches. By default, +Xen will enabled this mitigation. ### sync_console > `= ` diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index ee5439a371..e74e0cc619 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -52,7 +52,7 @@ bool __read_mostly opt_ibpb = true; bool __read_mostly opt_ssbd = false; int8_t __read_mostly opt_eager_fpu = -1; int8_t __read_mostly opt_l1d_flush = -1; -int8_t __read_mostly opt_l1tf_barrier = -1; +bool __read_mostly opt_branch_harden = true; bool __initdata bsp_delay_spec_ctrl; uint8_t __read_mostly default_xen_spec_ctrl; @@ -97,7 +97,7 @@ static int __init parse_spec_ctrl(const char *s) if ( opt_pv_l1tf_domu < 0 ) opt_pv_l1tf_domu = 0; - opt_l1tf_barrier = 0; + opt_branch_harden = false; disable_common: opt_rsb_pv = false; @@ -174,8 +174,8 @@ static int __init parse_spec_ctrl(const char *s) opt_eager_fpu = val; else if ( (val = parse_boolean("l1d-flush", s, ss)) >= 0 ) opt_l1d_flush = val; - else if ( (val = parse_boolean("l1tf-barrier", s, ss)) >= 0 ) - opt_l1tf_barrier = val; + else if ( (val = parse_boolean("branch-harden", s, ss)) >= 0 ) + opt_branch_harden = val; else rc = -EINVAL; @@ -348,7 +348,7 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps) opt_ibpb ? " IBPB" : "", opt_l1d_flush ? " L1D_FLUSH" : "", opt_md_clear_pv || opt_md_clear_hvm ? " VERW" : "", - opt_l1tf_barrier ? " L1TF_BARRIER" : ""); + opt_branch_harden ? " BRANCH_HARDEN" : ""); /* L1TF diagnostics, printed if vulnerable or PV shadowing is in use. */ if ( cpu_has_bug_l1tf || opt_pv_l1tf_hwdom || opt_pv_l1tf_domu ) @@ -1033,11 +1033,8 @@ void __init init_speculation_mitigations(void) else if ( opt_l1d_flush == -1 ) opt_l1d_flush = cpu_has_bug_l1tf && !(caps & ARCH_CAPS_SKIP_L1DFL); - /* By default, enable L1TF_VULN on L1TF-vulnerable hardware */ - if ( opt_l1tf_barrier == -1 ) - opt_l1tf_barrier = cpu_has_bug_l1tf && (opt_smt || !opt_l1d_flush); - if ( opt_l1tf_barrier > 0 ) - setup_force_cpu_cap(X86_FEATURE_SC_L1TF_VULN); + if ( opt_branch_harden ) + setup_force_cpu_cap(X86_FEATURE_SC_BRANCH_HARDEN); /* * We do not disable HT by default on affected hardware. diff --git a/xen/include/asm-x86/cpufeatures.h b/xen/include/asm-x86/cpufeatures.h index 91eccf5161..b9d3cac975 100644 --- a/xen/include/asm-x86/cpufeatures.h +++ b/xen/include/asm-x86/cpufeatures.h @@ -27,7 +27,7 @@ XEN_CPUFEATURE(XEN_SMAP, X86_SYNTH(11)) /* SMAP gets used by Xen itself XEN_CPUFEATURE(LFENCE_DISPATCH, X86_SYNTH(12)) /* lfence set as Dispatch Serialising */ XEN_CPUFEATURE(IND_THUNK_LFENCE, X86_SYNTH(13)) /* Use IND_THUNK_LFENCE */ XEN_CPUFEATURE(IND_THUNK_JMP, X86_SYNTH(14)) /* Use IND_THUNK_JMP */ -XEN_CPUFEATURE(SC_L1TF_VULN, X86_SYNTH(15)) /* L1TF protection required */ +XEN_CPUFEATURE(SC_BRANCH_HARDEN, X86_SYNTH(15)) /* Conditional Branch Hardening */ XEN_CPUFEATURE(SC_MSR_PV, X86_SYNTH(16)) /* MSR_SPEC_CTRL used by Xen for PV */ XEN_CPUFEATURE(SC_MSR_HVM, X86_SYNTH(17)) /* MSR_SPEC_CTRL used by Xen for HVM */ XEN_CPUFEATURE(SC_RSB_PV, X86_SYNTH(18)) /* RSB overwrite needed for PV */ diff --git a/xen/include/asm-x86/nospec.h b/xen/include/asm-x86/nospec.h index 154e92aed8..f6eb84eee5 100644 --- a/xen/include/asm-x86/nospec.h +++ b/xen/include/asm-x86/nospec.h @@ -10,7 +10,7 @@ static always_inline bool barrier_nospec_true(void) { #ifdef CONFIG_SPECULATIVE_HARDEN_BRANCH - alternative("", "lfence", X86_FEATURE_SC_L1TF_VULN); + alternative("", "lfence", X86_FEATURE_SC_BRANCH_HARDEN); #endif return true; } diff --git a/xen/include/asm-x86/spec_ctrl.h b/xen/include/asm-x86/spec_ctrl.h index 1339ddd7ef..9caecddfec 100644 --- a/xen/include/asm-x86/spec_ctrl.h +++ b/xen/include/asm-x86/spec_ctrl.h @@ -37,7 +37,7 @@ extern bool opt_ibpb; extern bool opt_ssbd; extern int8_t opt_eager_fpu; extern int8_t opt_l1d_flush; -extern int8_t opt_l1tf_barrier; +extern bool opt_branch_harden; extern bool bsp_delay_spec_ctrl; extern uint8_t default_xen_spec_ctrl;