From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <peterz@infradead.org>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 08 Feb
  2019 09:01:53 -0000
Received: from bombadil.infradead.org ([2607:7c80:54:e::133])
	by Galois.linutronix.de with esmtps (TLS1.2:RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <peterz@infradead.org>)
	id 1gs22g-0005LR-SF
	for speck@linutronix.de; Fri, 08 Feb 2019 10:01:52 +0100
Received: from j217100.upc-j.chello.nl ([24.132.217.100]
 helo=hirez.programming.kicks-ass.net)	by bombadil.infradead.org with esmtpsa
 (Exim 4.90_1 #2 (Red Hat Linux))	id 1gs22f-0004Ti-9z	for speck@linutronix.de;
 Fri, 08 Feb 2019 09:01:49 +0000
Date: Fri, 8 Feb 2019 10:01:47 +0100
From: Peter Zijlstra <peterz@infradead.org>
Subject: [MODERATED] Re: [SUSPECTED SPAM][PATCH v3 2/6] PERFv3
Message-ID: <20190208090147.GK32477@hirez.programming.kicks-ass.net>
References: <cover.1549582769.git.ak@linux.intel.com>
 <3dd5d6e2bc9ac53f826c251c68ce84fcc79a6872.1549582769.git.ak@linux.intel.com>
 <cbc8b4c4-ccb7-9c53-6e53-8ec7149ba7d2@citrix.com>
MIME-Version: 1.0
In-Reply-To: <cbc8b4c4-ccb7-9c53-6e53-8ec7149ba7d2@citrix.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Fri, Feb 08, 2019 at 12:51:01AM +0000, speck for Andrew Cooper wrote:
> On 07/02/2019 23:41, speck for Andi Kleen wrote:
> > This patch assumes that the kernel is using
> > RETPOLINE (or IBRS), otherwise speculative execution could
> > still corrupt counter 3 in very unlikely cases.
> 
> What has the kernel configuration got to do with it?
> 
> It is my understanding that any execution of an XBEGIN instruction, even
> speculatively, even in userspace will result in PCR3 getting modified.
> 
> A CPU either has force abort mode active, or PCR3 can be changed behind
> the kernel's back.

We are executing kernel code; therefore any user RTM will have aborted
and is irrelevant.

So what the kernel does is:

	/*
	 * And as noted; userspace transactions will be aborted by
	 * having entered the kernel. The kernel does not use RTM
	 * itself.
	 */


	/*
	 * stops all counters; irrespective of ucode using PMC3 or not
	 */
	GLOBAL_CTRL = 0;

	/*
	 * program PMC3
	 */
	CTRVAL3 = x;
	EVTSEL3 = y;

	/*
	 * Set the TFA bit to make ucode not touch PMC3; since there has
	 * not been an RTM instruction between GLOBAL_CTRL=0 and here,
	 * PMC3 will still be {x,y} as we just wrote.
	 *
	 * This is what requires RETPOLINE/IBRS; because otherwise
	 * speculation could see a partial kernel instruction that looks
	 * like RTM, which would mess things up.
	 */
	WRMSR(MSR_TFA, 1);

	/*
	 * Let 'er rip.
	 */
	GLOBAL_CTRL = ~0ULL;