Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/arch/amd64 Two changes in the CPU mitigations:



details:   https://anonhg.NetBSD.org/src/rev/fb39b400e408
branches:  trunk
changeset: 456611:fb39b400e408
user:      maxv <maxv%NetBSD.org@localhost>
date:      Sat May 18 13:32:12 2019 +0000

description:
Two changes in the CPU mitigations:

 * Micro-optimize: put every mitigation in the same branch. This removes
   two branches in each exc/int return path, and removes all branches in
   the syscall return path.

 * Modify the SpectreV2 mitigation to be compatible with SpectreV4. I
   recently realized that both couldn't be enabled at the same time on
   Intel. This is because initially, when there was just SpectreV2, we
   could reset the whole IA32_SPEC_CTRL MSR. But then Intel added another
   bit in it for SpectreV4, so it isn't right to reset it entirely
   anymore. SSBD needs to stay.

diffstat:

 sys/arch/amd64/amd64/amd64_trap.S |  28 ++++++++++++++++++-------
 sys/arch/amd64/amd64/locore.S     |  42 +++++++++++++++-----------------------
 sys/arch/amd64/include/frameasm.h |  10 ++++----
 3 files changed, 42 insertions(+), 38 deletions(-)

diffs (232 lines):

diff -r ecb2d7c24b1a -r fb39b400e408 sys/arch/amd64/amd64/amd64_trap.S
--- a/sys/arch/amd64/amd64/amd64_trap.S Sat May 18 10:38:04 2019 +0000
+++ b/sys/arch/amd64/amd64/amd64_trap.S Sat May 18 13:32:12 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: amd64_trap.S,v 1.47 2019/05/14 16:59:25 maxv Exp $     */
+/*     $NetBSD: amd64_trap.S,v 1.48 2019/05/18 13:32:12 maxv Exp $     */
 
 /*
  * Copyright (c) 1998, 2007, 2008, 2017 The NetBSD Foundation, Inc.
@@ -253,7 +253,12 @@
        ZTRAP_NJ(T_NMI)
        subq    $TF_REGSIZE,%rsp
        INTR_SAVE_GPRS
+
+       testb   $SEL_UPL,TF_CS(%rsp)
+       jz      1f
        IBRS_ENTER
+1:
+
        cld
        SMAP_ENABLE
        movw    %gs,TF_GS(%rsp)
@@ -281,9 +286,13 @@
        call    _C_LABEL(nmitrap)
 
 .Lnmileave:
+       testb   $SEL_UPL,TF_CS(%rsp)
+       jz      1f
        MDS_LEAVE
+       IBRS_LEAVE
+1:
+
        SVS_LEAVE_NMI
-       IBRS_LEAVE
        INTR_RESTORE_GPRS
        addq    $TF_REGSIZE+16,%rsp
        iretq
@@ -353,12 +362,15 @@
        TRAP_NJ(T_DOUBLEFLT)
        subq    $TF_REGSIZE,%rsp
        INTR_SAVE_GPRS
-       IBRS_ENTER
-       SVS_ENTER_ALTSTACK
+
        testb   $SEL_UPL,TF_CS(%rsp)
        jz      1f
+       IBRS_ENTER
        swapgs
 1:
+
+       SVS_ENTER_ALTSTACK
+
        cld
        SMAP_ENABLE
        movw    %gs,TF_GS(%rsp)
@@ -370,15 +382,15 @@
        incq    CPUVAR(NTRAP)
        call    _C_LABEL(doubletrap)
 
+       testb   $SEL_UPL,TF_CS(%rsp)
+       jz      1f
        MDS_LEAVE
        SVS_LEAVE_ALTSTACK
        IBRS_LEAVE
-       INTR_RESTORE_GPRS
-
-       testb   $SEL_UPL,TF_CS(%rsp)
-       jz      1f
        swapgs
 1:
+
+       INTR_RESTORE_GPRS
        addq    $TF_REGSIZE+16,%rsp
        iretq
 #endif
diff -r ecb2d7c24b1a -r fb39b400e408 sys/arch/amd64/amd64/locore.S
--- a/sys/arch/amd64/amd64/locore.S     Sat May 18 10:38:04 2019 +0000
+++ b/sys/arch/amd64/amd64/locore.S     Sat May 18 13:32:12 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: locore.S,v 1.184 2019/05/18 07:58:58 maxv Exp $        */
+/*     $NetBSD: locore.S,v 1.185 2019/05/18 13:32:12 maxv Exp $        */
 
 /*
  * Copyright-o-rama!
@@ -1574,25 +1574,26 @@
        .type intrfastexit,@function
 LABEL(intrfastexit)
        NOT_XEN(cli;)
+
+       testb   $SEL_UPL,TF_CS(%rsp)
+       jz      .Lkexit
+
        MDS_LEAVE
        SVS_LEAVE
        IBRS_LEAVE
        INTR_RESTORE_GPRS
        addq    $(TF_REGSIZE+16),%rsp   /* iret frame */
+       SWAPGS
 
-       testb   $SEL_UPL,TF_BACKW(TF_CS, %rsp)
-       jz      .Lkexit
        cmpw    $LSEL(LUCODE_SEL, SEL_UPL),TF_BACKW(TF_CS, %rsp)
-       je      .Luexit64
+       je      do_iret
        cmpw    $GSEL(GUCODE_SEL, SEL_UPL),TF_BACKW(TF_CS, %rsp)
-       je      .Luexit64
+       je      do_iret
 #ifdef XENPV
        cmpw    $FLAT_RING3_CS64,TF_BACKW(TF_CS, %rsp)
-       je      .Luexit64
+       je      do_iret
 #endif
 
-.Luexit32:
-       SWAPGS
 do_mov_es:
        movw    TF_BACKW(TF_ES, %rsp),%es
 do_mov_ds:
@@ -1603,13 +1604,13 @@
 do_mov_gs:
        movw    TF_BACKW(TF_GS, %rsp),%gs
 #endif
-       jmp     .Lkexit
 
-.Luexit64:
-       SWAPGS
+do_iret:
+       iretq
 
 .Lkexit:
-do_iret:
+       INTR_RESTORE_GPRS
+       addq    $(TF_REGSIZE+16),%rsp   /* iret frame */
        iretq
 END(intrfastexit)
 
@@ -1643,12 +1644,9 @@
 LABEL(svs_enter_nmi_end)
 
 LABEL(svs_leave)
-       testb   $SEL_UPL,TF_CS(%rsp)
-       jz      1234f
        movq    CPUVAR(URSP0),%rsp
        movq    CPUVAR(UPDIRPA),%rax
        movq    %rax,%cr3
-1234:
 LABEL(svs_leave_end)
 
 LABEL(svs_leave_altstack)
@@ -1671,20 +1669,17 @@
        /* IBRS <- 1 */
 LABEL(ibrs_enter)
        movl    $MSR_IA32_SPEC_CTRL,%ecx
-       movl    $IA32_SPEC_CTRL_IBRS,%eax
-       movl    $(IA32_SPEC_CTRL_IBRS >> 32),%edx
+       rdmsr
+       orl     $IA32_SPEC_CTRL_IBRS,%eax
        wrmsr
 LABEL(ibrs_enter_end)
 
        /* IBRS <- 0 */
 LABEL(ibrs_leave)
-       testb   $SEL_UPL,TF_CS(%rsp)
-       jz      1234f
        movl    $MSR_IA32_SPEC_CTRL,%ecx
-       xorl    %eax,%eax
-       xorl    %edx,%edx
+       rdmsr
+       andl    $~IA32_SPEC_CTRL_IBRS,%eax
        wrmsr
-1234:
 LABEL(ibrs_leave_end)
 
 LABEL(noibrs_enter)
@@ -1698,12 +1693,9 @@
        .globl  mds_leave, mds_leave_end
 
 LABEL(mds_leave)
-       testb   $SEL_UPL,TF_CS(%rsp)
-       jz      1234f
        pushq   $GSEL(GDATA_SEL, SEL_KPL)
        verw    (%rsp)
        addq    $8,%rsp
-1234:
 LABEL(mds_leave_end)
 
 LABEL(nomds_leave)
diff -r ecb2d7c24b1a -r fb39b400e408 sys/arch/amd64/include/frameasm.h
--- a/sys/arch/amd64/include/frameasm.h Sat May 18 10:38:04 2019 +0000
+++ b/sys/arch/amd64/include/frameasm.h Sat May 18 13:32:12 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: frameasm.h,v 1.43 2019/05/14 16:59:25 maxv Exp $       */
+/*     $NetBSD: frameasm.h,v 1.44 2019/05/18 13:32:12 maxv Exp $       */
 
 #ifndef _AMD64_MACHINE_FRAMEASM_H
 #define _AMD64_MACHINE_FRAMEASM_H
@@ -70,7 +70,7 @@
  * IBRS
  */
 
-#define IBRS_ENTER_BYTES       17
+#define IBRS_ENTER_BYTES       12
 #define IBRS_ENTER \
        HOTPATCH(HP_NAME_IBRS_ENTER, IBRS_ENTER_BYTES)          ; \
        NOIBRS_ENTER
@@ -78,7 +78,7 @@
        .byte 0xEB, (IBRS_ENTER_BYTES-2)        /* jmp */       ; \
        .fill   (IBRS_ENTER_BYTES-2),1,0xCC
 
-#define IBRS_LEAVE_BYTES       21
+#define IBRS_LEAVE_BYTES       12
 #define IBRS_LEAVE \
        HOTPATCH(HP_NAME_IBRS_LEAVE, IBRS_LEAVE_BYTES)          ; \
        NOIBRS_LEAVE
@@ -90,7 +90,7 @@
  * MDS
  */
 
-#define MDS_LEAVE_BYTES        20
+#define MDS_LEAVE_BYTES        10
 #define MDS_LEAVE \
        HOTPATCH(HP_NAME_MDS_LEAVE, MDS_LEAVE_BYTES)            ; \
        NOMDS_LEAVE
@@ -156,7 +156,7 @@
        HOTPATCH(HP_NAME_SVS_ENTER, SVS_ENTER_BYTES)    ; \
        NOSVS_ENTER
 
-#define SVS_LEAVE_BYTES        31
+#define SVS_LEAVE_BYTES        21
 #define NOSVS_LEAVE \
        .byte 0xEB, (SVS_LEAVE_BYTES-2) /* jmp */       ; \
        .fill   (SVS_LEAVE_BYTES-2),1,0xCC



Home | Main Index | Thread Index | Old Index