This is the very beginning the work to start using AMD hardware speculative
controls on Zen2 or later.

The extent of the work is very tangled, and breaks down roughly like this:

1) Teach Xen to use AMD's MSR_SPEC_CTRL and context switch per vCPU.  It
   requires editing the common MSR_SPEC_CTRL logic, at which point it would be
   short sighted not to include Intel's eIBRS at the same time.
2) Expose MSR_SPEC_CTRL to AMD guests, along with all the hint bits.
3) Implement MSR_VIRT_SPEC_CTRL for guests, in terms of MSR_SPEC_CTRL.SSBD.
   Will be off by default on Zen2 and later, but needs to be usable for
   migration compatibility.
4) Implement legacy Memory Disambiguation context switching for pre-Zen2
   parts, and expose MSR_VIRT_SPEC_CTRL to guests on older parts.

In terms of end results, this is what the hardware feature look like on
various generations of AMD CPU:

Fam15h (Opteron 6212):
  (XEN) Speculative mitigation facilities:
  (XEN)   Hardware hints:
  (XEN)   Hardware features: IBPB
  (XEN)   Compiled-in support: INDIRECT_THUNK SHADOW_PAGING
  (XEN)   Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN
  (XEN)   Support for HVM VMs: RSB
  (XEN)   Support for PV VMs: RSB
  (XEN)   XPTI (64-bit PV only): Dom0 disabled, DomU disabled (without PCID)
  (XEN)   PV L1TF shadowing: Dom0 disabled, DomU disabled

Zen1:
  (XEN) Speculative mitigation facilities:
  (XEN)   Hardware hints:
  (XEN)   Hardware features: IBPB
  (XEN)   Compiled-in support: INDIRECT_THUNK SHADOW_PAGING
  (XEN)   Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN
  (XEN)   Support for HVM VMs: RSB
  (XEN)   Support for PV VMs: RSB
  (XEN)   XPTI (64-bit PV only): Dom0 disabled, DomU disabled (without PCID)
  (XEN)   PV L1TF shadowing: Dom0 disabled, DomU disabled

Zen2:
  (XEN) Speculative mitigation facilities:
  (XEN)   Hardware hints: IBRS_FAST IBRS_SAME_MODE
  (XEN)   Hardware features: IBPB IBRS STIBP SSBD
  (XEN)   Compiled-in support: INDIRECT_THUNK SHADOW_PAGING
  (XEN)   Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN
  (XEN)   Support for HVM VMs: RSB
  (XEN)   Support for PV VMs: RSB
  (XEN)   XPTI (64-bit PV only): Dom0 disabled, DomU disabled (without PCID)
  (XEN)   PV L1TF shadowing: Dom0 disabled, DomU disabled

Zen3:
  (XEN) Speculative mitigation facilities:
  (XEN)   Hardware hints: STIBP_ALWAYS IBRS_FAST IBRS_SAME_MODE
  (XEN)   Hardware features: IBPB IBRS STIBP SSBD PSFD
  (XEN)   Compiled-in support: INDIRECT_THUNK SHADOW_PAGING
  (XEN)   Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN
  (XEN)   Support for HVM VMs: RSB
  (XEN)   Support for PV VMs: RSB
  (XEN)   XPTI (64-bit PV only): Dom0 disabled, DomU disabled (with PCID)
  (XEN)   PV L1TF shadowing: Dom0 disabled, DomU disabled

Although full support for all of this is a way off yet.

To start with, make the existing `spec-ctrl=no-ssbd` command line option
actually work on Zen3.

Andrew Cooper (3):
  x86/spec-ctrl: Split the "Hardware features" diagnostic line
  x86/amd: Enumeration for speculative features/hints
  x86/amd: Use newer SSBD mechanisms if they exist

 tools/libs/light/libxl_cpuid.c              | 10 +++++
 tools/misc/xen-cpuid.c                      |  8 +++-
 xen/arch/x86/cpu/amd.c                      | 69 +++++++++++++++++++++--------
 xen/arch/x86/cpu/cpu.h                      |  1 +
 xen/arch/x86/cpu/hygon.c                    | 10 +----
 xen/arch/x86/hvm/svm/svm.c                  |  1 +
 xen/arch/x86/hvm/svm/vmcb.c                 |  1 +
 xen/arch/x86/spec_ctrl.c                    | 44 +++++++++++-------
 xen/include/asm-x86/cpufeature.h            |  5 +++
 xen/include/asm-x86/hvm/svm/svm.h           |  2 +
 xen/include/asm-x86/hvm/svm/vmcb.h          |  4 +-
 xen/include/asm-x86/msr-index.h             |  3 ++
 xen/include/public/arch-x86/cpufeatureset.h | 10 +++++
 13 files changed, 122 insertions(+), 46 deletions(-)

-- 
2.11.0