From: Ramakrishna Saripalli <rsaripal@amd.com>
To: <linux-kernel@vger.kernel.org>, <x86@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>
Cc: <rsaripal@amd.com>
Subject: [PATCH 1/5] x86/cpufeatures: Define feature bits to support mitigation of PSF
Date: Tue, 6 Apr 2021 10:50:00 -0500 [thread overview]
Message-ID: <20210406155004.230790-2-rsaripal@amd.com> (raw)
In-Reply-To: <20210406155004.230790-1-rsaripal@amd.com>
From: Ramakrishna Saripalli <rk.saripalli@amd.com>
Certain AMD processors feature a new technology called Predictive Store
Forwarding (PSF).
PSF is a micro-architectural optimization designed to improve the
performance of code execution by predicting dependencies between
loads and stores.
Incorrect PSF predictions can occur due to two reasons.
- It is possible that the load/store pair may have had dependency for
a while but the dependency has stopped because the address in the
load/store pair has changed.
- Second source of incorrect PSF prediction can occur because of an alias
in the PSF predictor structure stored in the microarchitectural state.
PSF predictor tracks load/store pair based on portions of instruction
pointer. It is possible that a load/store pair which does have a
dependency may be aliased by another load/store pair which does not have
the same dependency. This can result in incorrect speculation.
Software may be able to detect this aliasing and perform side-channel
attacks.
These features are being introduced to support mitigation from these attacks.
All CPUs that implement PSF provide one bit to disable this feature.
If the bit to disable this feature is available, it means that the CPU
implements PSF feature and is therefore vulnerable to PSF risks.
The bits that are introduced
X86_FEATURE_AMD_PSFD: CPUID_Fn80000008_EBX[28] ("PSF disable")
If this bit is 1, CPU implements PSF and PSF mitigation is
supported.
X86_FEATURE_PSFD: Generic Linux feature to indicate the CPU supports
controls to mitigate PSF.
X86_FEATURE_PSFD is set if and only if X86_FEATURE_AMD_PSFD
is set
X86_BUG_PSF: Generic Linux feature to indicate that the CPU is affected
by the PSF feature.
Signed-off-by: Ramakrishna Saripalli<rk.saripalli@amd.com>
---
arch/x86/include/asm/cpufeatures.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index cc96e26d69f7..21e7f8d0d7d9 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -201,7 +201,7 @@
#define X86_FEATURE_INVPCID_SINGLE ( 7*32+ 7) /* Effectively INVPCID && CR4.PCIDE=1 */
#define X86_FEATURE_HW_PSTATE ( 7*32+ 8) /* AMD HW-PState */
#define X86_FEATURE_PROC_FEEDBACK ( 7*32+ 9) /* AMD ProcFeedbackInterface */
-/* FREE! ( 7*32+10) */
+#define X86_FEATURE_PSFD ( 7*32+10) /* Predictive Store Forward Disable */
#define X86_FEATURE_PTI ( 7*32+11) /* Kernel Page Table Isolation enabled */
#define X86_FEATURE_RETPOLINE ( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */
#define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* "" AMD Retpoline mitigation for Spectre variant 2 */
@@ -309,6 +309,7 @@
#define X86_FEATURE_AMD_SSBD (13*32+24) /* "" Speculative Store Bypass Disable */
#define X86_FEATURE_VIRT_SSBD (13*32+25) /* Virtualized Speculative Store Bypass Disable */
#define X86_FEATURE_AMD_SSB_NO (13*32+26) /* "" Speculative Store Bypass is fixed in hardware. */
+#define X86_FEATURE_AMD_PSFD (13*32+28) /* "" Predictive Store Forward Disable */
/* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */
#define X86_FEATURE_DTHERM (14*32+ 0) /* Digital Thermal Sensor */
@@ -428,5 +429,6 @@
#define X86_BUG_TAA X86_BUG(22) /* CPU is affected by TSX Async Abort(TAA) */
#define X86_BUG_ITLB_MULTIHIT X86_BUG(23) /* CPU may incur MCE during certain page attribute changes */
#define X86_BUG_SRBDS X86_BUG(24) /* CPU may leak RNG bits if not mitigated */
+#define X86_BUG_PSF X86_BUG(25) /* CPU is affected by Predictive Store Forwarding attack */
#endif /* _ASM_X86_CPUFEATURES_H */
--
2.25.1
next prev parent reply other threads:[~2021-04-06 15:50 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-06 15:49 [PATCH 0/5] Introduce support for PSF mitigation Ramakrishna Saripalli
2021-04-06 15:50 ` Ramakrishna Saripalli [this message]
2021-04-09 17:41 ` [PATCH 1/5] x86/cpufeatures: Define feature bits to support mitigation of PSF Borislav Petkov
2021-04-09 18:22 ` Saripalli, RK
2021-04-09 19:39 ` Borislav Petkov
2021-04-09 19:45 ` Saripalli, RK
2021-04-09 20:19 ` Borislav Petkov
2021-04-09 20:29 ` Saripalli, RK
2021-04-06 15:50 ` [PATCH 2/5] x86/speculation: Implement support for PSFD detection and reporting Ramakrishna Saripalli
2021-04-06 15:50 ` [PATCH 3/5] x86/speculation: Introduce SPEC_CTRL_MSR bit for PSFD Ramakrishna Saripalli
2021-04-06 15:50 ` [PATCH 4/5] x86/speculation: Implement PSF mitigation support Ramakrishna Saripalli
2021-04-06 15:50 ` [PATCH 5/5] x86/speculation: Add PSF mitigation kernel parameters Ramakrishna Saripalli
2021-04-06 17:26 ` [PATCH 0/5] Introduce support for PSF mitigation Borislav Petkov
2021-04-07 22:39 ` Josh Poimboeuf
2021-04-08 14:56 ` Saripalli, RK
2021-04-09 9:07 ` Borislav Petkov
2021-04-09 16:45 ` Josh Poimboeuf
2021-04-09 16:50 ` Saripalli, RK
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210406155004.230790-2-rsaripal@amd.com \
--to=rsaripal@amd.com \
--cc=bp@alien8.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).