Re: [patch 15/24] x86/speculation: Add command line control for indirect branch speculation

Wed, 21 Nov 2018 15:43:37 -0800 

On Wed, Nov 21, 2018 at 09:14:45PM +0100, Thomas Gleixner wrote:
> Add command line control for application to application indirect branch
> speculation mitigations.
> 
> The initial options are:
> 
>     -  on:   Unconditionally enabled
>     - off:   Unconditionally disabled
>     -auto:   Kernel selects mitigation (default off for now)
> 
> When the spectre_v2= command line argument is either 'on' or 'off' this
> implies that the application to application control follows that state even
> if when a contradicting spectre_v2_app2app= argument is supplied.
> 
> Originally-by: Tim Chen <tim.c.c...@linux.intel.com>
> Signed-off-by: Thomas Gleixner <t...@linutronix.de>
> ---
>  Documentation/admin-guide/kernel-parameters.txt |   22 +++
>  arch/x86/include/asm/nospec-branch.h            |   10 +
>  arch/x86/kernel/cpu/bugs.c                      |  133 
> ++++++++++++++++++++----
>  3 files changed, 146 insertions(+), 19 deletions(-)

...

> +static void __init
> +spectre_v2_app2app_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
> +{
> +     enum spectre_v2_app2app_mitigation mode = SPECTRE_V2_APP2APP_NONE;
> +     bool smt_possible = IS_ENABLED(CONFIG_SMP);
> +
> +     if (!boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_STIBP))
> +             return;
> +
> +     if (cpu_smt_control == CPU_SMT_FORCE_DISABLED ||
> +         cpu_smt_control == CPU_SMT_NOT_SUPPORTED)
> +             smt_possible = false;
> +
> +     switch (spectre_v2_parse_app2app_cmdline(v2_cmd)) {
> +     case SPECTRE_V2_APP2APP_CMD_AUTO:
> +     case SPECTRE_V2_APP2APP_CMD_NONE:
> +             goto set_mode;
> +     case SPECTRE_V2_APP2APP_CMD_FORCE:
> +            mode = SPECTRE_V2_APP2APP_STRICT;
> +            break;
> +     }
> +
> +     /* Initialize Indirect Branch Prediction Barrier */
> +     if (boot_cpu_has(X86_FEATURE_IBPB)) {
> +             setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
> +             pr_info("Spectre v2 mitigation: Enabling Indirect Branch 
> Prediction Barrier\n");
> +     }

So AFAICT, if coming in here with AUTO, we won't enable IBPB and I
*think* AMD wants IBPB enabled. At least the whitepaper says:

"IBPB combined with Reptoline software support is the AMD recommended
setting for Linux mitigation of Google Project Zero Variant 2
(Spectre)."

from https://www.amd.com/en/corporate/security-updates

Tom, am I completely off base here?

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Reply via email to