diff mbox series

[1/4] target/i386: Introduce SierraForest-v2 model

Message ID 20250121020650.1899618-2-tao1.su@linux.intel.com (mailing list archive)
State New
Headers show
Series Introduce SierraForest-v2 and ClearwaterForest CPU model | expand

Commit Message

Tao Su Jan. 21, 2025, 2:06 a.m. UTC 
Update SierraForest CPU model to add LAM, 4 bits indicating certain bits
of IA32_SPEC_CTR are supported(intel-psfd, ipred-ctrl, rrsba-ctrl,
bhi-ctrl) and the missing features(ss, tsc-adjust, cldemote, movdiri,
movdir64b)

Also add GDS-NO and RFDS-NO to indicate the related vulnerabilities are
mitigated in stepping 3.

Tested-by: Xuelian Guo <xuelian.guo@intel.com>
Signed-off-by: Tao Su <tao1.su@linux.intel.com>
---
 target/i386/cpu.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

Comments

Zhao Liu Jan. 21, 2025, 12:40 p.m. UTC | #1 
On Tue, Jan 21, 2025 at 10:06:47AM +0800, Tao Su wrote:
> Date: Tue, 21 Jan 2025 10:06:47 +0800
> From: Tao Su <tao1.su@linux.intel.com>
> Subject: [PATCH 1/4] target/i386: Introduce SierraForest-v2 model
> X-Mailer: git-send-email 2.34.1
> 
> Update SierraForest CPU model to add LAM, 4 bits indicating certain bits
> of IA32_SPEC_CTR are supported(intel-psfd, ipred-ctrl, rrsba-ctrl,
> bhi-ctrl) and the missing features(ss, tsc-adjust, cldemote, movdiri,
> movdir64b)
> 
> Also add GDS-NO and RFDS-NO to indicate the related vulnerabilities are
> mitigated in stepping 3.
> 
> Tested-by: Xuelian Guo <xuelian.guo@intel.com>
> Signed-off-by: Tao Su <tao1.su@linux.intel.com>
> ---
>  target/i386/cpu.c | 19 +++++++++++++++++++
>  1 file changed, 19 insertions(+)
>

Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Pawan Gupta Jan. 21, 2025, 5:34 p.m. UTC | #2 
On Tue, Jan 21, 2025 at 10:06:47AM +0800, Tao Su wrote:
> Update SierraForest CPU model to add LAM, 4 bits indicating certain bits
> of IA32_SPEC_CTR are supported(intel-psfd, ipred-ctrl, rrsba-ctrl,
> bhi-ctrl) and the missing features(ss, tsc-adjust, cldemote, movdiri,
> movdir64b)
> 
> Also add GDS-NO and RFDS-NO to indicate the related vulnerabilities are
> mitigated in stepping 3.

Does this only apply to stepping 3? I don't think Sierra Forest was ever
vulnerable to GDS and RFDS [1].

There are many other vulnerabilities that Sierra Forest is not vulnerable to,
is it really necessary to add the *_NO bits to CPU definitions?

[1] https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
Tao Su Jan. 22, 2025, 1:16 a.m. UTC | #3 
On Tue, Jan 21, 2025 at 09:34:58AM -0800, Pawan Gupta wrote:
> On Tue, Jan 21, 2025 at 10:06:47AM +0800, Tao Su wrote:
> > Update SierraForest CPU model to add LAM, 4 bits indicating certain bits
> > of IA32_SPEC_CTR are supported(intel-psfd, ipred-ctrl, rrsba-ctrl,
> > bhi-ctrl) and the missing features(ss, tsc-adjust, cldemote, movdiri,
> > movdir64b)
> > 
> > Also add GDS-NO and RFDS-NO to indicate the related vulnerabilities are
> > mitigated in stepping 3.
> 
> Does this only apply to stepping 3? I don't think Sierra Forest was ever
> vulnerable to GDS and RFDS [1].
> 

On the real machine, stepping 0 does not set GDS_NO and RFDS_NO, but
stepping 3 does.

> There are many other vulnerabilities that Sierra Forest is not vulnerable to,
> is it really necessary to add the *_NO bits to CPU definitions?
> 
> [1] https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html

*_NO bits indicate processor is not affected by *, so adding these to the
CPU model will prevent the guest OS (using the CPU model) from trying to
use related software mitigation, which I think is reasonable.
Xiaoyao Li Jan. 22, 2025, 1:44 a.m. UTC | #4 
On 1/21/2025 10:06 AM, Tao Su wrote:
> Update SierraForest CPU model to add LAM, 4 bits indicating certain bits
> of IA32_SPEC_CTR are supported(intel-psfd, ipred-ctrl, rrsba-ctrl,
> bhi-ctrl) and the missing features(ss, tsc-adjust, cldemote, movdiri,
> movdir64b)
> 
> Also add GDS-NO and RFDS-NO to indicate the related vulnerabilities are
> mitigated in stepping 3.
> 
> Tested-by: Xuelian Guo <xuelian.guo@intel.com>
> Signed-off-by: Tao Su <tao1.su@linux.intel.com>

Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>

> ---
>   target/i386/cpu.c | 19 +++++++++++++++++++
>   1 file changed, 19 insertions(+)
> 
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index 1b9c11022c..6db8d6c9ba 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -4549,6 +4549,25 @@ static const X86CPUDefinition builtin_x86_defs[] = {
>           .model_id = "Intel Xeon Processor (SierraForest)",
>           .versions = (X86CPUVersionDefinition[]) {
>               { .version = 1 },
> +            {
> +                .version = 2,
> +                .props = (PropValue[]) {
> +                    { "ss", "on" },
> +                    { "tsc-adjust", "on" },
> +                    { "cldemote", "on" },
> +                    { "movdiri", "on" },
> +                    { "movdir64b", "on" },
> +                    { "gds-no", "on" },
> +                    { "rfds-no", "on" },
> +                    { "lam", "on" },
> +                    { "intel-psfd", "on"},
> +                    { "ipred-ctrl", "on"},
> +                    { "rrsba-ctrl", "on"},
> +                    { "bhi-ctrl", "on"},
> +                    { "stepping", "3" },
> +                    { /* end of list */ }
> +                }
> +            },
>               { /* end of list */ },
>           },
>       },
Pawan Gupta Jan. 22, 2025, 4:32 a.m. UTC | #5 
On Wed, Jan 22, 2025 at 09:16:37AM +0800, Tao Su wrote:
> On Tue, Jan 21, 2025 at 09:34:58AM -0800, Pawan Gupta wrote:
> > On Tue, Jan 21, 2025 at 10:06:47AM +0800, Tao Su wrote:
> > > Update SierraForest CPU model to add LAM, 4 bits indicating certain bits
> > > of IA32_SPEC_CTR are supported(intel-psfd, ipred-ctrl, rrsba-ctrl,
> > > bhi-ctrl) and the missing features(ss, tsc-adjust, cldemote, movdiri,
> > > movdir64b)
> > > 
> > > Also add GDS-NO and RFDS-NO to indicate the related vulnerabilities are
> > > mitigated in stepping 3.
> > 
> > Does this only apply to stepping 3? I don't think Sierra Forest was ever
> > vulnerable to GDS and RFDS [1].
> > 
> 
> On the real machine, stepping 0 does not set GDS_NO and RFDS_NO, but
> stepping 3 does.

Ah, I see. Thanks for clarifying.

> 
> > There are many other vulnerabilities that Sierra Forest is not vulnerable to,
> > is it really necessary to add the *_NO bits to CPU definitions?
> > 
> > [1] https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
> 
> *_NO bits indicate processor is not affected by *, so adding these to the
> CPU model will prevent the guest OS (using the CPU model) from trying to
> use related software mitigation, which I think is reasonable.

Ok, thanks. I got it mixed up with "-cpu host" option.
diff mbox series

Patch

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 1b9c11022c..6db8d6c9ba 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -4549,6 +4549,25 @@  static const X86CPUDefinition builtin_x86_defs[] = {
         .model_id = "Intel Xeon Processor (SierraForest)",
         .versions = (X86CPUVersionDefinition[]) {
             { .version = 1 },
+            {
+                .version = 2,
+                .props = (PropValue[]) {
+                    { "ss", "on" },
+                    { "tsc-adjust", "on" },
+                    { "cldemote", "on" },
+                    { "movdiri", "on" },
+                    { "movdir64b", "on" },
+                    { "gds-no", "on" },
+                    { "rfds-no", "on" },
+                    { "lam", "on" },
+                    { "intel-psfd", "on"},
+                    { "ipred-ctrl", "on"},
+                    { "rrsba-ctrl", "on"},
+                    { "bhi-ctrl", "on"},
+                    { "stepping", "3" },
+                    { /* end of list */ }
+                }
+            },
             { /* end of list */ },
         },
     },