[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] x86/SVM: restrict hardware SSBD update upon guest VIRT_SPEC_CTRL write

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Fri, 9 Dec 2022 10:59:26 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xORGWa/PrkmSH7TG7scmXXVlksUsjoPw2X4myDpJmvc=; b=fXIP69BiaVZZH3pR/NRn7QFMKoUo0dIIFVGi29xsKAhRu1VTmjyCcpcoT3NocFIisZGJAMXchL938pmiPwsHHuNbx/fQNpRrLpuDvuzddpb8rFCZQxvWGMWIugahGkA1+rs09FGid12IAHq+JokfU+WuovWl01EmzPom0Hwy7vTXLQ5qg3tpAdTKuRu2ar9t/faZqUOzzOjFoLkBp+RN6SRpUWrxTnC1bR4k6Hmuts9FLniWtc62STckmhLYSeFy2itskqW41OQbvAKtVOz4xXcsUg0LPGVXXSDDEhSwSjQuQBjlSyDGk3hfny9FxY3HjE3/ofx1a2VMSe5EEoWgtA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hXjxmY9L/qxMlAATPilGjiNrJ/askKvt+OGhTmQZlFv8uV+ZrFCuHb0wViBL8W6q6czcz5ft83NrDT9QaALV6P+iHEZ1MBjrgR28V9GRUdeB9vDGCnQ19iRQdbY+aOJlwIUoIXITfuUnXC1Syw2gaqjF082VKknl2AvJSuo1eZUHEcHnfLYR7GVI7bhPlq7dZjp3cclQbatjQAnuv+IWh+NdIpSSHoI18nLrLvxAt5MUiJAUUJfmcCKd1tzRQin0iLlq8wSc7sfr3OwYA19sn59hx5HM4JWrkV8UpFziTVM7NZpL9n2ILnsC+E1F7BetQjNsJ4LeW7LFBRM2SNESIA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Fri, 09 Dec 2022 09:59:57 +0000
  • Ironport-data: A9a23:uMYyJKxwJgR/67lkErN6t+cQxyrEfRIJ4+MujC+fZmUNrF6WrkUAm 2QaUGGFMveLZ2H8Kt4nO4qxph9Qu5Ddm9ViTgtt/iAxQypGp/SeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUFUjP3OHfykTbaeYUidfCc8IA85kxVvhuUltYBhhNm9Emult Mj75sbSIzdJ4RYtWo4vw//F+U0HUMja4mtC5AVkPaET5TcyqlFOZH4hDfDpR5fHatE88t6SH 47r0Ly/92XFyBYhYvvNfmHTKxBirhb6ZGBiu1IOM0SQqkEqSh8ai87XAME0e0ZP4whlqvgqo Dl7WT5cfi9yVkHEsLx1vxC1iEiSN4UekFPMCSDXXcB+UyQq2pYjqhljJBheAGEWxgp4KVxFp fs9MRYsVSigle67ze34Y+s22Nt2eaEHPKtH0p1h5RfwKK9/BLrlE+DN79Ie2yosjMdTG/qYf 9AedTdkcBXHZVtIJ0sTD5U92uyvgxETcRUB8A7T+fVxvjiVlVIhuFTuGIO9ltiiX8Jak1zev mvb12/4HgsbJJqUzj/tHneE1rGSxH+rA956+LuQycUyumWs2FYpV0c0bUL85uKbhF63RIcKQ 6AT0m90xUQoz2SpRNTgWxyzoFafowURHdFXFoUS+AyLj6bZ/QudLmwFVSJaLswrstcsQj4n3 UPPmMnmbRRwtJWFRHTb8a2bxQ5eIgAQJG4GICUCHQ0M5oC6pJlp10yfCNF+DKSyk9v5Xynqx CyHpzQ/gLNVitMX06K8/hbMhDfESoX1czPZLz7/BgqNhj6Vrqb8D2B0wTA3Ncp9Ebs=
  • Ironport-hdrordr: A9a23:nxgYr6A0ozZEqe7lHem955DYdb4zR+YMi2TDtnoddfUxSKfzqy nApoV56faKskdyZJhNo7690cq7LU80l6QU3WB5B97LYOCMggSVxe9ZjLcKygeQfhHDyg==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Thu, Dec 08, 2022 at 12:24:54PM +0100, Jan Beulich wrote:
> core_set_legacy_ssbd() counts the number of times SSBD is being enabled
> via LS_CFG on a core. This assumes that calls there only occur if the
> state actually changes. While svm_ctxt_switch_{to,from}() conform to
> this, guest_wrmsr() doesn't: It also calls the function when the bit
> doesn't actually change. Extend the conditional there accordingly.
> 
> Fixes: b2030e6730a2 ("amd/virt_ssbd: set SSBD at vCPU context switch")
> Reported-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> ---
> This is the less intrusive but more fragile variant of a fix. The
> alternative would be to have core_set_legacy_ssbd() record per-thread
> state, such that the necessary checking can be done there.

Hm, yes, it's going to take a bit more of memory to keep track of
this.

> This wants properly testing on affected hardware. From Andrew's
> description it's also not clear whether this really is addressing that
> problem, or yet another one in this same area.
> 
> --- a/xen/arch/x86/msr.c
> +++ b/xen/arch/x86/msr.c
> @@ -699,12 +699,16 @@ int guest_wrmsr(struct vcpu *v, uint32_t
>          }
>          else

I think you could turn this into an `else if` and check if the new
value and the current one differ on the SSBD bit?

Provided it fixes the issue:

Acked-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.