diff options
| author | Andrew Cooper <andrew.cooper3@citrix.com> | 2022-01-21 15:59:03 +0000 |
|---|---|---|
| committer | Andrew Cooper <andrew.cooper3@citrix.com> | 2022-02-04 15:45:25 +0000 |
| commit | e7ccc7a8ab92502a12dc31f652b0ca3b1be04b7e (patch) | |
| tree | bafb5f205eee584af0c4f5bc77e277c95779c676 | |
| parent | 6ef732726add103ee8f63293e326ad43b1643239 (diff) | |
x86/spec-ctrl: Use common MSR_SPEC_CTRL logic for AMD
Currently, amd_init_ssbd() works by being the only write to MSR_SPEC_CTRL in
the system. This ceases to be true when using the common logic.
Include AMD MSR_SPEC_CTRL in has_spec_ctrl to activate the common paths, and
introduce an AMD specific block to control alternatives. Also update the
boot/resume paths to configure default_xen_spec_ctrl.
svm.h needs an adjustment to remove a dependency on include order.
For now, only active alternatives for HVM - PV will require more work. No
functional change, as no alternatives are defined yet for HVM yet.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
(cherry picked from commit 378f2e6df31442396f0afda19794c5c6091d96f9)
| -rw-r--r-- | xen/arch/x86/acpi/power.c | 2 | ||||
| -rw-r--r-- | xen/arch/x86/cpu/amd.c | 2 | ||||
| -rw-r--r-- | xen/arch/x86/smpboot.c | 2 | ||||
| -rw-r--r-- | xen/arch/x86/spec_ctrl.c | 26 | ||||
| -rw-r--r-- | xen/include/asm-x86/hvm/svm/svm.h | 3 |
5 files changed, 30 insertions, 5 deletions
diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c index bac9c16389..d4bdc3e7df 100644 --- a/xen/arch/x86/acpi/power.c +++ b/xen/arch/x86/acpi/power.c @@ -295,7 +295,7 @@ static int enter_state(u32 state) /* Re-enabled default NMI/#MC use of MSR_SPEC_CTRL. */ ci->spec_ctrl_flags |= (default_spec_ctrl_flags & SCF_ist_wrmsr); - if ( boot_cpu_has(X86_FEATURE_IBRSB) ) + if ( boot_cpu_has(X86_FEATURE_IBRSB) || boot_cpu_has(X86_FEATURE_IBRS) ) { wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl); ci->last_spec_ctrl = default_xen_spec_ctrl; diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c index f87484b7ce..a8e37dbb1f 100644 --- a/xen/arch/x86/cpu/amd.c +++ b/xen/arch/x86/cpu/amd.c @@ -693,7 +693,7 @@ void amd_init_ssbd(const struct cpuinfo_x86 *c) return; if (cpu_has_amd_ssbd) { - wrmsrl(MSR_SPEC_CTRL, opt_ssbd ? SPEC_CTRL_SSBD : 0); + /* Handled by common MSR_SPEC_CTRL logic */ return; } diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c index ee3e86cc78..54237c6c6d 100644 --- a/xen/arch/x86/smpboot.c +++ b/xen/arch/x86/smpboot.c @@ -379,7 +379,7 @@ void start_secondary(void *unused) * settings. Note: These MSRs may only become available after loading * microcode. */ - if ( boot_cpu_has(X86_FEATURE_IBRSB) ) + if ( boot_cpu_has(X86_FEATURE_IBRSB) || boot_cpu_has(X86_FEATURE_IBRS) ) { wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl); info->last_spec_ctrl = default_xen_spec_ctrl; diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index b2fd86ebe5..ee862089b7 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -22,6 +22,7 @@ #include <xen/param.h> #include <xen/warning.h> +#include <asm/hvm/svm/svm.h> #include <asm/microcode.h> #include <asm/msr.h> #include <asm/pv/domain.h> @@ -936,7 +937,8 @@ void __init init_speculation_mitigations(void) hw_smt_enabled = check_smt_enabled(); - has_spec_ctrl = boot_cpu_has(X86_FEATURE_IBRSB); + has_spec_ctrl = (boot_cpu_has(X86_FEATURE_IBRSB) || + boot_cpu_has(X86_FEATURE_IBRS)); /* * First, disable the use of retpolines if Xen is using shadow stacks, as @@ -1031,12 +1033,32 @@ void __init init_speculation_mitigations(void) } } + /* AMD hardware: MSR_SPEC_CTRL alternatives setup. */ + if ( boot_cpu_has(X86_FEATURE_IBRS) ) + { + /* + * Virtualising MSR_SPEC_CTRL for guests depends on SVM support, which + * on real hardware matches the availability of MSR_SPEC_CTRL in the + * first place. + * + * No need for SCF_ist_wrmsr because Xen's value is restored + * atomically WRT NMIs in the VMExit path. + * + * TODO: Adjust cpu_has_svm_spec_ctrl to be usable earlier on boot. + */ + if ( opt_msr_sc_hvm && + (boot_cpu_data.extended_cpuid_level >= 0x8000000a) && + (cpuid_edx(0x8000000a) & (1u << SVM_FEATURE_SPEC_CTRL)) ) + setup_force_cpu_cap(X86_FEATURE_SC_MSR_HVM); + } + /* If we have IBRS available, see whether we should use it. */ if ( has_spec_ctrl && ibrs ) default_xen_spec_ctrl |= SPEC_CTRL_IBRS; /* If we have SSBD available, see whether we should use it. */ - if ( boot_cpu_has(X86_FEATURE_SSBD) && opt_ssbd ) + if ( opt_ssbd && (boot_cpu_has(X86_FEATURE_SSBD) || + boot_cpu_has(X86_FEATURE_AMD_SSBD)) ) default_xen_spec_ctrl |= SPEC_CTRL_SSBD; /* diff --git a/xen/include/asm-x86/hvm/svm/svm.h b/xen/include/asm-x86/hvm/svm/svm.h index 05e9685026..09c32044ec 100644 --- a/xen/include/asm-x86/hvm/svm/svm.h +++ b/xen/include/asm-x86/hvm/svm/svm.h @@ -45,6 +45,9 @@ static inline void svm_invlpga(unsigned long linear, uint32_t asid) "a" (linear), "c" (asid)); } +struct cpu_user_regs; +struct vcpu; + unsigned long *svm_msrbit(unsigned long *msr_bitmap, uint32_t msr); void __update_guest_eip(struct cpu_user_regs *regs, unsigned int inst_len); void svm_update_guest_cr(struct vcpu *, unsigned int cr, unsigned int flags); |