Re: [PATCH v2 1/6] x86/bugs: Add asm helpers for executing VERW
From: Peter Zijlstra
Date: Wed Oct 25 2023 - 02:58:58 EST
On Tue, Oct 24, 2023 at 09:00:29PM -0700, Pawan Gupta wrote:
> diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
> index c55cc243592e..ed8218e2d9a7 100644
> --- a/arch/x86/include/asm/nospec-branch.h
> +++ b/arch/x86/include/asm/nospec-branch.h
> @@ -13,6 +13,7 @@
> #include <asm/unwind_hints.h>
> #include <asm/percpu.h>
> #include <asm/current.h>
> +#include <asm/segment.h>
>
> /*
> * Call depth tracking for Intel SKL CPUs to address the RSB underflow
> @@ -329,6 +330,29 @@
> #endif
> .endm
>
> +/*
> + * Macros to execute VERW instruction that mitigate transient data sampling
> + * attacks such as MDS. On affected systems a microcode update overloaded VERW
> + * instruction to also clear the CPU buffers. VERW clobbers CFLAGS.ZF.
> + *
> + * Note: Only the memory operand variant of VERW clears the CPU buffers.
> + */
> +.pushsection .rodata
> +.align 64
> +mds_verw_sel:
> + .word __KERNEL_DS
> + .byte 0xcc
> +.align 64
> +.popsection
This should not be in a header file, you'll get an instance of this per
translation unit, not what you want.
> +
> +.macro EXEC_VERW
> + verw _ASM_RIP(mds_verw_sel)
> +.endm
> +
> +.macro CLEAR_CPU_BUFFERS
> + ALTERNATIVE "", __stringify(EXEC_VERW), X86_FEATURE_CLEAR_CPU_BUF
> +.endm
> +
> #else /* __ASSEMBLY__ */