Re: [PATCH 2/2] x86: KVM: Advertise AMD's speculation control features

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 11/15/2024 2:32 PM, Jim Mattson wrote:
On Fri, Nov 15, 2024 at 12:13 PM Moger, Babu <bmoger@xxxxxxx> wrote:

Hi Maksim,


On 11/13/2024 7:30 AM, Maksim Davydov wrote:
It seems helpful to expose to userspace some speculation control features
from 0x80000008_EBX function:
* 16 bit. IBRS always on. Indicates whether processor prefers that
    IBRS is always on. It simplifies speculation managing.

Spec say bit 16 is reserved.

16 Reserved

https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/programmer-references/57238.zip

The APM volume 3 ( 24594—Rev. 3.36—March 2024) declares this bit as
"Processor prefers that STIBP be left on." Once a bit has been
documented like that, you have to assume that software has been
written that expects those semantics. AMD does not have the option of
undocumenting the bit.  You can deprecate it, but it now has the
originally documented semantics until the end of time.

Yes. Agreed.


* 18 bit. IBRS is preferred over software solution. Indicates that
    software mitigations can be replaced with more performant IBRS.
* 19 bit. IBRS provides Same Mode Protection. Indicates that when IBRS
    is set indirect branch predictions are not influenced by any prior
    indirect branches.
* 29 bit. BTC_NO. Indicates that processor isn't affected by branch type
    confusion. It's used during mitigations setting up.
* 30 bit. IBPB clears return address predictor. It's used during
    mitigations setting up.

Signed-off-by: Maksim Davydov <davydov-max@xxxxxxxxxxxxxx>
---
   arch/x86/include/asm/cpufeatures.h | 3 +++
   arch/x86/kvm/cpuid.c               | 5 +++--
   2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index 2f8a858325a4..f5491bba75fc 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -340,7 +340,10 @@
   #define X86_FEATURE_AMD_IBPB                (13*32+12) /* Indirect Branch Prediction Barrier */
   #define X86_FEATURE_AMD_IBRS                (13*32+14) /* Indirect Branch Restricted Speculation */
   #define X86_FEATURE_AMD_STIBP               (13*32+15) /* Single Thread Indirect Branch Predictors */
+#define X86_FEATURE_AMD_IBRS_ALWAYS_ON       (13*32+16) /* Indirect Branch Restricted Speculation always-on preferred */

You might have to remove this.

No; it's fine. The bit can never be used for anything else.

That is true.
But, Hardware does not report this bit yet (at least on my system). So, I am thinking it may not be required to add at this point.


   #define X86_FEATURE_AMD_STIBP_ALWAYS_ON     (13*32+17) /* Single Thread Indirect Branch Predictors always-on preferred */
+#define X86_FEATURE_AMD_IBRS_PREFERRED       (13*32+18) /* Indirect Branch Restricted Speculation is preferred over SW solution */
+#define X86_FEATURE_AMD_IBRS_SMP     (13*32+19) /* Indirect Branch Restricted Speculation provides Same Mode Protection */
   #define X86_FEATURE_AMD_PPIN                (13*32+23) /* "amd_ppin" Protected Processor Inventory Number */
   #define X86_FEATURE_AMD_SSBD                (13*32+24) /* Speculative Store Bypass Disable */
   #define X86_FEATURE_VIRT_SSBD               (13*32+25) /* "virt_ssbd" Virtualized Speculative Store Bypass Disable */
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 30ce1bcfc47f..5b2d52913b18 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -754,8 +754,9 @@ void kvm_set_cpu_caps(void)
       kvm_cpu_cap_mask(CPUID_8000_0008_EBX,
               F(CLZERO) | F(XSAVEERPTR) |
               F(WBNOINVD) | F(AMD_IBPB) | F(AMD_IBRS) | F(AMD_SSBD) | F(VIRT_SSBD) |
-             F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_STIBP_ALWAYS_ON) |
-             F(AMD_PSFD)
+             F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_IBRS_ALWAYS_ON) |
+             F(AMD_STIBP_ALWAYS_ON) | F(AMD_IBRS_PREFERRED) |
+             F(AMD_IBRS_SMP) | F(AMD_PSFD) | F(BTC_NO) | F(AMD_IBPB_RET)
       );

       /*

--
- Babu Moger



--
- Babu Moger




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux