[RFC PATCH] x86/bugs: Explicitly clear IBRS MSR bit

Pawan Gupta pawan.kumar.gupta at linux.intel.com
Fri Nov 18 11:46:02 PST 2022 

On Fri, Nov 18, 2022 at 10:21:10AM -0800, Breno Leitao wrote:
>Currently x86_spec_ctrl_base is read at boot time, and SPEC_CTRL_IBRS
>bit is set if CONFIG_CPU_IBRS_ENTRY is enabled. There is no change in
>the bit if CONFIG_CPU_IBRS_ENTRY is not set.
>
>This is a problem when kexec-ing a kernel that has the mitigation
>disabled, from a kernel that has the mitigation enabled. In this case,
>the MSR bit is carried forward and not cleared at the boot of the new
>kernel. This might have some performance degradation that is hard to
>find.
>
>This problem does not happen if the machine is (hard) rebooted, because
>the bit will be cleared by default.
>
>Signed-off-by: Breno Leitao <leitao at debian.org>
>---
> arch/x86/kernel/cpu/bugs.c | 3 +++
> 1 file changed, 3 insertions(+)
>
>diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
>index 3e3230cccaa7..5b59e850de6e 100644
>--- a/arch/x86/kernel/cpu/bugs.c
>+++ b/arch/x86/kernel/cpu/bugs.c
>@@ -1451,6 +1451,9 @@ static void __init spectre_v2_select_mitigation(void)
> 	if (spectre_v2_in_ibrs_mode(mode)) {
> 		x86_spec_ctrl_base |= SPEC_CTRL_IBRS;
> 		write_spec_ctrl_current(x86_spec_ctrl_base, true);
>+	} else {
>+		x86_spec_ctrl_base = x86_spec_ctrl_base & (~SPEC_CTRL_IBRS);
>+		write_spec_ctrl_current(x86_spec_ctrl_base, true);

Can we solve this problem in a more generic way by clearing all the
known bits before any mitigation selection is done:

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 5b59e850de6e..26c612792150 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -137,8 +137,15 @@ void __init check_bugs(void)
  	 * have unknown values. AMD64_LS_CFG MSR is cached in the early AMD
  	 * init code as it is not enumerated and depends on the family.
  	 */
-	if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL))
+	if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL)) {
  		rdmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base);
+		/*
+		 * Previously running software may have some controls turned ON.
+		 * Clear them and let kernel decide which controls to use.
+		 */
+		x86_spec_ctrl_base &= ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD | SPEC_CTRL_RRSBA_DIS_S);
+		wrmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base);
+	}
  
  	/* Select the proper CPU mitigations before patching alternatives: */
  	spectre_v1_select_mitigation();

More information about the kexec mailing list