From nobody Tue May 7 12:37:28 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1573725533; cv=none; d=zoho.com; s=zohoarc; b=R8EFCV4OzFaaEPfC5iquRWU7pgidkfK0gaSsjrNyBZJtGXigu0fpoA/DtwUx+hQUMTNy7vQ7yHgv+ua5TNB8LEWgu2nus6UmTDLywMP/4GhMbsVpi5YINUIDnhvrIeBkVh7JvCzKnU3qCYKLX226d6ac5Mme+eourHyjgmY1w3Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1573725533; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=korCIbfd7Q7Dyw6ght8zMQFAQq7YjEz2vgTXoheaepE=; b=B61eHTYVXv+XHZT8IQuw7E+qJPNo1T6jxD8DBMIe7sZgEAxyIhvBg2dyRtdwocBgufsFIb1ylIbtnGeRwAB77hndkJCCFtQRMn47yQDvDzv9P/j8BQZN1XelLyGWdGUx39mPATOa9ZV3Jf14E9KCnval+IsZX29Td78IqzsppLA= ARC-Authentication-Results: i=1; mx.zoho.com; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 157372553301072.54117180292133; Thu, 14 Nov 2019 01:58:53 -0800 (PST) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iVBsm-0006Cf-3v; Thu, 14 Nov 2019 09:57:44 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iVBsl-0006Ca-9C for xen-devel@lists.xenproject.org; Thu, 14 Nov 2019 09:57:43 +0000 Received: from mx1.suse.de (unknown [195.135.220.15]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 323986b0-06c5-11ea-b678-bc764e2007e4; Thu, 14 Nov 2019 09:57:41 +0000 (UTC) Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id C0FE2AE35; Thu, 14 Nov 2019 09:57:39 +0000 (UTC) X-Inumbo-ID: 323986b0-06c5-11ea-b678-bc764e2007e4 X-Virus-Scanned: by amavisd-new at test-mx.suse.de From: Juergen Gross To: xen-devel@lists.xenproject.org Date: Thu, 14 Nov 2019 10:57:37 +0100 Message-Id: <20191114095737.23287-1-jgross@suse.com> X-Mailer: git-send-email 2.16.4 Subject: [Xen-devel] [PATCH for-4.13] xen/x86: add debug key for printing vulnerability settings X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The only way to obtain the current vulnerability settings of Xen is to look at the hypervisor boot messages. Often enough the buffer has wrapped making it impossible to retrieve that information. Add a debug key 'b' (like "bugs") for that purpose. Signed-off-by: Juergen Gross --- This might want to go into 4.13 --- xen/arch/x86/pv/domain.c | 2 +- xen/arch/x86/spec_ctrl.c | 58 ++++++++++++++++++++++++++------------------= ---- 2 files changed, 32 insertions(+), 28 deletions(-) diff --git a/xen/arch/x86/pv/domain.c b/xen/arch/x86/pv/domain.c index 4b6f48dea2..3c930cffaa 100644 --- a/xen/arch/x86/pv/domain.c +++ b/xen/arch/x86/pv/domain.c @@ -343,7 +343,7 @@ int pv_domain_initialise(struct domain *d) return rc; } =20 -bool __init xpti_pcid_enabled(void) +bool xpti_pcid_enabled(void) { return use_invpcid && cpu_has_pcid && (opt_pcid =3D=3D PCID_ALL || opt_pcid =3D=3D PCID_XPTI); diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index aa632bdcee..dce101e9c3 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -18,6 +18,7 @@ */ #include #include +#include #include #include =20 @@ -35,8 +36,8 @@ static bool __initdata opt_msr_sc_pv =3D true; static bool __initdata opt_msr_sc_hvm =3D true; static bool __initdata opt_rsb_pv =3D true; static bool __initdata opt_rsb_hvm =3D true; -static int8_t __initdata opt_md_clear_pv =3D -1; -static int8_t __initdata opt_md_clear_hvm =3D -1; +static int8_t opt_md_clear_pv =3D -1; +static int8_t opt_md_clear_hvm =3D -1; =20 /* Cmdline controls for Xen's speculative settings. */ static enum ind_thunk { @@ -59,12 +60,15 @@ uint8_t __read_mostly default_xen_spec_ctrl; uint8_t __read_mostly default_spec_ctrl_flags; =20 paddr_t __read_mostly l1tf_addr_mask, __read_mostly l1tf_safe_maddr; -static bool __initdata cpu_has_bug_l1tf; -static unsigned int __initdata l1d_maxphysaddr; +static bool cpu_has_bug_l1tf; +static unsigned int l1d_maxphysaddr; =20 static bool __initdata cpu_has_bug_msbds_only; /* =3D> minimal HT impact. = */ static bool __initdata cpu_has_bug_mds; /* Any other M{LP,SB,FB}DS combina= tion. */ =20 +static enum ind_thunk __read_mostly thunk =3D THUNK_DEFAULT; +static uint64_t __read_mostly cached_caps; + static int __init parse_spec_ctrl(const char *s) { const char *ss; @@ -300,7 +304,7 @@ static __init int parse_pv_l1tf(const char *s) } custom_param("pv-l1tf", parse_pv_l1tf); =20 -static void __init print_details(enum ind_thunk thunk, uint64_t caps) +static void print_details(unsigned char key) { unsigned int _7d0 =3D 0, e8b =3D 0, tmp; =20 @@ -320,14 +324,14 @@ static void __init print_details(enum ind_thunk thunk= , uint64_t caps) (_7d0 & cpufeat_mask(X86_FEATURE_SSBD)) ? " SSBD" : "", (_7d0 & cpufeat_mask(X86_FEATURE_MD_CLEAR)) ? " MD_CLEAR" : "", (e8b & cpufeat_mask(X86_FEATURE_IBPB)) ? " IBPB" : "", - (caps & ARCH_CAPS_IBRS_ALL) ? " IBRS_ALL" : "", - (caps & ARCH_CAPS_RDCL_NO) ? " RDCL_NO" : "", - (caps & ARCH_CAPS_RSBA) ? " RSBA" : "", - (caps & ARCH_CAPS_SKIP_L1DFL) ? " SKIP_L1DFL": "", - (caps & ARCH_CAPS_SSB_NO) ? " SSB_NO" : "", - (caps & ARCH_CAPS_MDS_NO) ? " MDS_NO" : "", - (caps & ARCH_CAPS_TSX_CTRL) ? " TSX_CTRL" : "", - (caps & ARCH_CAPS_TAA_NO) ? " TAA_NO" : ""); + (cached_caps & ARCH_CAPS_IBRS_ALL) ? " IBRS_ALL" : "", + (cached_caps & ARCH_CAPS_RDCL_NO) ? " RDCL_NO" : "", + (cached_caps & ARCH_CAPS_RSBA) ? " RSBA" : "", + (cached_caps & ARCH_CAPS_SKIP_L1DFL) ? " SKIP_L1DFL": "", + (cached_caps & ARCH_CAPS_SSB_NO) ? " SSB_NO" : "", + (cached_caps & ARCH_CAPS_MDS_NO) ? " MDS_NO" : "", + (cached_caps & ARCH_CAPS_TSX_CTRL) ? " TSX_CTRL" : "", + (cached_caps & ARCH_CAPS_TAA_NO) ? " TAA_NO" : ""); =20 /* Compiled-in support which pertains to mitigations. */ if ( IS_ENABLED(CONFIG_INDIRECT_THUNK) || IS_ENABLED(CONFIG_SHADOW_PAG= ING) ) @@ -350,7 +354,7 @@ static void __init print_details(enum ind_thunk thunk, = uint64_t caps) (default_xen_spec_ctrl & SPEC_CTRL_IBRS) ? "IBRS+" : "IBRS-", !boot_cpu_has(X86_FEATURE_SSBD) ? "" : (default_xen_spec_ctrl & SPEC_CTRL_SSBD) ? " SSBD+" : " SSBD-", - !(caps & ARCH_CAPS_TSX_CTRL) ? "" : + !(cached_caps & ARCH_CAPS_TSX_CTRL) ? "" : (opt_tsx & 1) ? " TSX+" : " TSX-", opt_ibpb ? " IBPB" : "", opt_l1d_flush ? " L1D_FLUSH" : "", @@ -872,13 +876,11 @@ static __init void mds_calculations(uint64_t caps) =20 void __init init_speculation_mitigations(void) { - enum ind_thunk thunk =3D THUNK_DEFAULT; bool use_spec_ctrl =3D false, ibrs =3D false, hw_smt_enabled; bool cpu_has_bug_taa; - uint64_t caps =3D 0; =20 if ( boot_cpu_has(X86_FEATURE_ARCH_CAPS) ) - rdmsrl(MSR_ARCH_CAPABILITIES, caps); + rdmsrl(MSR_ARCH_CAPABILITIES, cached_caps); =20 hw_smt_enabled =3D check_smt_enabled(); =20 @@ -909,7 +911,7 @@ void __init init_speculation_mitigations(void) * On Intel hardware, we'd like to use retpoline in preference= to * IBRS, but only if it is safe on this hardware. */ - else if ( retpoline_safe(caps) ) + else if ( retpoline_safe(cached_caps) ) thunk =3D THUNK_RETPOLINE; else if ( boot_cpu_has(X86_FEATURE_IBRSB) ) ibrs =3D true; @@ -1016,9 +1018,9 @@ void __init init_speculation_mitigations(void) if ( default_xen_spec_ctrl ) setup_force_cpu_cap(X86_FEATURE_SC_MSR_IDLE); =20 - xpti_init_default(caps); + xpti_init_default(cached_caps); =20 - l1tf_calculations(caps); + l1tf_calculations(cached_caps); =20 /* * By default, enable PV domU L1TF mitigations on all L1TF-vulnerable @@ -1039,7 +1041,7 @@ void __init init_speculation_mitigations(void) if ( !boot_cpu_has(X86_FEATURE_L1D_FLUSH) ) opt_l1d_flush =3D 0; else if ( opt_l1d_flush =3D=3D -1 ) - opt_l1d_flush =3D cpu_has_bug_l1tf && !(caps & ARCH_CAPS_SKIP_L1DF= L); + opt_l1d_flush =3D cpu_has_bug_l1tf && !(cached_caps & ARCH_CAPS_SK= IP_L1DFL); =20 if ( opt_branch_harden ) setup_force_cpu_cap(X86_FEATURE_SC_BRANCH_HARDEN); @@ -1061,7 +1063,7 @@ void __init init_speculation_mitigations(void) "enabled. Please assess your configuration and choose an\n" "explicit 'smt=3D' setting. See XSA-273.\n"); =20 - mds_calculations(caps); + mds_calculations(cached_caps); =20 /* * By default, enable PV and HVM mitigations on MDS-vulnerable hardwar= e. @@ -1089,7 +1091,7 @@ void __init init_speculation_mitigations(void) setup_force_cpu_cap(X86_FEATURE_SC_VERW_PV); if ( opt_md_clear_pv || opt_md_clear_hvm ) setup_force_cpu_cap(X86_FEATURE_SC_VERW_IDLE); - if ( opt_md_clear_hvm && !(caps & ARCH_CAPS_SKIP_L1DFL) && !opt_l1d_fl= ush ) + if ( opt_md_clear_hvm && !(cached_caps & ARCH_CAPS_SKIP_L1DFL) && !opt= _l1d_flush ) setup_force_cpu_cap(X86_FEATURE_SC_VERW_HVM); =20 /* @@ -1121,8 +1123,8 @@ void __init init_speculation_mitigations(void) * we check both to spot TSX in a microcode/cmdline independent = way. */ cpu_has_bug_taa =3D - (cpu_has_rtm || (caps & ARCH_CAPS_TSX_CTRL)) && - (caps & (ARCH_CAPS_MDS_NO | ARCH_CAPS_TAA_NO)) =3D=3D ARCH_CAPS_MD= S_NO; + (cpu_has_rtm || (cached_caps & ARCH_CAPS_TSX_CTRL)) && + (cached_caps & (ARCH_CAPS_MDS_NO | ARCH_CAPS_TAA_NO)) =3D=3D ARCH_= CAPS_MDS_NO; =20 /* * On TAA-affected hardware, disabling TSX is the preferred mitigation= , vs @@ -1138,7 +1140,7 @@ void __init init_speculation_mitigations(void) * plausibly value TSX higher than Hyperthreading...), disable TSX to * mitigate TAA. */ - if ( opt_tsx =3D=3D -1 && cpu_has_bug_taa && (caps & ARCH_CAPS_TSX_CTR= L) && + if ( opt_tsx =3D=3D -1 && cpu_has_bug_taa && (cached_caps & ARCH_CAPS_= TSX_CTRL) && ((hw_smt_enabled && opt_smt) || !boot_cpu_has(X86_FEATURE_SC_VERW_IDLE)) ) { @@ -1149,7 +1151,7 @@ void __init init_speculation_mitigations(void) tsx_init(); } =20 - print_details(thunk, caps); + print_details('b'); =20 /* * If MSR_SPEC_CTRL is available, apply Xen's default setting and disc= ard @@ -1180,6 +1182,8 @@ void __init init_speculation_mitigations(void) =20 wrmsrl(MSR_SPEC_CTRL, bsp_delay_spec_ctrl ? 0 : default_xen_spec_c= trl); } + + register_keyhandler('b', print_details, "dump vulnerability details", = 1); } =20 static void __init __maybe_unused build_assertions(void) --=20 2.16.4 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel