patches/kernel/0255-x86-cpu-AMD-Make-LFENCE-a-serializing-instruction.patch

   1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
   2 From: Tom Lendacky <thomas.lendacky@amd.com>
   3 Date: Mon, 8 Jan 2018 16:09:21 -0600
   4 Subject: [PATCH] x86/cpu/AMD: Make LFENCE a serializing instruction
   5 MIME-Version: 1.0
   6 Content-Type: text/plain; charset=UTF-8
   7 Content-Transfer-Encoding: 8bit
   8
   9 CVE-2017-5754
  10
  11 To aid in speculation control, make LFENCE a serializing instruction
  12 since it has less overhead than MFENCE.  This is done by setting bit 1
  13 of MSR 0xc0011029 (DE_CFG).  Some families that support LFENCE do not
  14 have this MSR.  For these families, the LFENCE instruction is already
  15 serializing.
  16
  17 Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
  18 Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
  19 Reviewed-by: Reviewed-by: Borislav Petkov <bp@suse.de>
  20 Cc: Peter Zijlstra <peterz@infradead.org>
  21 Cc: Tim Chen <tim.c.chen@linux.intel.com>
  22 Cc: Dave Hansen <dave.hansen@intel.com>
  23 Cc: Borislav Petkov <bp@alien8.de>
  24 Cc: Dan Williams <dan.j.williams@intel.com>
  25 Cc: Linus Torvalds <torvalds@linux-foundation.org>
  26 Cc: Greg Kroah-Hartman <gregkh@linux-foundation.org>
  27 Cc: David Woodhouse <dwmw@amazon.co.uk>
  28 Cc: Paul Turner <pjt@google.com>
  29 Link: https://lkml.kernel.org/r/20180108220921.12580.71694.stgit@tlendack-t1.amdoffice.net
  30
  31 (cherry picked from commit e4d0e84e490790798691aaa0f2e598637f1867ec)
  32 Signed-off-by: Andy Whitcroft <apw@canonical.com>
  33 Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
  34 (cherry picked from commit bde943193168fe9a3814badaa0cae3422029dce5)
  35 Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
  36 ---
  37  arch/x86/include/asm/msr-index.h |  2 ++
  38  arch/x86/kernel/cpu/amd.c        | 10 ++++++++++
  39  2 files changed, 12 insertions(+)
  40
  41 diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
  42 index 5573c75f8e4c..25147df4acfc 100644
  43 --- a/arch/x86/include/asm/msr-index.h
  44 +++ b/arch/x86/include/asm/msr-index.h
  45 @@ -351,6 +351,8 @@
  46  #define FAM10H_MMIO_CONF_BASE_MASK     0xfffffffULL
  47  #define FAM10H_MMIO_CONF_BASE_SHIFT    20
  48  #define MSR_FAM10H_NODE_ID             0xc001100c
  49 +#define MSR_F10H_DECFG                 0xc0011029
  50 +#define MSR_F10H_DECFG_LFENCE_SERIALIZE_BIT    1
  51
  52  /* K8 MSRs */
  53  #define MSR_K8_TOP_MEM1                        0xc001001a
  54 diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
  55 index 2a5328cc03a6..c9a4e4db7860 100644
  56 --- a/arch/x86/kernel/cpu/amd.c
  57 +++ b/arch/x86/kernel/cpu/amd.c
  58 @@ -785,6 +785,16 @@ static void init_amd(struct cpuinfo_x86 *c)
  59                 set_cpu_cap(c, X86_FEATURE_K8);
  60
  61         if (cpu_has(c, X86_FEATURE_XMM2)) {
  62 +               /*
  63 +                * A serializing LFENCE has less overhead than MFENCE, so
  64 +                * use it for execution serialization.  On families which
  65 +                * don't have that MSR, LFENCE is already serializing.
  66 +                * msr_set_bit() uses the safe accessors, too, even if the MSR
  67 +                * is not present.
  68 +                */
  69 +               msr_set_bit(MSR_F10H_DECFG,
  70 +                           MSR_F10H_DECFG_LFENCE_SERIALIZE_BIT);
  71 +
  72                 /* MFENCE stops RDTSC speculation */
  73                 set_cpu_cap(c, X86_FEATURE_MFENCE_RDTSC);
  74         }
  75 --
  76 2.14.2
  77