From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 10 Dec 2018 22:34:27 -0000 Received: from mga09.intel.com ([134.134.136.24]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gWPkZ-00014E-0p for speck@linutronix.de; Mon, 10 Dec 2018 18:53:48 +0100 From: Andi Kleen Subject: [MODERATED] [PATCH v2 1/8] MDSv2 4 Date: Mon, 10 Dec 2018 09:53:33 -0800 Message-Id: In-Reply-To: References: In-Reply-To: References: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit MIME-Version: 1.0 To: speck@linutronix.de Cc: Andi Kleen List-ID: MDS is micro architectural data sampling, which is a side channel attack on internal buffers in Intel CPUs. They all have the same mitigations for single thread, so we lump them all together as a single MDS issue. This patch adds the basic infrastructure to detect if the current CPU is affected by MDS, and if yes set the right BUG bits. We also provide a command line option "mds_disable" to disable any workarounds. Signed-off-by: Andi Kleen --- Documentation/admin-guide/kernel-parameters.txt | 3 +++ arch/x86/include/asm/cpufeatures.h | 2 ++ arch/x86/include/asm/msr-index.h | 1 + arch/x86/kernel/cpu/bugs.c | 10 ++++++++++ arch/x86/kernel/cpu/common.c | 14 ++++++++++++++ 5 files changed, 30 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index aefd358a5ca3..48891572e825 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2341,6 +2341,9 @@ Format: , Specifies range of consoles to be captured by the MDA. + mds_disable [X86] + Disable workarounds for Micro-architectural Data Sampling. + mem=nn[KMG] [KNL,BOOT] Force usage of a specific amount of memory Amount of memory to be used when the kernel is not able to see the whole system memory or for test. diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 28c4a502b419..93fab3a1e046 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -342,6 +342,7 @@ /* Intel-defined CPU features, CPUID level 0x00000007:0 (EDX), word 18 */ #define X86_FEATURE_AVX512_4VNNIW (18*32+ 2) /* AVX-512 Neural Network Instructions */ #define X86_FEATURE_AVX512_4FMAPS (18*32+ 3) /* AVX-512 Multiply Accumulation Single precision */ +#define X86_FEATURE_MB_CLEAR (18*32+10) /* Flush state on VERW */ #define X86_FEATURE_PCONFIG (18*32+18) /* Intel PCONFIG */ #define X86_FEATURE_SPEC_CTRL (18*32+26) /* "" Speculation Control (IBRS + IBPB) */ #define X86_FEATURE_INTEL_STIBP (18*32+27) /* "" Single Thread Indirect Branch Predictors */ @@ -379,5 +380,6 @@ #define X86_BUG_SPECTRE_V2 X86_BUG(16) /* CPU is affected by Spectre variant 2 attack with indirect branches */ #define X86_BUG_SPEC_STORE_BYPASS X86_BUG(17) /* CPU is affected by speculative store bypass attack */ #define X86_BUG_L1TF X86_BUG(18) /* CPU is affected by L1 Terminal Fault */ +#define X86_BUG_MDS X86_BUG(19) /* CPU is affected by Microarchitectural data sampling */ #endif /* _ASM_X86_CPUFEATURES_H */ diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index c8f73efb4ece..303064a9a0a9 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -77,6 +77,7 @@ * attack, so no Speculative Store Bypass * control required. */ +#define ARCH_CAP_MDS_NO (1 << 5) /* No Microarchitectural data sampling */ #define MSR_IA32_FLUSH_CMD 0x0000010b #define L1D_FLUSH (1 << 0) /* diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 500278f5308e..5cac243849d8 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -35,6 +35,7 @@ static void __init spectre_v2_select_mitigation(void); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); +static void __init mds_select_mitigation(void); /* The base value of the SPEC_CTRL MSR that always has to be preserved. */ u64 x86_spec_ctrl_base; @@ -99,6 +100,8 @@ void __init check_bugs(void) l1tf_select_mitigation(); + mds_select_mitigation(); + #ifdef CONFIG_X86_32 /* * Check whether we are able to run this kernel safely on SMP. @@ -1041,6 +1044,13 @@ early_param("l1tf", l1tf_cmdline); #undef pr_fmt +static void mds_select_mitigation(void) +{ + if (cmdline_find_option_bool(boot_command_line, "mds_disable") || + !boot_cpu_has_bug(X86_BUG_MDS)) + setup_clear_cpu_cap(X86_FEATURE_MB_CLEAR); +} + #ifdef CONFIG_SYSFS #define L1TF_DEFAULT_MSG "Mitigation: PTE Inversion" diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index ffb181f959d2..bebeb67015fc 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -998,6 +998,14 @@ static const __initconst struct x86_cpu_id cpu_no_l1tf[] = { {} }; +static const __initconst struct x86_cpu_id cpu_no_mds[] = { + /* in addition to cpu_no_speculation */ + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_GOLDMONT }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_GOLDMONT_X }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_GOLDMONT_PLUS }, + {} +}; + static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c) { u64 ia32_cap = 0; @@ -1019,6 +1027,12 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c) if (ia32_cap & ARCH_CAP_IBRS_ALL) setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED); + if ((boot_cpu_data.x86_vendor == X86_VENDOR_INTEL && + !x86_match_cpu(cpu_no_mds)) && + !(ia32_cap & ARCH_CAP_MDS_NO) && + !(ia32_cap & ARCH_CAP_RDCL_NO)) + setup_force_cpu_bug(X86_BUG_MDS); + if (x86_match_cpu(cpu_no_meltdown)) return; -- 2.17.2