Re: [PATCH 3/7] x86/bugs: Fix BHI handling of RRSBA

From: Josh Poimboeuf
Date: Thu Apr 11 2024 - 12:21:34 EST

Next message: Jens Axboe: "[PATCH 188/437] scsi: hisi_sas: convert to read/write iterators"
Previous message: Jens Axboe: "[PATCH 187/437] scsi: fnic: convert to read/write iterators"
In reply to: Andrew Cooper: "Re: [PATCH 3/7] x86/bugs: Fix BHI handling of RRSBA"
Next in thread: Josh Poimboeuf: "[PATCH 4/7] x86/bugs: Clarify that syscall hardening isn't a BHI mitigation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 11, 2024 at 11:02:42AM +0100, Andrew Cooper wrote:
> > /* Disable in-kernel use of non-RSB RET predictors */
> > static void __init spec_ctrl_disable_kernel_rrsba(void)
> > {
> > - u64 ia32_cap;
> > + if (rrsba_disabled)
> > + return;
> > +
> > + if (!(ia32_cap & ARCH_CAP_RRSBA)) {
> > + rrsba_disabled = true;
> > + return;
> > + }
>
> You'll take this path if you have out-of-date microcode.
>
> RRSBA is only enumerated from September last year, IIRC. (Definitely
> from this point on some CPUs.)
>
> When RRSBA was introduced, I was under the (false) impression that all
> eIBRS systems suffered RRSBA, but it turns out that select parts
> (ICX,TGL,RKL) are non-RRSBA despite not having RRSBA_CTRL.

Hm, so the original code here had this problem too, right?

if (cpu_feature_enabled(X86_FEATURE_RETPOLINE) &&
!(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA))
return;

At this point I'm having a hard time caring about 7 months out-of-date
microcode, but is there a reasonable way to check for that?

--
Josh

Next message: Jens Axboe: "[PATCH 188/437] scsi: hisi_sas: convert to read/write iterators"
Previous message: Jens Axboe: "[PATCH 187/437] scsi: fnic: convert to read/write iterators"
In reply to: Andrew Cooper: "Re: [PATCH 3/7] x86/bugs: Fix BHI handling of RRSBA"
Next in thread: Josh Poimboeuf: "[PATCH 4/7] x86/bugs: Clarify that syscall hardening isn't a BHI mitigation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]