Commit 80e4c1cd authored by Thomas Gleixner's avatar Thomas Gleixner Committed by Peter Zijlstra
Browse files

x86/retbleed: Add X86_FEATURE_CALL_DEPTH 



Intel SKL CPUs fall back to other predictors when the RSB underflows. The
only microcode mitigation is IBRS which is insanely expensive. It comes
with performance drops of up to 30% depending on the workload.

A way less expensive, but nevertheless horrible mitigation is to track the
call depth in software and overeagerly fill the RSB when returns underflow
the software counter.

Provide a configuration symbol and a CPU misfeature bit.

Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lore.kernel.org/r/20220915111147.056176424@infradead.org
parent bea75b33

arch/x86/Kconfig

+19 −0
Original line number Diff line number Diff line
@@ -2523,6 +2523,25 @@ config CPU_UNRET_ENTRY 
	help

	  Compile the kernel with support for the retbleed=unret mitigation.



config CALL_DEPTH_TRACKING

	bool "Mitigate RSB underflow with call depth tracking"

	depends on CPU_SUP_INTEL && HAVE_CALL_THUNKS

	select HAVE_DYNAMIC_FTRACE_NO_PATCHABLE

	select CALL_THUNKS

	default y

	help

	  Compile the kernel with call depth tracking to mitigate the Intel

	  SKL Return-Speculation-Buffer (RSB) underflow issue. The

	  mitigation is off by default and needs to be enabled on the

	  kernel command line via the retbleed=stuff option. For

	  non-affected systems the overhead of this option is marginal as

	  the call depth tracking is using run-time generated call thunks

	  in a compiler generated padding area and call patching. This

	  increases text size by ~5%. For non affected systems this space

	  is unused. On affected SKL systems this results in a significant

	  performance gain over the IBRS mitigation.





config CPU_IBPB_ENTRY

	bool "Enable IBPB on kernel entry"

	depends on CPU_SUP_AMD && X86_64

arch/x86/include/asm/cpufeatures.h

+1 −0
Original line number Diff line number Diff line
@@ -304,6 +304,7 @@ 
#define X86_FEATURE_UNRET		(11*32+15) /* "" AMD BTB untrain return */

#define X86_FEATURE_USE_IBPB_FW		(11*32+16) /* "" Use IBPB during runtime firmware calls */

#define X86_FEATURE_RSB_VMEXIT_LITE	(11*32+17) /* "" Fill RSB on VM exit when EIBRS is enabled */

#define X86_FEATURE_CALL_DEPTH		(11*32+18) /* "" Call depth tracking for RSB stuffing */



/* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */

#define X86_FEATURE_AVX_VNNI		(12*32+ 4) /* AVX VNNI instructions */

arch/x86/include/asm/disabled-features.h

+8 −1
Original line number Diff line number Diff line
@@ -69,6 +69,12 @@ 
# define DISABLE_UNRET		(1 << (X86_FEATURE_UNRET & 31))

#endif



#ifdef CONFIG_CALL_DEPTH_TRACKING

# define DISABLE_CALL_DEPTH_TRACKING	0

#else

# define DISABLE_CALL_DEPTH_TRACKING	(1 << (X86_FEATURE_CALL_DEPTH & 31))

#endif



#ifdef CONFIG_INTEL_IOMMU_SVM

# define DISABLE_ENQCMD		0

#else
@@ -101,7 +107,8 @@ 
#define DISABLED_MASK8	(DISABLE_TDX_GUEST)

#define DISABLED_MASK9	(DISABLE_SGX)

#define DISABLED_MASK10	0

#define DISABLED_MASK11	(DISABLE_RETPOLINE|DISABLE_RETHUNK|DISABLE_UNRET)

#define DISABLED_MASK11	(DISABLE_RETPOLINE|DISABLE_RETHUNK|DISABLE_UNRET| \

			 DISABLE_CALL_DEPTH_TRACKING)

#define DISABLED_MASK12	0

#define DISABLED_MASK13	0

#define DISABLED_MASK14	0