Commit 92763281 authored by Tom Lendacky's avatar Tom Lendacky Committed by Marcelo Henrique Cerri

x86/cpu/AMD: Make the LFENCE instruction serialized

CVE-2017-5753
CVE-2017-5715

In order to reduce the impact of using MFENCE, make the execution of the
LFENCE instruction serialized.  This is done by setting bit 1 of MSR
0xc0011029 (DE_CFG).

Some families that support LFENCE do not have this MSR.  For these
families, the LFENCE instruction is already serialized.
Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: default avatarAndy Whitcroft <apw@canonical.com>
(backported from commit c8bd06975d1b15b5f81f684d9d3f926b60cd77a9)
Signed-off-by: default avatarAndy Whitcroft <apw@canonical.com>
parent a1c61c3a
...@@ -343,6 +343,8 @@ ...@@ -343,6 +343,8 @@
#define FAM10H_MMIO_CONF_BASE_MASK 0xfffffffULL #define FAM10H_MMIO_CONF_BASE_MASK 0xfffffffULL
#define FAM10H_MMIO_CONF_BASE_SHIFT 20 #define FAM10H_MMIO_CONF_BASE_SHIFT 20
#define MSR_FAM10H_NODE_ID 0xc001100c #define MSR_FAM10H_NODE_ID 0xc001100c
#define MSR_F10H_DECFG 0xc0011029
#define MSR_F10H_DECFG_LFENCE_SERIALIZE_BIT 1
/* K8 MSRs */ /* K8 MSRs */
#define MSR_K8_TOP_MEM1 0xc001001a #define MSR_K8_TOP_MEM1 0xc001001a
......
...@@ -746,8 +746,17 @@ static void init_amd(struct cpuinfo_x86 *c) ...@@ -746,8 +746,17 @@ static void init_amd(struct cpuinfo_x86 *c)
set_cpu_cap(c, X86_FEATURE_K8); set_cpu_cap(c, X86_FEATURE_K8);
if (cpu_has_xmm2) { if (cpu_has_xmm2) {
/* MFENCE stops RDTSC speculation */ /*
set_cpu_cap(c, X86_FEATURE_MFENCE_RDTSC); * Use LFENCE for execution serialization. On some families
* LFENCE is already serialized and the MSR is not available,
* but msr_set_bit() uses rdmsrl_safe() and wrmsrl_safe().
*/
if (c->x86 > 0xf)
msr_set_bit(MSR_F10H_DECFG,
MSR_F10H_DECFG_LFENCE_SERIALIZE_BIT);
/* LFENCE with MSR_F10H_DECFG[1]=1 stops RDTSC speculation */
set_cpu_cap(c, X86_FEATURE_LFENCE_RDTSC);
} }
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment