Page MenuHomeFreeBSD
Differential D41817

x86: AMD Zen2: Zenbleed chicken bit mitigation
ClosedPublic
Actions

Authored by olce on Sep 11 2023, 8:21 PM.
Tags
None
Referenced Files
F84274651: D41817.diff
Tue, May 21, 5:57 PM
F84274632: D41817.diff
Tue, May 21, 5:56 PM
Unknown Object (File)
Mar 17 2024, 9:19 AM
Unknown Object (File)
Mar 17 2024, 9:19 AM
Unknown Object (File)
Mar 17 2024, 9:18 AM
Unknown Object (File)
Mar 14 2024, 4:45 PM
Unknown Object (File)
Feb 18 2024, 1:32 PM
Unknown Object (File)
Jan 19 2024, 10:27 PM
View All 21 Files
Subscribers
imp

Details

Reviewers
kib
markj
emaste
jhb
Commits
rG7552dce04702: x86: AMD Zen2: Zenbleed chicken bit mitigation
rGaea76bab1416: x86: AMD Zen2: Zenbleed chicken bit mitigation
rG6c59ac8c7934: x86: AMD Zen2: Zenbleed chicken bit mitigation
rGebaea1bcd2eb: x86: AMD Zen2: Zenbleed chicken bit mitigation
Summary

Applies only to bare-metal Zen2 processors. The system currently automatically
applies it to all of them.

Tunable/sysctl 'machdep.mitigations.zenbleed.enable' can be used to forcibly
enable or disable the mitigation at boot or run-time. Possible values are: 0:
Mitigation disabled, 1: Mitigation enabled, 2: Run the automatic determination.
Currently, value 2 is the default and has identical effect as value 1. This
might change in the future if we choose to take into account microcode revisions
in the automatic determination process.

The tunable/sysctl value is simply ignored on non-applicable CPU models, which
is useful to apply the same configuration on a set of machines that do not all
have Zen2 processors. Trying to set it to any integer value not listed above is
silently equivalent to setting it to value 2 (automatic determination).

The current mitigation state can be queried through sysctl
'machdep.mitigations.zenbleed.state', which returns "Not applicable",
"Mitigation enabled" or "Mitigation disabled". Note that this state is not
guaranteed to be accurate in case of intervening modifications of the
corresponding chicken bit directly via cpuctl(4) (this includes the
cpucontrol(8) utility). Resetting the desired policy through
'machdep.mitigations.zenbleed.enable' (possibly to its current value) will reset
the hardware state and ensure that the reported state is again coherent with it.

Sponsored by: The FreeBSD Foundation

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

olce created this revision.Sep 11 2023, 8:21 PM
Herald added a subscriber: imp. · View Herald TranscriptSep 11 2023, 8:21 PM
olce requested review of this revision.Sep 11 2023, 8:21 PM
Harbormaster completed remote builds in B53535: Diff 127242.Sep 11 2023, 8:21 PM
olce added a parent revision: D41816: x86: Add defines for workaround bits in AMD's MSR "Decode Configuration".Sep 11 2023, 8:22 PM
olce added reviewers: kib, markj, emaste.
olce added a reviewer: jhb.Sep 11 2023, 9:02 PM
kib accepted this revision.Sep 12 2023, 11:40 PM

There is security(7)

This revision is now accepted and ready to land.Sep 12 2023, 11:40 PM
emaste added a comment.Sep 13 2023, 8:46 AM

Also, I started writing a mitigations.7 in D41794

emaste added a comment.Sep 19 2023, 1:57 PM

This change felt a little bit verbose to me, compared to the equivalent Linux change. But, I think we do want to rationalize all of the mitigations and make the enables consistent so that they all have off / on / automatic, with the intent that in a normal configuration all can be set to automatic. And we should report status as off (forced), off (does not apply to this hw), etc. So all of that said I think this is fine and may be a good starting point for more common mitigation controls.

emaste mentioned this in D41794: Add mitigations(7) describing our vulnerability mitigations.Sep 19 2023, 8:22 PM
olce added a comment.Sep 20 2023, 8:51 AM
In D41817#955230, @emaste wrote:

This change felt a little bit verbose to me, compared to the equivalent Linux change. But, I think we do want to rationalize all of the mitigations and make the enables consistent so that they all have off / on / automatic, with the intent that in a normal configuration all can be set to automatic. And we should report status as off (forced), off (does not apply to this hw), etc. So all of that said I think this is fine and may be a good starting point for more common mitigation controls.

I agree. It would be great that both the administrative handling of mitigations (the different knobs, for control and reporting) and how they are internally applied are factored out, with the benefits of consistency for users and having to patch less locations for developers. I'll probably give a shot as a follow-up, but I don't plan to do it immediately.

Closed by commit rGebaea1bcd2eb: x86: AMD Zen2: Zenbleed chicken bit mitigation (authored by olce, committed by emaste). · Explain WhyOct 2 2023, 7:31 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rGebaea1bcd2eb: x86: AMD Zen2: Zenbleed chicken bit mitigation.
emaste added a commit: rG6c59ac8c7934: x86: AMD Zen2: Zenbleed chicken bit mitigation.Oct 10 2023, 1:35 PM
emaste added a commit: rGaea76bab1416: x86: AMD Zen2: Zenbleed chicken bit mitigation.Oct 13 2023, 11:14 PM
olce added a commit: rG7552dce04702: x86: AMD Zen2: Zenbleed chicken bit mitigation.Dec 21 2023, 1:44 PM

Revision Contents
Changeset List

PathSize
sys/
amd64/
acpica/
1 line
amd64/
3 lines
4 lines
dev/
cpuctl/
1 line
x86/
include/
1 line
3 lines
x86/
123 lines

Diff 128099

View Options

sys/amd64/acpica/acpi_wakeup.c

Loading...
View Options

sys/amd64/amd64/initcpu.c

Loading...
View Options

sys/amd64/amd64/machdep.c

Loading...
View Options

sys/dev/cpuctl/cpuctl.c

Loading...
View Options

sys/x86/include/specialreg.h

Loading...
View Options

sys/x86/include/x86_var.h

Loading...
View Options

sys/x86/x86/cpu_machdep.c

Loading...