[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
x86: AMD Zen1 Div leakage
- To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Wed, 9 Aug 2023 21:29:56 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xEt8omjjwLTnL1JJwmidvyJpcJrZfGvSCisXkJKiNmE=; b=JJDLNu8ch27kUEsDSePtZxMQEqpDvf35tYoYiyK3kuT8yM2B30kVOCOJVCZ2Rypbce/E50rIfn8j+GwkuWqo5PSW5fK29tTM12LHPSAvTKQknuQgQgbwfv3oV9qB8DigoHJOml+l76wJsyzzssdjWHLV0myVJpoKV7bdeqwJiBHtwKC9PkwdpVJnzgGB0Dxwo2TfqhDNAl//szDms7QeVsjg6agb+zad1X0NEyK0W5rh+/ANvUZy7Oi9pBXmjoUwiy+GnxeJdwbB9jvSeIN2ITIDNtepuQQTlIJGEowStCBIu/32kOFaRpO/mHcgg/6asfWbecpmRS3dgNDsJpkpdQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FZ7DqKcCxMbhNuY4JOU4MRtGh0wmOz3IpHWbSPqqMbZc1DhOqK863WOkzDHoslJlQxEphHi3pwUx5DTKNreLkdawNXNqr0jhs2geUBP2ZzNikAujBaximvzTNgnK6MYJl3z80Y9xWBWMdyC0EKR3G8NZtQmnJD/4UDUZaSjDxLPbziZYo58MixPu15FHxrl9DhyQPi9ghJZ79y3nq0ckX8CgZB/vOrXNFhI+TsOmBlgqfP+b49D8dtBQVSucGBH3W4Wk47p9yC+tDNhLxFJ75tRx7vb+OAhgaCFOTavPAgCwJbuUxoroTmZL37ouH0ej8/PSDeXYOgpbqbJ19G/QxA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
- Delivery-date: Wed, 09 Aug 2023 20:30:33 +0000
- Ironport-data: A9a23:4kvJgqjDrj62gNOmmctihhJeX161TREKZh0ujC45NGQN5FlHY01je htvUDvTa/vZZmX8f9p/Poixp0JSsZWAm4JrGwI6rHhjRSkb9cadCdqndUqhZCn6wu8v7q5Ex 55HNoSfdpBcolv0/ErF3m3J9CEkvU2wbuOgTrWCYmYpHlUMpB4J0XpLg/Q+jpNjne+3CgaMv cKai8DEMRqu1iUc3lg8sspvkzsx+qyr0N8klgZmP6sT7AePzyJ94K83fsldEVOpGuG4IcbiL wrz5OnR1n/U+R4rFuSknt7TGqHdauePVeQmoiM+t5mK2nCulARrukoIHKN0hXNsoyeIh7hMJ OBl7vRcf+uL0prkw4zxWzEAe8130DYvFLXveRBTuuTLp6HKnueFL1yDwyjaMKVBktubD12i+ tQDFCktawGnqtvr0eydE8o1qoMlD5LSadZ3VnFIlVk1DN4AaLWbGeDmwIQd2z09wMdTAfzZe swVLyJ1awjNaAFOPVFRD48imOCvhT/0dDgwRFC9/PJrpTSMilEvluSxWDbWUoXiqcF9t0CUv G/ZuU/+BQkXLoe3wjuZ6HO8wOTImEsXXapLTeLnrKIx2AT7Kmo7BQxKX2C3r8WAjHGlA9ltK 0ZI+yU+lP1nnKCsZpynN/Gim1aUsxhZV9dOHukS7ACW1rGS8wufHnIDTDNKdJohrsBebT4g2 0KNntjpLSdyq7DTQnWYnp+LqRuiNC5TKnUNDRLoViMA6tjn5Y021RTGS445FLbv1oGpXzbt3 zqNsS4ywa0JitIG3Lm6+laBhC+wop/OTUg+4QC/sn+Z0z6VrbWNP+SAgWU3J94ZcO51knHpU KA4pvWj
- Ironport-hdrordr: A9a23:Llz5QK4Zva1kCEaAnQPXwAzXdLJyesId70hD6qkQc3Fom62j5q WTdZEgvyMc5wx/ZJhNo7690cq7MBHhHPxOgbX5VI3KNGXbUQOTR72KhrGSoAEIdReeygZcv5 0QCZSXCrfLfCVHZRCR2njFLz4iquP3j5xBnY3lvhNQpZkBUdAZ0+9+YDzrdXFedU19KrcSMo GT3cZDryrIQwVtUizqbkN1OdQqvrfw5evbXSI=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
This popped up with insufficient time to organise a response before the
pile of fixes yesterday.
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html
Per my current understanding:
* There is a single integer divider in a Zen1 pipeline. When SMT is
active, it services uops from both threads.
* It latches the result of the last calculation performed, but forwards
said result transiently in the case of #DE (i.e. meltdown-like).
If this is accurate, then there's a nice covert channel between the two
threads, where they can communicate by issuing specific divides, without
ever leaving userspace. (It's easy to hide a #DE in the shadow of some
other misprediction, and not suffer a real divide exception.)
But, div isn't a serialising uop, so the advice of "don't divide
secrets" is tantamount to useless. Transient execution can pick up a
div uop from any misaligned instruction, and end up caculating on
arbitrary operands.
In SMT=0 cases, we can scrub in Xen by executing 0 / 1, and would need
to go in the same place as VERW on Intel (i.e. very late in the
return-to-guest path).
In SMT=1 cases, I can't see any fix. It's very much like L1TF/MDS, and
cooperating threads can snatch data a cycle or two after it was placed
in the channel.
As yet, I haven't started any patches to this effect, but it would be
nice to have more clarity from AMD first.
~Andrew
|