target/ppc/translate.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)
Signed-off-by: Greg Kurz <groug@kaod.org>
---
target/ppc/translate.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 576210d901ad..badc1ae1a35d 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -3753,7 +3753,15 @@ static void gen_bcond(DisasContext *ctx, int type)
* All ISAs up to v3 describe this form of bcctr as invalid but
* some processors, ie. 64-bit server processors compliant with
* arch 2.x, do implement a "test and decrement" logic instead,
- * as described in their respective UMs.
+ * as described in their respective UMs. This logic involves CTR
+ * to act as both the branch target and a counter, which makes
+ * it basically useless and thus never used in real code.
+ *
+ * This form was hence chosen to trigger extra micro-architectural
+ * side-effect on real HW needed for the Spectre v2 workaround.
+ * It is up to guests that implement such workaround, ie. linux, to
+ * use this form in a way it just triggers the side-effect without
+ * doing anything else harmful.
*/
if (unlikely(!is_book3s_arch2x(ctx))) {
gen_inval_exception(ctx, POWERPC_EXCP_INVAL_INVAL);
On Tue, Mar 26, 2019 at 11:21:11AM +0100, Greg Kurz wrote: > Signed-off-by: Greg Kurz <groug@kaod.org> Applied, thanks. > --- > target/ppc/translate.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/target/ppc/translate.c b/target/ppc/translate.c > index 576210d901ad..badc1ae1a35d 100644 > --- a/target/ppc/translate.c > +++ b/target/ppc/translate.c > @@ -3753,7 +3753,15 @@ static void gen_bcond(DisasContext *ctx, int type) > * All ISAs up to v3 describe this form of bcctr as invalid but > * some processors, ie. 64-bit server processors compliant with > * arch 2.x, do implement a "test and decrement" logic instead, > - * as described in their respective UMs. > + * as described in their respective UMs. This logic involves CTR > + * to act as both the branch target and a counter, which makes > + * it basically useless and thus never used in real code. > + * > + * This form was hence chosen to trigger extra micro-architectural > + * side-effect on real HW needed for the Spectre v2 workaround. > + * It is up to guests that implement such workaround, ie. linux, to > + * use this form in a way it just triggers the side-effect without > + * doing anything else harmful. > */ > if (unlikely(!is_book3s_arch2x(ctx))) { > gen_inval_exception(ctx, POWERPC_EXCP_INVAL_INVAL); > -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
© 2016 - 2024 Red Hat, Inc.