91 lines
4.0 KiB
Diff
91 lines
4.0 KiB
Diff
From 91439bd017c726a81577dd2bee789580f5bfdf35 Mon Sep 17 00:00:00 2001
|
|
From: Thomas Gleixner <tglx@linutronix.de>
|
|
Date: Fri, 1 Mar 2019 20:21:08 +0100
|
|
Subject: [PATCH 07/30] x86/speculation/mds: Add BUG_MSBDS_ONLY
|
|
|
|
commit e261f209c3666e842fd645a1e31f001c3a26def9 upstream
|
|
|
|
This bug bit is set on CPUs which are only affected by Microarchitectural
|
|
Store Buffer Data Sampling (MSBDS) and not by any other MDS variant.
|
|
|
|
This is important because the Store Buffers are partitioned between
|
|
Hyper-Threads so cross thread forwarding is not possible. But if a thread
|
|
enters or exits a sleep state the store buffer is repartitioned which can
|
|
expose data from one thread to the other. This transition can be mitigated.
|
|
|
|
That means that for CPUs which are only affected by MSBDS SMT can be
|
|
enabled, if the CPU is not affected by other SMT sensitive vulnerabilities,
|
|
e.g. L1TF. The XEON PHI variants fall into that category. Also the
|
|
Silvermont/Airmont ATOMs, but for them it's not really relevant as they do
|
|
not support SMT, but mark them for completeness sake.
|
|
|
|
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|
Reviewed-by: Frederic Weisbecker <frederic@kernel.org>
|
|
Reviewed-by: Jon Masters <jcm@redhat.com>
|
|
Tested-by: Jon Masters <jcm@redhat.com>
|
|
---
|
|
arch/x86/include/asm/cpufeatures.h | 1 +
|
|
arch/x86/kernel/cpu/common.c | 20 ++++++++++++--------
|
|
2 files changed, 13 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
|
|
index 1dc7b8129b55..69037da75ea0 100644
|
|
--- a/arch/x86/include/asm/cpufeatures.h
|
|
+++ b/arch/x86/include/asm/cpufeatures.h
|
|
@@ -380,5 +380,6 @@
|
|
#define X86_BUG_SPEC_STORE_BYPASS X86_BUG(17) /* CPU is affected by speculative store bypass attack */
|
|
#define X86_BUG_L1TF X86_BUG(18) /* CPU is affected by L1 Terminal Fault */
|
|
#define X86_BUG_MDS X86_BUG(19) /* CPU is affected by Microarchitectural data sampling */
|
|
+#define X86_BUG_MSBDS_ONLY X86_BUG(20) /* CPU is only affected by the MSDBS variant of BUG_MDS */
|
|
|
|
#endif /* _ASM_X86_CPUFEATURES_H */
|
|
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
|
|
index 0ea1e4bc3e20..1073118b9bf0 100644
|
|
--- a/arch/x86/kernel/cpu/common.c
|
|
+++ b/arch/x86/kernel/cpu/common.c
|
|
@@ -953,6 +953,7 @@ static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c)
|
|
#define NO_SSB BIT(2)
|
|
#define NO_L1TF BIT(3)
|
|
#define NO_MDS BIT(4)
|
|
+#define MSBDS_ONLY BIT(5)
|
|
|
|
#define VULNWL(_vendor, _family, _model, _whitelist) \
|
|
{ X86_VENDOR_##_vendor, _family, _model, X86_FEATURE_ANY, _whitelist }
|
|
@@ -976,16 +977,16 @@ static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
|
|
VULNWL_INTEL(ATOM_BONNELL, NO_SPECULATION),
|
|
VULNWL_INTEL(ATOM_BONNELL_MID, NO_SPECULATION),
|
|
|
|
- VULNWL_INTEL(ATOM_SILVERMONT, NO_SSB | NO_L1TF),
|
|
- VULNWL_INTEL(ATOM_SILVERMONT_X, NO_SSB | NO_L1TF),
|
|
- VULNWL_INTEL(ATOM_SILVERMONT_MID, NO_SSB | NO_L1TF),
|
|
- VULNWL_INTEL(ATOM_AIRMONT, NO_SSB | NO_L1TF),
|
|
- VULNWL_INTEL(XEON_PHI_KNL, NO_SSB | NO_L1TF),
|
|
- VULNWL_INTEL(XEON_PHI_KNM, NO_SSB | NO_L1TF),
|
|
+ VULNWL_INTEL(ATOM_SILVERMONT, NO_SSB | NO_L1TF | MSBDS_ONLY),
|
|
+ VULNWL_INTEL(ATOM_SILVERMONT_X, NO_SSB | NO_L1TF | MSBDS_ONLY),
|
|
+ VULNWL_INTEL(ATOM_SILVERMONT_MID, NO_SSB | NO_L1TF | MSBDS_ONLY),
|
|
+ VULNWL_INTEL(ATOM_AIRMONT, NO_SSB | NO_L1TF | MSBDS_ONLY),
|
|
+ VULNWL_INTEL(XEON_PHI_KNL, NO_SSB | NO_L1TF | MSBDS_ONLY),
|
|
+ VULNWL_INTEL(XEON_PHI_KNM, NO_SSB | NO_L1TF | MSBDS_ONLY),
|
|
|
|
VULNWL_INTEL(CORE_YONAH, NO_SSB),
|
|
|
|
- VULNWL_INTEL(ATOM_AIRMONT_MID, NO_L1TF),
|
|
+ VULNWL_INTEL(ATOM_AIRMONT_MID, NO_L1TF | MSBDS_ONLY),
|
|
|
|
VULNWL_INTEL(ATOM_GOLDMONT, NO_MDS | NO_L1TF),
|
|
VULNWL_INTEL(ATOM_GOLDMONT_X, NO_MDS | NO_L1TF),
|
|
@@ -1029,8 +1030,11 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
|
|
if (ia32_cap & ARCH_CAP_IBRS_ALL)
|
|
setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED);
|
|
|
|
- if (!cpu_matches(NO_MDS) && !(ia32_cap & ARCH_CAP_MDS_NO))
|
|
+ if (!cpu_matches(NO_MDS) && !(ia32_cap & ARCH_CAP_MDS_NO)) {
|
|
setup_force_cpu_bug(X86_BUG_MDS);
|
|
+ if (cpu_matches(MSBDS_ONLY))
|
|
+ setup_force_cpu_bug(X86_BUG_MSBDS_ONLY);
|
|
+ }
|
|
|
|
if (cpu_matches(NO_MELTDOWN))
|
|
return;
|