[PATCH 0/4] Basic Speculation Control feature support

[PATCH 0/4] Basic Speculation Control feature support

[David Woodhouse]

This is the basis for using the newly-added microcode features for
speculation control on both Intel and AMD CPUs. We just add the
CPUID feature bits (with associated cleanup now we were using 5 bits
out of the same subleaf as "scattered" bits), add the MSR definitions,
and turn off KPTI for Intel CPUs which say they don't need it.

The rest of the bits to actually *use* the features are still being
worked out, but this much is fairly straightforward so it's a good
start.

David Woodhouse (4):
  x86/cpufeatures: Add Intel feature bits for Speculation Control
  x86/cpufeatures: Add AMD feature bits for Prediction Command
  x86/msr: Add definitions for new speculation control MSRs
  x86/pti: Do not enable PTI on fixed Intel processors

 arch/x86/include/asm/cpufeature.h        |  7 +++++--
 arch/x86/include/asm/cpufeatures.h       | 13 ++++++++++---
 arch/x86/include/asm/disabled-features.h |  3 ++-
 arch/x86/include/asm/msr-index.h         | 11 +++++++++++
 arch/x86/include/asm/required-features.h |  3 ++-
 arch/x86/kernel/cpu/common.c             | 10 ++++++++--
 arch/x86/kernel/cpu/scattered.c          |  3 +--
 7 files changed, 39 insertions(+), 11 deletions(-)

-- 
2.7.4

[PATCH 1/4] x86/cpufeatures: Add Intel feature bits for Speculation Control

[David Woodhouse]

Add three feature bits exposed by new microcode on Intel CPUs for
speculation control. We would now be up to five bits in CPUID(7).RDX
so take them out of the 'scattered' features and make a proper word
for them instead.

Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 arch/x86/include/asm/cpufeature.h        |  7 +++++--
 arch/x86/include/asm/cpufeatures.h       | 12 +++++++++---
 arch/x86/include/asm/disabled-features.h |  3 ++-
 arch/x86/include/asm/required-features.h |  3 ++-
 arch/x86/kernel/cpu/common.c             |  1 +
 arch/x86/kernel/cpu/scattered.c          |  2 --
 6 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index ea9a7dd..70eddb3 100644
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -29,6 +29,7 @@ enum cpuid_leafs
 	CPUID_8000_000A_EDX,
 	CPUID_7_ECX,
 	CPUID_8000_0007_EBX,
+	CPUID_7_EDX,
 };
 
 #ifdef CONFIG_X86_FEATURE_NAMES
@@ -79,8 +80,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32];
 	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) ||	\
 	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) ||	\
 	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) ||	\
+	   CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) ||	\
 	   REQUIRED_MASK_CHECK					  ||	\
-	   BUILD_BUG_ON_ZERO(NCAPINTS != 18))
+	   BUILD_BUG_ON_ZERO(NCAPINTS != 19))
 
 #define DISABLED_MASK_BIT_SET(feature_bit)				\
 	 ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK,  0, feature_bit) ||	\
@@ -101,8 +103,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32];
 	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 15, feature_bit) ||	\
 	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 16, feature_bit) ||	\
 	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 17, feature_bit) ||	\
+	   CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) ||	\
 	   DISABLED_MASK_CHECK					  ||	\
-	   BUILD_BUG_ON_ZERO(NCAPINTS != 18))
+	   BUILD_BUG_ON_ZERO(NCAPINTS != 19))
 
 #define cpu_has(c, bit)							\
 	(__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 :	\
diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index 25b9375..adebdaa 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -13,7 +13,7 @@
 /*
  * Defines x86 CPU feature bits
  */
-#define NCAPINTS			18	   /* N 32-bit words worth of info */
+#define NCAPINTS			19	   /* N 32-bit words worth of info */
 #define NBUGINTS			1	   /* N 32-bit bug flags */
 
 /*
@@ -206,8 +206,6 @@
 #define X86_FEATURE_RETPOLINE		( 7*32+12) /* Generic Retpoline mitigation for Spectre variant 2 */
 #define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */
 #define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory Number */
-#define X86_FEATURE_AVX512_4VNNIW	( 7*32+16) /* AVX-512 Neural Network Instructions */
-#define X86_FEATURE_AVX512_4FMAPS	( 7*32+17) /* AVX-512 Multiply Accumulation Single precision */
 
 #define X86_FEATURE_MBA			( 7*32+18) /* Memory Bandwidth Allocation */
 #define X86_FEATURE_RSB_CTXSW		( 7*32+19) /* Fill RSB on context switches */
@@ -319,6 +317,14 @@
 #define X86_FEATURE_SUCCOR		(17*32+ 1) /* Uncorrectable error containment and recovery */
 #define X86_FEATURE_SMCA		(17*32+ 3) /* Scalable MCA */
 
+/* Intel-defined CPU features, CPUID level 0x00000007:0 (EDX), word 18 */
+#define X86_FEATURE_AVX512_4VNNIW	(18*32+ 2) /* AVX-512 Neural Network Instructions */
+#define X86_FEATURE_AVX512_4FMAPS	(18*32+ 3) /* AVX-512 Multiply Accumulation Single precision */
+#define X86_FEATURE_SPEC_CTRL		(18*32+26) /* Speculation Control (IBRS + IBPB) */
+#define X86_FEATURE_STIPB		(18*32+27) /* Speculation Control with STIPB (Intel) */
+#define X86_FEATURE_ARCH_CAPABILITIES	(18*32+29) /* IA32_ARCH_CAPABILITIES MSR (Intel) */
+
+
 /*
  * BUG word(s)
  */
diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h
index e428e16..c6a3af1 100644
--- a/arch/x86/include/asm/disabled-features.h
+++ b/arch/x86/include/asm/disabled-features.h
@@ -71,6 +71,7 @@
 #define DISABLED_MASK15	0
 #define DISABLED_MASK16	(DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57)
 #define DISABLED_MASK17	0
-#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 18)
+#define DISABLED_MASK18	0
+#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19)
 
 #endif /* _ASM_X86_DISABLED_FEATURES_H */
diff --git a/arch/x86/include/asm/required-features.h b/arch/x86/include/asm/required-features.h
index d91ba04..fb3a6de 100644
--- a/arch/x86/include/asm/required-features.h
+++ b/arch/x86/include/asm/required-features.h
@@ -106,6 +106,7 @@
 #define REQUIRED_MASK15	0
 #define REQUIRED_MASK16	(NEED_LA57)
 #define REQUIRED_MASK17	0
-#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 18)
+#define REQUIRED_MASK18	0
+#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19)
 
 #endif /* _ASM_X86_REQUIRED_FEATURES_H */
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 372ba3f..e5d66e9 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -745,6 +745,7 @@ void get_cpu_cap(struct cpuinfo_x86 *c)
 		cpuid_count(0x00000007, 0, &eax, &ebx, &ecx, &edx);
 		c->x86_capability[CPUID_7_0_EBX] = ebx;
 		c->x86_capability[CPUID_7_ECX] = ecx;
+		c->x86_capability[CPUID_7_EDX] = edx;
 	}
 
 	/* Extended state features: level 0x0000000d */
diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c
index d0e6976..df11f5d 100644
--- a/arch/x86/kernel/cpu/scattered.c
+++ b/arch/x86/kernel/cpu/scattered.c
@@ -21,8 +21,6 @@ struct cpuid_bit {
 static const struct cpuid_bit cpuid_bits[] = {
 	{ X86_FEATURE_APERFMPERF,       CPUID_ECX,  0, 0x00000006, 0 },
 	{ X86_FEATURE_EPB,		CPUID_ECX,  3, 0x00000006, 0 },
-	{ X86_FEATURE_AVX512_4VNNIW,    CPUID_EDX,  2, 0x00000007, 0 },
-	{ X86_FEATURE_AVX512_4FMAPS,    CPUID_EDX,  3, 0x00000007, 0 },
 	{ X86_FEATURE_CAT_L3,		CPUID_EBX,  1, 0x00000010, 0 },
 	{ X86_FEATURE_CAT_L2,		CPUID_EBX,  2, 0x00000010, 0 },
 	{ X86_FEATURE_CDP_L3,		CPUID_ECX,  2, 0x00000010, 1 },
-- 
2.7.4

[PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[David Woodhouse]

AMD doesn't implement the Speculation Control MSR that Intel does, but
the Prediction Control MSR does exist and is advertised by a separate
CPUID bit. Add support for that.

Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 arch/x86/include/asm/cpufeatures.h | 1 +
 arch/x86/kernel/cpu/scattered.c    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index adebdaa..624d978 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -207,6 +207,7 @@
 #define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */
 #define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory Number */
 
+#define X86_FEATURE_AMD_PRED_CMD	( 7*32+17) /* Prediction Command MSR (AMD) */
 #define X86_FEATURE_MBA			( 7*32+18) /* Memory Bandwidth Allocation */
 #define X86_FEATURE_RSB_CTXSW		( 7*32+19) /* Fill RSB on context switches */
 
diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c
index df11f5d..c76009e 100644
--- a/arch/x86/kernel/cpu/scattered.c
+++ b/arch/x86/kernel/cpu/scattered.c
@@ -28,6 +28,7 @@ static const struct cpuid_bit cpuid_bits[] = {
 	{ X86_FEATURE_HW_PSTATE,	CPUID_EDX,  7, 0x80000007, 0 },
 	{ X86_FEATURE_CPB,		CPUID_EDX,  9, 0x80000007, 0 },
 	{ X86_FEATURE_PROC_FEEDBACK,    CPUID_EDX, 11, 0x80000007, 0 },
+	{ X86_FEATURE_AMD_PRED_CMD,	CPUID_EDX, 12, 0x80000007, 0 },
 	{ X86_FEATURE_SME,		CPUID_EAX,  0, 0x8000001f, 0 },
 	{ 0, 0, 0, 0, 0 }
 };
-- 
2.7.4

[PATCH 3/4] x86/msr: Add definitions for new speculation control MSRs

[David Woodhouse]

Add MSR and bit definitions for SPEC_CTRL, PRED_CMD and ARCH_CAPABILITIES.

See Intel's 336996-Speculative-Execution-Side-Channel-Mitigations.pdf

Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 arch/x86/include/asm/msr-index.h | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index fa11fb1..c37fafa 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -42,6 +42,13 @@
 #define MSR_PPIN_CTL			0x0000004e
 #define MSR_PPIN			0x0000004f
 
+#define MSR_IA32_SPEC_CTRL		0x00000048 /* Speculation Control */
+#define SPEC_CTRL_IBRS			(1 << 0)   /* Indirect Branch Restricted Speculation */
+#define SPEC_CTRL_STIPB			(1 << 1)   /* Single Thread Indirect Branch Predictors */
+
+#define MSR_IA32_PRED_CMD		0x00000049 /* Prediction Command */
+#define PRED_CMD_IBPB			(1 << 0)   /* Indirect Branch Prediction Barrier */
+
 #define MSR_IA32_PERFCTR0		0x000000c1
 #define MSR_IA32_PERFCTR1		0x000000c2
 #define MSR_FSB_FREQ			0x000000cd
@@ -60,6 +67,10 @@
 #define MSR_IA32_BBL_CR_CTL		0x00000119
 #define MSR_IA32_BBL_CR_CTL3		0x0000011e
 
+#define MSR_IA32_ARCH_CAPABILITIES	0x0000010a
+#define ARCH_CAP_RDCL_NO		(1 << 0)   /* Not susceptible to Meltdown */
+#define ARCH_CAP_IBRS_ALL		(1 << 1)   /* Enhanced IBRS support */
+
 #define MSR_IA32_SYSENTER_CS		0x00000174
 #define MSR_IA32_SYSENTER_ESP		0x00000175
 #define MSR_IA32_SYSENTER_EIP		0x00000176
-- 
2.7.4

[PATCH 4/4] x86/pti: Do not enable PTI on fixed Intel processors

[David Woodhouse]

When they advertise the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO
bit set, they don't need KPTI either.

Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
 arch/x86/kernel/cpu/common.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index e5d66e9..80572ae 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -900,8 +900,13 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
 
 	setup_force_cpu_cap(X86_FEATURE_ALWAYS);
 
-	if (c->x86_vendor != X86_VENDOR_AMD)
-		setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
+	if (c->x86_vendor != X86_VENDOR_AMD) {
+		unsigned long ia32_cap = 0;
+		if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES))
+			rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap);
+		if (!(ia32_cap & ARCH_CAP_RDCL_NO))
+			setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
+	}
 
 	setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
 	setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
-- 
2.7.4

Re: [PATCH 4/4] x86/pti: Do not enable PTI on fixed Intel processors

[Thomas Gleixner]

On Sat, 20 Jan 2018, David Woodhouse wrote:

> When they advertise the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO
> bit set, they don't need KPTI either.

Do they exist today? And do we have documentation for that new MSR already?

Thanks,

	tglx

> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> ---
>  arch/x86/kernel/cpu/common.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index e5d66e9..80572ae 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -900,8 +900,13 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
>  
>  	setup_force_cpu_cap(X86_FEATURE_ALWAYS);
>  
> -	if (c->x86_vendor != X86_VENDOR_AMD)
> -		setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
> +	if (c->x86_vendor != X86_VENDOR_AMD) {
> +		unsigned long ia32_cap = 0;
> +		if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES))
> +			rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap);
> +		if (!(ia32_cap & ARCH_CAP_RDCL_NO))
> +			setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
> +	}
>  
>  	setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
>  	setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
> -- 
> 2.7.4
> 
> 

Re: [PATCH 4/4] x86/pti: Do not enable PTI on fixed Intel processors

[Thomas Gleixner]

On Sat, 20 Jan 2018, Thomas Gleixner wrote:

> On Sat, 20 Jan 2018, David Woodhouse wrote:
> 
> > When they advertise the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO
> > bit set, they don't need KPTI either.
> 
> Do they exist today? And do we have documentation for that new MSR already?

Scratch the seconds question. It's in that spec mitigations PDF.

The first question stands.

Thanks,

	tglx

Re: [PATCH 4/4] x86/pti: Do not enable PTI on fixed Intel processors

[Woodhouse, David]

[-- Attachment #1.1: Type: text/plain, Size: 448 bytes --]

On Sat, 2018-01-20 at 21:08 +0100, Thomas Gleixner wrote:
> On Sat, 20 Jan 2018, David Woodhouse wrote:
> 
> > When they advertise the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO
> > bit set, they don't need KPTI either.
> 
> Do they exist today? And do we have documentation for that new MSR already?

No and yes:
https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf

[-- Attachment #1.2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5210 bytes --]

[-- Attachment #2.1: Type: text/plain, Size: 197 bytes --]




Amazon Web Services UK Limited. Registered in England and Wales with registration number 08650665 and which has its registered office at 60 Holborn Viaduct, London EC1A 2FD, United Kingdom.

[-- Attachment #2.2: Type: text/html, Size: 197 bytes --]

Re: [PATCH 4/4] x86/pti: Do not enable PTI on fixed Intel processors

[Woodhouse, David]

[-- Attachment #1.1: Type: text/plain, Size: 259 bytes --]

On Sat, 2018-01-20 at 21:08 +0100, Thomas Gleixner wrote:
> Do they exist today? And do we have documentation for that new MSR
> already?

Sorry, I think I lied. Yes, I believe they *do* exist today (once they
get their microcode update to advertise it).

[-- Attachment #1.2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5210 bytes --]

[-- Attachment #2.1: Type: text/plain, Size: 197 bytes --]




Amazon Web Services UK Limited. Registered in England and Wales with registration number 08650665 and which has its registered office at 60 Holborn Viaduct, London EC1A 2FD, United Kingdom.

[-- Attachment #2.2: Type: text/html, Size: 197 bytes --]

Re: [PATCH 1/4] x86/cpufeatures: Add Intel feature bits for Speculation Control

[Borislav Petkov]

On Sat, Jan 20, 2018 at 12:03:30PM +0000, David Woodhouse wrote:
> Add three feature bits exposed by new microcode on Intel CPUs for
> speculation control. We would now be up to five bits in CPUID(7).RDX
> so take them out of the 'scattered' features and make a proper word
> for them instead.

... as that leaf is a pure feature bits leaf.

> 
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> ---
>  arch/x86/include/asm/cpufeature.h        |  7 +++++--
>  arch/x86/include/asm/cpufeatures.h       | 12 +++++++++---
>  arch/x86/include/asm/disabled-features.h |  3 ++-
>  arch/x86/include/asm/required-features.h |  3 ++-
>  arch/x86/kernel/cpu/common.c             |  1 +
>  arch/x86/kernel/cpu/scattered.c          |  2 --
>  6 files changed, 19 insertions(+), 9 deletions(-)

Reviewed-by: Borislav Petkov <bp@suse.de>

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Re: [PATCH 1/4] x86/cpufeatures: Add Intel feature bits for Speculation Control

[Steven Noonan]

On Sat, Jan 20, 2018 at 4:03 AM, David Woodhouse <dwmw@amazon.co.uk> wrote:
> Add three feature bits exposed by new microcode on Intel CPUs for
> speculation control. We would now be up to five bits in CPUID(7).RDX
> so take them out of the 'scattered' features and make a proper word
> for them instead.
>
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> ---
>  arch/x86/include/asm/cpufeature.h        |  7 +++++--
>  arch/x86/include/asm/cpufeatures.h       | 12 +++++++++---
>  arch/x86/include/asm/disabled-features.h |  3 ++-
>  arch/x86/include/asm/required-features.h |  3 ++-
>  arch/x86/kernel/cpu/common.c             |  1 +
>  arch/x86/kernel/cpu/scattered.c          |  2 --
>  6 files changed, 19 insertions(+), 9 deletions(-)
>
> diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
> index ea9a7dd..70eddb3 100644
> --- a/arch/x86/include/asm/cpufeature.h
> +++ b/arch/x86/include/asm/cpufeature.h
> @@ -29,6 +29,7 @@ enum cpuid_leafs
>         CPUID_8000_000A_EDX,
>         CPUID_7_ECX,
>         CPUID_8000_0007_EBX,
> +       CPUID_7_EDX,
>  };
>
>  #ifdef CONFIG_X86_FEATURE_NAMES
> @@ -79,8 +80,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32];
>            CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) ||    \
>            CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) ||    \
>            CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) ||    \
> +          CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) ||    \
>            REQUIRED_MASK_CHECK                                    ||    \
> -          BUILD_BUG_ON_ZERO(NCAPINTS != 18))
> +          BUILD_BUG_ON_ZERO(NCAPINTS != 19))
>
>  #define DISABLED_MASK_BIT_SET(feature_bit)                             \
>          ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK,  0, feature_bit) ||    \
> @@ -101,8 +103,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32];
>            CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 15, feature_bit) ||    \
>            CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 16, feature_bit) ||    \
>            CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 17, feature_bit) ||    \
> +          CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) ||    \
>            DISABLED_MASK_CHECK                                    ||    \
> -          BUILD_BUG_ON_ZERO(NCAPINTS != 18))
> +          BUILD_BUG_ON_ZERO(NCAPINTS != 19))
>
>  #define cpu_has(c, bit)                                                        \
>         (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 :  \
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index 25b9375..adebdaa 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -13,7 +13,7 @@
>  /*
>   * Defines x86 CPU feature bits
>   */
> -#define NCAPINTS                       18         /* N 32-bit words worth of info */
> +#define NCAPINTS                       19         /* N 32-bit words worth of info */
>  #define NBUGINTS                       1          /* N 32-bit bug flags */
>
>  /*
> @@ -206,8 +206,6 @@
>  #define X86_FEATURE_RETPOLINE          ( 7*32+12) /* Generic Retpoline mitigation for Spectre variant 2 */
>  #define X86_FEATURE_RETPOLINE_AMD      ( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */
>  #define X86_FEATURE_INTEL_PPIN         ( 7*32+14) /* Intel Processor Inventory Number */
> -#define X86_FEATURE_AVX512_4VNNIW      ( 7*32+16) /* AVX-512 Neural Network Instructions */
> -#define X86_FEATURE_AVX512_4FMAPS      ( 7*32+17) /* AVX-512 Multiply Accumulation Single precision */
>
>  #define X86_FEATURE_MBA                        ( 7*32+18) /* Memory Bandwidth Allocation */
>  #define X86_FEATURE_RSB_CTXSW          ( 7*32+19) /* Fill RSB on context switches */
> @@ -319,6 +317,14 @@
>  #define X86_FEATURE_SUCCOR             (17*32+ 1) /* Uncorrectable error containment and recovery */
>  #define X86_FEATURE_SMCA               (17*32+ 3) /* Scalable MCA */
>
> +/* Intel-defined CPU features, CPUID level 0x00000007:0 (EDX), word 18 */
> +#define X86_FEATURE_AVX512_4VNNIW      (18*32+ 2) /* AVX-512 Neural Network Instructions */
> +#define X86_FEATURE_AVX512_4FMAPS      (18*32+ 3) /* AVX-512 Multiply Accumulation Single precision */
> +#define X86_FEATURE_SPEC_CTRL          (18*32+26) /* Speculation Control (IBRS + IBPB) */
> +#define X86_FEATURE_STIPB              (18*32+27) /* Speculation Control with STIPB (Intel) */

Is this correct? I thought the acronym was "STIBP", i.e.
"Single-Thread Indrect Branch Prediction"? If so, then you've got the
B and P swapped.

> +#define X86_FEATURE_ARCH_CAPABILITIES  (18*32+29) /* IA32_ARCH_CAPABILITIES MSR (Intel) */
> +
> +
>  /*
>   * BUG word(s)
>   */
> diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h
> index e428e16..c6a3af1 100644
> --- a/arch/x86/include/asm/disabled-features.h
> +++ b/arch/x86/include/asm/disabled-features.h
> @@ -71,6 +71,7 @@
>  #define DISABLED_MASK15        0
>  #define DISABLED_MASK16        (DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57)
>  #define DISABLED_MASK17        0
> -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 18)
> +#define DISABLED_MASK18        0
> +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19)
>
>  #endif /* _ASM_X86_DISABLED_FEATURES_H */
> diff --git a/arch/x86/include/asm/required-features.h b/arch/x86/include/asm/required-features.h
> index d91ba04..fb3a6de 100644
> --- a/arch/x86/include/asm/required-features.h
> +++ b/arch/x86/include/asm/required-features.h
> @@ -106,6 +106,7 @@
>  #define REQUIRED_MASK15        0
>  #define REQUIRED_MASK16        (NEED_LA57)
>  #define REQUIRED_MASK17        0
> -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 18)
> +#define REQUIRED_MASK18        0
> +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19)
>
>  #endif /* _ASM_X86_REQUIRED_FEATURES_H */
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index 372ba3f..e5d66e9 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -745,6 +745,7 @@ void get_cpu_cap(struct cpuinfo_x86 *c)
>                 cpuid_count(0x00000007, 0, &eax, &ebx, &ecx, &edx);
>                 c->x86_capability[CPUID_7_0_EBX] = ebx;
>                 c->x86_capability[CPUID_7_ECX] = ecx;
> +               c->x86_capability[CPUID_7_EDX] = edx;
>         }
>
>         /* Extended state features: level 0x0000000d */
> diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c
> index d0e6976..df11f5d 100644
> --- a/arch/x86/kernel/cpu/scattered.c
> +++ b/arch/x86/kernel/cpu/scattered.c
> @@ -21,8 +21,6 @@ struct cpuid_bit {
>  static const struct cpuid_bit cpuid_bits[] = {
>         { X86_FEATURE_APERFMPERF,       CPUID_ECX,  0, 0x00000006, 0 },
>         { X86_FEATURE_EPB,              CPUID_ECX,  3, 0x00000006, 0 },
> -       { X86_FEATURE_AVX512_4VNNIW,    CPUID_EDX,  2, 0x00000007, 0 },
> -       { X86_FEATURE_AVX512_4FMAPS,    CPUID_EDX,  3, 0x00000007, 0 },
>         { X86_FEATURE_CAT_L3,           CPUID_EBX,  1, 0x00000010, 0 },
>         { X86_FEATURE_CAT_L2,           CPUID_EBX,  2, 0x00000010, 0 },
>         { X86_FEATURE_CDP_L3,           CPUID_ECX,  2, 0x00000010, 1 },
> --
> 2.7.4
>

Re: [PATCH 1/4] x86/cpufeatures: Add Intel feature bits for Speculation Control

[David Woodhouse]

[-- Attachment #1: Type: text/plain, Size: 506 bytes --]

On Sat, 2018-01-20 at 13:51 -0800, Steven Noonan wrote:
> 
> > +#define X86_FEATURE_STIPB              (18*32+27) /* Speculation
> Control with STIPB (Intel) */
> 
> Is this correct? I thought the acronym was "STIBP", i.e.
> "Single-Thread Indrect Branch Prediction"? If so, then you've got the
> B and P swapped.

Likewise in the later MSR bits patch where I actually have both 'STIPB'
and 'Single Thread Indirect Branch Predictors' on the *same* line.

Fixed in both now; thanks.

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5213 bytes --]

Re: [PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[Borislav Petkov]

On Sat, Jan 20, 2018 at 12:03:31PM +0000, David Woodhouse wrote:
> AMD doesn't implement the Speculation Control MSR that Intel does, but
> the Prediction Control MSR does exist and is advertised by a separate
> CPUID bit. Add support for that.
> 
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> ---
>  arch/x86/include/asm/cpufeatures.h | 1 +
>  arch/x86/kernel/cpu/scattered.c    | 1 +
>  2 files changed, 2 insertions(+)
> 
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index adebdaa..624d978 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -207,6 +207,7 @@
>  #define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */
>  #define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory Number */
>  
> +#define X86_FEATURE_AMD_PRED_CMD	( 7*32+17) /* Prediction Command MSR (AMD) */

Right, so this bit I've seen being called differently. Tom, can you
clarify pls?

Also, public ZN PPR says about it:

CPUID_Fn80000007_EDX [Advanced Power Management Information] (ApmInfoEdx)
...

12 ApmPwrReporting: APM power reporting. Read-only. Reset: Fixed,0.

so I'm guessing it has been repurposed or so as APM is not used anymore?

Leaving in the rest for reference.

>  #define X86_FEATURE_MBA			( 7*32+18) /* Memory Bandwidth Allocation */
>  #define X86_FEATURE_RSB_CTXSW		( 7*32+19) /* Fill RSB on context switches */
>  
> diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c
> index df11f5d..c76009e 100644
> --- a/arch/x86/kernel/cpu/scattered.c
> +++ b/arch/x86/kernel/cpu/scattered.c
> @@ -28,6 +28,7 @@ static const struct cpuid_bit cpuid_bits[] = {
>  	{ X86_FEATURE_HW_PSTATE,	CPUID_EDX,  7, 0x80000007, 0 },
>  	{ X86_FEATURE_CPB,		CPUID_EDX,  9, 0x80000007, 0 },
>  	{ X86_FEATURE_PROC_FEEDBACK,    CPUID_EDX, 11, 0x80000007, 0 },
> +	{ X86_FEATURE_AMD_PRED_CMD,	CPUID_EDX, 12, 0x80000007, 0 },
>  	{ X86_FEATURE_SME,		CPUID_EAX,  0, 0x8000001f, 0 },
>  	{ 0, 0, 0, 0, 0 }
>  };
> -- 
> 2.7.4
> 

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Re: [PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[David Woodhouse]

> On Sat, Jan 20, 2018 at 12:03:31PM +0000, David Woodhouse wrote:
>> AMD doesn't implement the Speculation Control MSR that Intel does, but
>> the Prediction Control MSR does exist and is advertised by a separate
>> CPUID bit. Add support for that.
>>
>> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
>> ---
>>  arch/x86/include/asm/cpufeatures.h | 1 +
>>  arch/x86/kernel/cpu/scattered.c    | 1 +
>>  2 files changed, 2 insertions(+)
>>
>> diff --git a/arch/x86/include/asm/cpufeatures.h
>> b/arch/x86/include/asm/cpufeatures.h
>> index adebdaa..624d978 100644
>> --- a/arch/x86/include/asm/cpufeatures.h
>> +++ b/arch/x86/include/asm/cpufeatures.h
>> @@ -207,6 +207,7 @@
>>  #define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* AMD Retpoline
>> mitigation for Spectre variant 2 */
>>  #define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory
>> Number */
>>
>> +#define X86_FEATURE_AMD_PRED_CMD	( 7*32+17) /* Prediction Command MSR
>> (AMD) */
>
> Right, so this bit I've seen being called differently. Tom, can you
> clarify pls?

Yeah, that's fat-fingered in a cut/paste in refactoring. Fixed in what I
posted this morning. I would like to see public docs with it though...
Tom?

-- 
dwmw2

Re: [PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[Borislav Petkov]

On Sun, Jan 21, 2018 at 12:22:47PM -0000, David Woodhouse wrote:
> Yeah, that's fat-fingered in a cut/paste in refactoring. Fixed in what I
> posted this morning.

Hmm, I better switch to v2 then. With the crazy amount of patchsets
flying around, I could use an explicit invalidation of previous ones :-)

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Re: [PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[David Woodhouse]

> On Sun, Jan 21, 2018 at 12:22:47PM -0000, David Woodhouse wrote:
>> Yeah, that's fat-fingered in a cut/paste in refactoring. Fixed in what I
>> posted this morning.
>
> Hmm, I better switch to v2 then. With the crazy amount of patchsets
> flying around, I could use an explicit invalidation of previous ones :-)

The latest should always be here; Karim and I are working on the same tree:
http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb

That includes IBRS too, which wants to wait until IBPB stuff is done.

-- 
dwmw2

Re: [PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[Tom Lendacky]

On 1/21/2018 6:22 AM, David Woodhouse wrote:
> 
>> On Sat, Jan 20, 2018 at 12:03:31PM +0000, David Woodhouse wrote:
>>> AMD doesn't implement the Speculation Control MSR that Intel does, but
>>> the Prediction Control MSR does exist and is advertised by a separate
>>> CPUID bit. Add support for that.
>>>
>>> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
>>> ---
>>>  arch/x86/include/asm/cpufeatures.h | 1 +
>>>  arch/x86/kernel/cpu/scattered.c    | 1 +
>>>  2 files changed, 2 insertions(+)
>>>
>>> diff --git a/arch/x86/include/asm/cpufeatures.h
>>> b/arch/x86/include/asm/cpufeatures.h
>>> index adebdaa..624d978 100644
>>> --- a/arch/x86/include/asm/cpufeatures.h
>>> +++ b/arch/x86/include/asm/cpufeatures.h
>>> @@ -207,6 +207,7 @@
>>>  #define X86_FEATURE_RETPOLINE_AMD	( 7*32+13) /* AMD Retpoline
>>> mitigation for Spectre variant 2 */
>>>  #define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory
>>> Number */
>>>
>>> +#define X86_FEATURE_AMD_PRED_CMD	( 7*32+17) /* Prediction Command MSR
>>> (AMD) */

You should use the existing 0x80000008 EBX entry for this.

>>
>> Right, so this bit I've seen being called differently. Tom, can you
>> clarify pls?
> 
> Yeah, that's fat-fingered in a cut/paste in refactoring. Fixed in what I
> posted this morning. I would like to see public docs with it though...
> Tom?

I'm looking to see if we have our specification posted on a public link.
But, in the meantime, AMD will advertise all three features (IBRS, IBPB
and STIBP) in separate CPUID bits:

IBPB:  0x80000008 EBX[12]
IBRS:  0x80000008 EBX[14]
STIBP: 0x80000008 EBX[15]

And we will follow the Intel specification should we set the bits in
CPUID 0x7.

For example, IBPB support would be indicated by CPUID:
   0x80000008 EBX[12] || 0x7 EDX[26]

Thanks,
Tom

> 

Re: [PATCH 2/4] x86/cpufeatures: Add AMD feature bits for Prediction Command

[Borislav Petkov]

On Sun, Jan 21, 2018 at 11:36:32AM -0600, Tom Lendacky wrote:
> >>> +#define X86_FEATURE_AMD_PRED_CMD	( 7*32+17) /* Prediction Command MSR
> >>> (AMD) */
> 
> You should use the existing 0x80000008 EBX entry for this.

Right, and is the bit called "PredCmd" or so or simply "IBPB" ?

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.