From patchwork Tue Feb 14 16:11:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 13140462 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 953BAC05027 for ; Tue, 14 Feb 2023 16:11:25 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.495269.765593 (Exim 4.92) (envelope-from ) id 1pRxth-0002uK-38; Tue, 14 Feb 2023 16:11:13 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 495269.765593; Tue, 14 Feb 2023 16:11:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pRxtg-0002uD-W6; Tue, 14 Feb 2023 16:11:12 +0000 Received: by outflank-mailman (input) for mailman id 495269; Tue, 14 Feb 2023 16:11:11 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pRxtf-0002sY-MV for xen-devel@lists.xenproject.org; Tue, 14 Feb 2023 16:11:11 +0000 Received: from EUR02-AM0-obe.outbound.protection.outlook.com (mail-am0eur02on20627.outbound.protection.outlook.com [2a01:111:f400:fe13::627]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 316928c8-ac82-11ed-93b5-47a8fe42b414; Tue, 14 Feb 2023 17:11:09 +0100 (CET) Received: from VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) by AM0PR04MB6884.eurprd04.prod.outlook.com (2603:10a6:208:183::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6086.24; Tue, 14 Feb 2023 16:11:07 +0000 Received: from VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::e138:4fc3:705c:d178]) by VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::e138:4fc3:705c:d178%7]) with mapi id 15.20.6086.024; Tue, 14 Feb 2023 16:11:07 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 316928c8-ac82-11ed-93b5-47a8fe42b414 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=C99l2jMkVu9rzdHMOsHKmHwNS9BXezQ2iP6vvNFPn7+Ff87icPa6QXJJSf69OqINNj+HFCHRqE1pW5f6y1Podjz4FckXyBrTJrH6NQPBIXHt89JmRkuab+M2fJMTqspvodejXDQrv0Rk2Hzxaz6UWl6+/nC/sC2jdRZuJn3vNOwDHUOVa3NXULbrx+3ZBZ5mTA330aiuykWUL1VdDxEYEeWVqQW7J+BKWRGpeWIk4mU2x1NaWOwwDbwhFFwBl8a5qNWfgSWU4+Tps5YRP5wwwyvjNcoDIHI9aWCG/Ev1KQU4w1Tiw2X+AoH0s0pQDocvvpVmBsTipiROv3ICVra/9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=d+/DUjrNApE1of8R+q9OMsOXlsFTj99u5P7jS1EbUzw=; b=HlzK3w2z8vDcWlMOVrr3ldmCB5ym69dXwYYUT00Q9Da+RmIC1lzD/YbrFA2lb5yI65+WT9Ohn/LSiffFGlLnr6r+LaJntmrAM/CrWlZlzSufNcK908kkERraUTybrM8koUyX5OTYolKXZxyOgUF9RQbXe9f8ANTGxgT0V3Gu6tcYwQCFsm9P6YWw+oRcTi1tydtGOUfAXLv+fxWL45fTBlV3rQWR7X1AqTXe4NZ+Ud4nOdIzZ1/GidrCBE18V3YGX7vyLUjQfOS7h0bPmVouYbVZEVfNZ/qjY+LHy4CI9nmerebukVq78HXUHW8uh9HRbDL4ZLHRd4FkOtqRiCThUA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d+/DUjrNApE1of8R+q9OMsOXlsFTj99u5P7jS1EbUzw=; b=mp379rXn8PAvUHg/0/2DNWWpDwNNxjCs8VFu5C9ewGCfl2xvKM91ZhuGzGwioznnlnmK+5ZAd7bc5XcPKkQZt42/61v2ZhD6ICwphB7Qvd0eh7JuAFKBXgmUa4Etf0O6O8e8a6afSqERds85Vk9b1g/n2uXW032z46hEvcMchvVuG3M9YUfKaDxHBasxJxN6Koqj161N/L3WCijP3qDIUY5AkcdWqCWN3/J4Mb9/kSOZK+zM0MX7+/vWhkQnZwO54xJ0i5HSKzmUszprnk0lAt2YvLuRorif8pmcAeLHHX4tVY5SJMU6oS6nuiF73s/HMEfIzjPDr76GrmL7W1/J0Q== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: <83c2a504-bce4-d3e7-1d9a-76ac0ca17bab@suse.com> Date: Tue, 14 Feb 2023 17:11:05 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.7.2 Subject: [PATCH v4 2/4] x86/spec-ctrl: defer context-switch IBPB until guest entry Content-Language: en-US From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?utf-8?q?Roger_Pau_Monn=C3=A9?= References: <06591b64-2f05-a4cc-a2f3-a74c3c4a76d6@suse.com> In-Reply-To: <06591b64-2f05-a4cc-a2f3-a74c3c4a76d6@suse.com> X-ClientProxiedBy: FR3P281CA0013.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1d::18) To VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: VE1PR04MB6560:EE_|AM0PR04MB6884:EE_ X-MS-Office365-Filtering-Correlation-Id: 7d646964-26d3-445f-a041-08db0ea61462 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Tskmce7OGb43LH2g6WzEvYyOya1BIYP3xbYaiTLPk72ey6rs2j1yXUt0bcKOVtKSPNv8CYQJU1bQ0GFVTu5XXyZJf8SRH2yBiMNj86yI1tlFOvicEkgR1A2ZHTJ8EFgEpacGDab33LrxQmoDI0hjhgjeezlYRRP1k7oufuHDYmpyQ5zCyCklGn5CUSVWs2qFUAEWDeRxXe0TmRyKlESL7vxpVCpn0JOK+L5rsN3KNKzAJ601Nyfj2fuspOiU6YSU2uoGZhVgs1HmOUqtxjBmrNO859vXajhAZVjZeAJ8yOHkyMIwsNpuBSyxWUqk29ihuVO1iN+Q+BwvgbjCXZFP6Sa0d5ZTvg/tLzkb1uy66tHFxyCp6EdDVWdM112UtVuz7rqRILErt7dnaXjhdOn2M9zOGTBd7nv/xvO/U39Ag+04jW+oF2VEg+hsWTOFY/uwP5gHW1010FkEJmsa2hW1IYm9xIuO6Poo5qrUHh1Fz12PXfMI+Lx2i8oQjnwh0OgdWBFL7rAZr3vWKWy/x0oLtD033+8FBbrAJL15ugXfeIiF+wfzXkgS1ny3gLPFIE5mUHBhgMTkTSEFdwrer47mFgp3CbOXFDWuV+NK/2J6dyAq32VpSCAdTmNh4vpKzSHobQbd3XYG5lssxYfDRNt3WC7KgCl/VARjl9w0oVqGYvGWV+EomQ0aG8Lt35TzNehyCuUWjd4H2YIaOwbZq9UFJLwEChBBHFaC0hMgegIGulw= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VE1PR04MB6560.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(376002)(366004)(39860400002)(396003)(346002)(136003)(451199018)(66476007)(66556008)(66946007)(6916009)(83380400001)(4326008)(31686004)(8676002)(41300700001)(316002)(8936002)(54906003)(36756003)(2906002)(5660300002)(26005)(31696002)(186003)(6486002)(478600001)(86362001)(6506007)(38100700002)(6512007)(2616005)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?onlVAyd9Nvga1A1hcO5FIuxVbqPi?= =?utf-8?q?FgnnX4J2SOi6b6S9Ddkn8rUeg98cqScKq/BTv1CKGnPM3PLUBQrd+Q+14W9xknXFF?= =?utf-8?q?ZpgDn7viLFhVmzjWgH1LkGX5v5tuQ/NNUvNxL2OhEaTUTdGIQO08E6me0tvLt9+m5?= =?utf-8?q?cQ+9fY2jO9kqQn7yrwDAl1HSmWHfK853Xzziqyfd7aOY9BjM0OPUYrBbvsQxnin/T?= =?utf-8?q?i0fMj5OBkhQLHip3Rt/jrxy76u077Bh6nGCtgw98jk3AcyqYh47s3iwzUPxVqAUpq?= =?utf-8?q?ahkM6fBPOxdNvyvyqvOc+ABTy0/iwFLF1YS7iQe0klX1XjZZhShoYNbwf2UdVFt2W?= =?utf-8?q?wUg2+apDb0RXSbp7sQRZizth/XCE2cFPCkdVW1fr2t3pHaCNMQRc8RsIqC0b92b+c?= =?utf-8?q?dPGhZHPWGZB+y4Sj8zMIfdRc6PCBUWdqH+OnKubrPkrBi3OYjD3EW4REG5f/ZfkAG?= =?utf-8?q?yjuKytcK2lXQc4aywDUAEl3xEztEhWhaqFIAD/PMtqbuiecCwcPtQDhZAc4pab2LZ?= =?utf-8?q?A2oDxyTlGk8zch0J7iULtcwtIPcYXA44RH6WpjHdxf2j05IwbEyZK6RX9km2nxYsA?= =?utf-8?q?H0PoazREVkn+6H8nvK2IemlwHLP4cYvBp8sf6aT35qfQmS5dxj0zTHQk8mTkHNkd1?= =?utf-8?q?6nHJGyIKlaBjZDnpL1i+kij7Ox2tggvwEG7o1CXi3F1aUiCnTQ5hpiZu4Nemh/PJO?= =?utf-8?q?FkAUJkCTLcVOS6u/JGKFZ/24m++9dvXZxZ5EyzsAKlq/hE1sCEk7Yuw/gtsJAoehH?= =?utf-8?q?qtIHUqXZfw15ekKIgjFER2OS1icjf7ZB/ICfcNGHUE3X9LWzVFN43sAAsnujV3D9g?= =?utf-8?q?RK/yBB21e52QYsSond7epHXgXMkvjPrrJRPxsq6GRoZcls5mEl+pR+hCNzAdaLcJn?= =?utf-8?q?W36j7D065dWc3bTSK2043/GVRZ3bIjlCrBDbPBQP74S7vZ4a0JJSgJlq09vP8r5mw?= =?utf-8?q?K//Jab+m4muf2QCN6FUutMqjmFVMEFOC3Y+3MqDvLahj4POk2MGUssv0SVMMl5RKQ?= =?utf-8?q?n29OX/hOrCfqfSjAbXZcp4Xapc4CtjgXitJIhx35B/trv55UnOOe3rF037r0snVE/?= =?utf-8?q?E4uVEthHMuZzvxkXxkaPpjjU2aacrn0Oc6ykWP9MiuH5bgHR1Q+s71kMSd3EkJ0uX?= =?utf-8?q?aUtEobRnLvgohG8U5GYx2hUfG1l2dvlFha4k7Su0PJzkAFMe5q0/LnZnViEZ6oRtt?= =?utf-8?q?bkTmq0Ux0qQEMpEf25zGsoY/LDDgBCG9q8Ar/KVBlmcc/jv9C1ZEAqulkFjATdKew?= =?utf-8?q?p43qdeBH+PzSa/hVIStXyNomoOEz7/jXVCn9s6ZFALQyTBOz7B5UlntpeMmYE2SFt?= =?utf-8?q?8wu8+UkCQR+PJxDEo8xMnl274cJu0TJHdmDvw3IaVtYWyRgB0krL8CGkrauAd0Qk2?= =?utf-8?q?VPRA5mKrA/bFmpYmXmXoWI7DqU3jWoUQq98LbXFWJcpYId3jKTNhPegW0DtRuyKeG?= =?utf-8?q?i8W+th2xj9743etqfxS/eXQbQpN3q2fVGWCcP3yspmlGL3fKhHQdW4uUW5EVMIB1w?= =?utf-8?q?WlE8jp1aSQ6G?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7d646964-26d3-445f-a041-08db0ea61462 X-MS-Exchange-CrossTenant-AuthSource: VE1PR04MB6560.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Feb 2023 16:11:07.3987 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bVEwUtcvQJBdxzOzEFyBX9jSj1PP7UJMXhJxLjaPxUEEG3WcdQ2eleMwQKzAwuqbeIqrTiAVmW5qOyeXGCc/LQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR04MB6884 In order to avoid clobbering Xen's own predictions, defer the barrier as much as possible. Merely mark the CPU as needing a barrier issued the next time we're exiting to guest context. Suggested-by: Andrew Cooper Signed-off-by: Jan Beulich --- I couldn't find any sensible (central/unique) place where to move the comment which is being deleted alongside spec_ctrl_new_guest_context(). (If this patch is to survive in the first place, it was suggested to move to spect_ctrl_asm.h, next to the #define of the controlling bit.) --- v4: Re-base in particular over changes earlier in the series. v3: New. --- a/xen/arch/x86/domain.c +++ b/xen/arch/x86/domain.c @@ -2038,7 +2038,7 @@ void context_switch(struct vcpu *prev, s */ if ( *last_id != next_id ) { - spec_ctrl_new_guest_context(); + info->spec_ctrl_flags |= SCF_new_pred_ctxt; *last_id = next_id; } } --- a/xen/arch/x86/include/asm/spec_ctrl.h +++ b/xen/arch/x86/include/asm/spec_ctrl.h @@ -67,28 +67,6 @@ void init_speculation_mitigations(void); void spec_ctrl_init_domain(struct domain *d); -/* - * Switch to a new guest prediction context. - * - * This flushes all indirect branch predictors (BTB, RSB/RAS), so guest code - * which has previously run on this CPU can't attack subsequent guest code. - * - * As this flushes the RSB/RAS, it destroys the predictions of the calling - * context. For best performace, arrange for this to be used when we're going - * to jump out of the current context, e.g. with reset_stack_and_jump(). - * - * For hardware which mis-implements IBPB, fix up by flushing the RSB/RAS - * manually. - */ -static always_inline void spec_ctrl_new_guest_context(void) -{ - wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB); - - /* (ab)use alternative_input() to specify clobbers. */ - alternative_input("", "DO_OVERWRITE_RSB", X86_BUG_IBPB_NO_RET, - : "rax", "rcx"); -} - extern int8_t opt_ibpb_ctxt_switch; extern bool opt_ssbd; extern int8_t opt_eager_fpu; --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -854,6 +854,11 @@ static void __init ibpb_calculations(voi */ if ( opt_ibpb_ctxt_switch == -1 ) opt_ibpb_ctxt_switch = !(opt_ibpb_entry_hvm && opt_ibpb_entry_pv); + if ( opt_ibpb_ctxt_switch ) + { + setup_force_cpu_cap(X86_FEATURE_NEW_PRED_CTXT_PV); + setup_force_cpu_cap(X86_FEATURE_NEW_PRED_CTXT_HVM); + } } /* Calculate whether this CPU is vulnerable to L1TF. */