Re: [PATCH v1] x86/retpoline: Use lfence in the retpoline/RSB filling RSB macros

From: Woodhouse, David
Date: Sat Jan 13 2018 - 05:46:57 EST

Next message: Ingo Molnar: "Re: [PATCH] kdump: Write a correct address of mem_section into vmcoreinfo"
Previous message: Mauro Carvalho Chehab: "Re: dvb usb issues since kernel 4.9"
In reply to: tip-bot for Tom Lendacky: "[tip:x86/pti] x86/retpoline: Use LFENCE instead of PAUSE in the retpoline/RSB filling RSB macros"
Next in thread: Van De Ven, Arjan: "RE: [PATCH v1] x86/retpoline: Use lfence in the retpoline/RSB filling RSB macros"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2018-01-12 at 19:07 -0600, Tom Lendacky wrote:
> The pause instruction is currently used in the retpoline and RSB filling
> macros as a speculation trap.ÂÂThe use of pause was originally suggested
> because it showed a very, very small difference in the amount of
> cycles/time used to execute the retpoline as compared to lfence.ÂÂOn AMD,
> the pause instruction is not a serializing instruction, so the pause/jmp
> loop will use excess power as it is speculated over waiting for return
> to mispredict to the correct target.
>
> The RSB filling macro is applicable to AMD, and, if software is unable to
> verify that lfence is serializing on AMD (possible when running under a
> hypervisor), the generic retpoline support will be used and, so, is also
> applicable to AMD.ÂÂChange the use of pause to lfence.
>
> Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>

Conditionally-Acked-by: David Woodhouse <dwmw@xxxxxxxxxxxx>

The condition being, as noted, that I'd really like to see it acked by
Arjan/Asit and Paul.

> ---
> Âarch/x86/include/asm/nospec-branch.h |ÂÂÂ10 +++++-----
> Â1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
> index 402a11c..2c4a09a 100644
> --- a/arch/x86/include/asm/nospec-branch.h
> +++ b/arch/x86/include/asm/nospec-branch.h
> @@ -11,7 +11,7 @@
> Â * Fill the CPU return stack buffer.
> Â *
> Â * Each entry in the RSB, if used for a speculative 'ret', contains an
> - * infinite 'pause; jmp' loop to capture speculative execution.
> + * infinite 'lfence; jmp' loop to capture speculative execution.
> Â *
> Â * This is required in various cases for retpoline and IBRS-based
> Â * mitigations for the Spectre variant 2 vulnerability. Sometimes to
> @@ -37,12 +37,12 @@
> Â771: \
> Â call 772f; \
> Â773: /* speculation trap */ \
> - pause; \
> + lfence; \
> Â jmp 773b; \
> Â772: \
> Â call 774f; \
> Â775: /* speculation trap */ \
> - pause; \
> + lfence; \
> Â jmp 775b; \
> Â774: \
> Â dec reg; \
> @@ -72,7 +72,7 @@
> Â.macro RETPOLINE_JMP reg:req
> Â call .Ldo_rop_\@
> Â.Lspec_trap_\@:
> - pause
> + lfence
> Â jmp .Lspec_trap_\@
> Â.Ldo_rop_\@:
> Â mov \reg, (%_ASM_SP)
> @@ -164,7 +164,7 @@
> Â "ÂÂÂÂÂÂÂjmpÂÂÂÂ904f;\n" \
> Â "ÂÂÂÂÂÂÂ.align 16\n" \
> Â "901: callÂÂÂ903f;\n" \
> - "902: pause;\n" \
> + "902: lfence;\n" \
> Â "ÂÂÂÂÂÂÂjmpÂÂÂÂ902b;\n" \
> Â "ÂÂÂÂÂÂÂ.align 16\n" \
> Â "903: addlÂÂÂ$4, %%esp;\n" \
>
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Ingo Molnar: "Re: [PATCH] kdump: Write a correct address of mem_section into vmcoreinfo"
Previous message: Mauro Carvalho Chehab: "Re: dvb usb issues since kernel 4.9"
In reply to: tip-bot for Tom Lendacky: "[tip:x86/pti] x86/retpoline: Use LFENCE instead of PAUSE in the retpoline/RSB filling RSB macros"
Next in thread: Van De Ven, Arjan: "RE: [PATCH v1] x86/retpoline: Use lfence in the retpoline/RSB filling RSB macros"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]