On Fri, Oct 27, 2023 at 05:32:03PM +0200, Borislav Petkov wrote:
> On Fri, Oct 27, 2023 at 07:38:40AM -0700, Pawan Gupta wrote:
> > 1. Kernel data accessed by an NMI between VERW and return-to-user can
> > remain in CPU buffers ( since NMI returning to kernel does not
>
> Some leftover '('
Ok.
> > In preparation for moving VERW to entry/exit asm code, create macros
> > that can be used in asm. Also make them depend on a new feature flag
> > X86_FEATURE_CLEAR_CPU_BUF.
>
> The macros don't depend on the feature flag - VERW patching is done
> based on it.
Will fix.
> > @@ -20,3 +23,17 @@ SYM_FUNC_END(entry_ibpb)
> > EXPORT_SYMBOL_GPL(entry_ibpb);
> >
> > .popsection
> > +
> > +.pushsection .entry.text, "ax"
> > +
> > +.align L1_CACHE_BYTES, 0xcc
> > +SYM_CODE_START_NOALIGN(mds_verw_sel)
>
> That weird thing needs a comment explaining what it is for.
Right.
> > +#define X86_FEATURE_CLEAR_CPU_BUF (11*32+27) /* "" Clear CPU buffers */
>
> ... using VERW
Ok.
> > +/*
> > + * Macros to execute VERW instruction that mitigate transient data sampling
> > + * attacks such as MDS. On affected systems a microcode update overloaded VERW
> > + * instruction to also clear the CPU buffers. VERW clobbers CFLAGS.ZF.
> > + *
> > + * Note: Only the memory operand variant of VERW clears the CPU buffers.
> > + */
> > +.macro EXEC_VERW
> > + verw _ASM_RIP(mds_verw_sel)
> > +.endm
> > +
> > +.macro CLEAR_CPU_BUFFERS
> > + ALTERNATIVE "", __stringify(EXEC_VERW), X86_FEATURE_CLEAR_CPU_BUF
> > +.endm
>
> Why can't this simply be:
>
> .macro CLEAR_CPU_BUFFERS
> ALTERNATIVE "", "verw mds_verw_sel(%rip)", X86_FEATURE_CLEAR_CPU_BUF
This will not work in 32-bit mode that uses the same macro.
Thanks for the review.
