On 31/05/2023 4:01 pm, Jon Kohler wrote: > Remove barrier_nospec(), which translates to LFENCE, in > vmx_spec_ctrl_restore_host() as RSB-barriers (as defined by [1]) > already exist prior to this point. > > This LFENCE was added on commit fc02735b14ff ("KVM: VMX: Prevent guest > RSB poisoning attacks with eIBRS") in the 5.19 timeframe; however, > commit 2b1299322016 ("x86/speculation: Add RSB VM Exit protections") in > 6.0 timeframe added a LFENCE for X86_FEATURE_RSB_VMEXIT_LITE was added > directly in vmx_vmexit, prior to CALL vmx_spec_ctrl_restore_host. > > For posterity, vmx_spec_ctrl_restore_host also will execute WRMSR to > IA32_SPEC_CTRL for X86_FEATURE_KERNEL_IBRS or when guest/host MSR value > does not match, which serves as an additional RSB-barrier. > > [1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/post-barrier-return-stack-buffer-predictions.html Yeah, unfortunately PBRSB is insidious. >From memory (please correct me if I'm wrong), the required safety property is this: After a VMExit (if IBRS was set prior to exit) or the write to MSR_SPEC_CTRL setting IBRS (if IBRS was not set prior to exit), one single CALL instruction must architecturally retire before any RET instructions execute (speculatively). There are several ways to arrange this, but they all basically boil down to having some serialising instruction between the first CALL and first RET on any reachable path from VMExit. ~Andrew