xenbits.xensource.com Git - xen.git/commit

author	Andrew Cooper <andrew.cooper3@citrix.com>
	Thu, 22 Jun 2023 22:32:19 +0000 (23:32 +0100)
committer	Andrew Cooper <andrew.cooper3@citrix.com>
	Tue, 12 Mar 2024 16:13:03 +0000 (16:13 +0000)
commit	d85481135d87abbbf1feab18b749288fa08b65f2
tree	3d45e316aaeb2b3a0e1cc187e9e0d11c49e0ea05	tree
parent	6663430b442fdf9698bd8e03f701a4547309ad71	commit \| diff

x86/spec-ctrl: Mitigation Register File Data Sampling

RFDS affects Atom cores, also branded E-cores, between the Goldmont and
Gracemont microarchitectures.  This includes Alder Lake and Raptor Lake hybrid
clien systems which have a mix of Gracemont and other types of cores.

Two new bits have been defined; RFDS_CLEAR to indicate VERW has more side
effets, and RFDS_NO to incidate that the system is unaffected.  Plenty of
unaffected CPUs won't be getting RFDS_NO retrofitted in microcode, so we
synthesise it.  Alder Lake and Raptor Lake Xeon-E's are unaffected due to
their platform configuration, and we must use the Hybrid CPUID bit to
distinguish them from their non-Xeon counterparts.

Like MD_CLEAR and FB_CLEAR, RFDS_CLEAR needs OR-ing across a resource pool, so
set it in the max policies and reflect the host setting in default.

This is part of XSA-452 / CVE-2023-28746.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
(cherry picked from commit fb5b6f6744713410c74cfc12b7176c108e3c9a31)

tools/misc/xen-cpuid.c		diff \| blob \| blame \| history
xen/arch/x86/cpu-policy.c		diff \| blob \| blame \| history
xen/arch/x86/include/asm/cpufeature.h		diff \| blob \| blame \| history
xen/arch/x86/include/asm/msr-index.h		diff \| blob \| blame \| history
xen/arch/x86/spec_ctrl.c		diff \| blob \| blame \| history
xen/include/public/arch-x86/cpufeatureset.h		diff \| blob \| blame \| history