Re: [PATCH v1] x86/retpoline: Use lfence in the retpoline/RSB filling RSB macros

Sat, 13 Jan 2018 02:47:12 -0800 

On Fri, 2018-01-12 at 19:07 -0600, Tom Lendacky wrote:
> The pause instruction is currently used in the retpoline and RSB filling
> macros as a speculation trap.  The use of pause was originally suggested
> because it showed a very, very small difference in the amount of
> cycles/time used to execute the retpoline as compared to lfence.  On AMD,
> the pause instruction is not a serializing instruction, so the pause/jmp
> loop will use excess power as it is speculated over waiting for return
> to mispredict to the correct target.
> 
> The RSB filling macro is applicable to AMD, and, if software is unable to
> verify that lfence is serializing on AMD (possible when running under a
> hypervisor), the generic retpoline support will be used and, so, is also
> applicable to AMD.  Change the use of pause to lfence.
> 
> Signed-off-by: Tom Lendacky <thomas.lenda...@amd.com>

Conditionally-Acked-by: David Woodhouse <d...@amazon.co.uk>

The condition being, as noted, that I'd really like to see it acked by
Arjan/Asit and Paul.



> ---
>  arch/x86/include/asm/nospec-branch.h |   10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/x86/include/asm/nospec-branch.h 
> b/arch/x86/include/asm/nospec-branch.h
> index 402a11c..2c4a09a 100644
> --- a/arch/x86/include/asm/nospec-branch.h
> +++ b/arch/x86/include/asm/nospec-branch.h
> @@ -11,7 +11,7 @@
>   * Fill the CPU return stack buffer.
>   *
>   * Each entry in the RSB, if used for a speculative 'ret', contains an
> - * infinite 'pause; jmp' loop to capture speculative execution.
> + * infinite 'lfence; jmp' loop to capture speculative execution.
>   *
>   * This is required in various cases for retpoline and IBRS-based
>   * mitigations for the Spectre variant 2 vulnerability. Sometimes to
> @@ -37,12 +37,12 @@
>  771:                                         \
>       call    772f;                           \
>  773: /* speculation trap */                  \
> -     pause;                                  \
> +     lfence;                                 \
>       jmp     773b;                           \
>  772:                                         \
>       call    774f;                           \
>  775: /* speculation trap */                  \
> -     pause;                                  \
> +     lfence;                                 \
>       jmp     775b;                           \
>  774:                                         \
>       dec     reg;                            \
> @@ -72,7 +72,7 @@
>  .macro RETPOLINE_JMP reg:req
>       call    .Ldo_rop_\@
>  .Lspec_trap_\@:
> -     pause
> +     lfence
>       jmp     .Lspec_trap_\@
>  .Ldo_rop_\@:
>       mov     \reg, (%_ASM_SP)
> @@ -164,7 +164,7 @@
>       "       jmp    904f;\n"                                 \
>       "       .align 16\n"                                    \
>       "901:   call   903f;\n"                                 \
> -     "902:   pause;\n"                                       \
> +     "902:   lfence;\n"                                      \
>       "       jmp    902b;\n"                                 \
>       "       .align 16\n"                                    \
>       "903:   addl   $4, %%esp;\n"                            \
> 
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to