From 5ea301faa3cfe658171797fb5bf613c74edfe943 Mon Sep 17 00:00:00 2001 From: Konrad Rzeszutek Wilk Date: Mon, 29 Jan 2018 13:08:20 -0500 Subject: [PATCH] x86/spec_ctrl: Add 'nolfence' knob to disable fallback for spectre_v2 mitigation If 'noibrs' is used, or the hardware does not have IBRS microcode we fallback on using 'lfence' on every system call/interrupt/exception/etc. This can dramatically slow down the performance. As a knob to measure this provide 'nolfence' which will also disable this security big hammer. OraBug: 27472666 Reviewed-by: John Haxby Signed-off-by: Konrad Rzeszutek Wilk --- Documentation/kernel-parameters.txt | 8 +++++++- arch/x86/include/asm/spec_ctrl.h | 15 ++++++++++++++- arch/x86/kernel/cpu/bugs_64.c | 5 +++++ 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 5bce7f616884..1afb0d9106bd 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -2357,13 +2357,19 @@ bytes respectively. Such letter suffixes can also be entirely omitted. noibrs [X86] Don't use indirect branch restricted speculation (IBRS) feature when running in secure environment, - to avoid performance overhead. + to avoid performance overhead. Disabling this will fallback + on using lfence. noibpb [X86] Don't use indirect branch prediction barrier (IBPB) feature when running in secure environment, to avoid performance overhead. + nolfence [X86] + Don't use lfence on every system call/interrupt/exception + if noibrs has been specified. This is used to avoid + performance overhead. + nosmap [X86] Disable SMAP (Supervisor Mode Access Prevention) even if it is supported by processor. diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h index 97bdadcecfec..891a569b55cb 100644 --- a/arch/x86/include/asm/spec_ctrl.h +++ b/arch/x86/include/asm/spec_ctrl.h @@ -9,7 +9,7 @@ #define SPEC_CTRL_IBRS_INUSE (1<<0) /* OS enables IBRS usage */ #define SPEC_CTRL_IBRS_SUPPORTED (1<<1) /* System supports IBRS */ #define SPEC_CTRL_IBRS_ADMIN_DISABLED (1<<2) /* Admin disables IBRS */ - +#define SPEC_CTRL_LFENCE_OFF (1<<3) /* No lfence */ #ifdef __ASSEMBLY__ .extern use_ibrs @@ -133,6 +133,8 @@ __ASM_ENABLE_IBRS jmp 20f 7: + testl $SPEC_CTRL_LFENCE_OFF, use_ibrs + jnz 20f lfence 20: .endm @@ -143,6 +145,8 @@ __ASM_ENABLE_IBRS_CLOBBER jmp 21f 11: + testl $SPEC_CTRL_LFENCE_OFF, use_ibrs + jnz 21f lfence 21: .endm @@ -161,6 +165,8 @@ jmp 22f 12: movl $SPEC_CTRL_FEATURE_ENABLE_IBRS, \save_reg + testl $SPEC_CTRL_LFENCE_OFF, use_ibrs + jnz 22f lfence 22: .endm @@ -178,6 +184,8 @@ wrmsr jmp 23f 13: + testl $SPEC_CTRL_LFENCE_OFF, use_ibrs + jnz 23f lfence 23: .endm @@ -254,6 +262,11 @@ static inline void clear_ibrs_disabled(void) set_ibrs_inuse(); } +static inline void set_lfence_disabled(void) +{ + use_ibrs |= SPEC_CTRL_LFENCE_OFF; +} + /* indicate usage of IBPB to control execution speculation */ extern int use_ibpb; extern u32 sysctl_ibpb_enabled; diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c index ecf137d89839..b54a1cc6e91e 100644 --- a/arch/x86/kernel/cpu/bugs_64.c +++ b/arch/x86/kernel/cpu/bugs_64.c @@ -89,6 +89,11 @@ static void __init spectre_v2_parse_cmdline(void) set_ibpb_disabled(); } + if (cmdline_find_option_bool(boot_command_line, "nolfence")) { + set_lfence_disabled(); + } + + if (cmdline_find_option_bool(boot_command_line, "nospectre_v2")) goto disable; -- 2.50.1