x86/bugs: Add a Transient Scheduler Attacks mitigation

		/sys/devices/system/cpu/vulnerabilities/spectre_v1

		/sys/devices/system/cpu/vulnerabilities/spectre_v2

		/sys/devices/system/cpu/vulnerabilities/srbds

		/sys/devices/system/cpu/vulnerabilities/tsa

		/sys/devices/system/cpu/vulnerabilities/tsx_async_abort

Date:		January 2018

Contact:	Linux kernel mailing list <linux-kernel@vger.kernel.org>

			having this key zero'ed is acceptable. E.g. in testing

			scenarios.

	tsa=		[X86] Control mitigation for Transient Scheduler

			Attacks on AMD CPUs. Search the following in your

			favourite search engine for more details:

			"Technical guidance for mitigating transient scheduler

			attacks".

			off		- disable the mitigation

			on		- enable the mitigation (default)

			user		- mitigate only user/kernel transitions

			vm		- mitigate only guest/host transitions

	tsc=		Disable clocksource stability checks for TSC.

			Format: <string>

			[x86] reliable: mark tsc clocksource as reliable, this

	  disabled, mitigation cannot be enabled via cmdline.

	  See <file:Documentation/admin-guide/hw-vuln/indirect-target-selection.rst>

config MITIGATION_TSA

	bool "Mitigate Transient Scheduler Attacks"

	depends on CPU_SUP_AMD

	default y

	help

	  Enable mitigation for Transient Scheduler Attacks. TSA is a hardware

	  security vulnerability on AMD CPUs which can lead to forwarding of

	  invalid info to subsequent instructions and thus can affect their

	  timing and thereby cause a leakage.

endif

config ARCH_HAS_ADD_PAGES

#define X86_FEATURE_NO_NESTED_DATA_BP	(20*32+ 0) /* No Nested Data Breakpoints */

#define X86_FEATURE_WRMSR_XX_BASE_NS	(20*32+ 1) /* WRMSR to {FS,GS,KERNEL_GS}_BASE is non-serializing */

#define X86_FEATURE_LFENCE_RDTSC	(20*32+ 2) /* LFENCE always serializing / synchronizes RDTSC */

#define X86_FEATURE_VERW_CLEAR		(20*32+ 5) /* The memory form of VERW mitigates TSA */

#define X86_FEATURE_NULL_SEL_CLR_BASE	(20*32+ 6) /* Null Selector Clears Base */

#define X86_FEATURE_AUTOIBRS		(20*32+ 8) /* Automatic IBRS */

#define X86_FEATURE_NO_SMM_CTL_MSR	(20*32+ 9) /* SMM_CTL MSR is not present */

#define X86_FEATURE_PREFER_YMM		(21*32+ 8) /* Avoid ZMM registers due to downclocking */

#define X86_FEATURE_APX			(21*32+ 9) /* Advanced Performance Extensions */

#define X86_FEATURE_INDIRECT_THUNK_ITS	(21*32+10) /* Use thunk for indirect branches in lower half of cacheline */

#define X86_FEATURE_TSA_SQ_NO		(21*32+11) /* AMD CPU not vulnerable to TSA-SQ */

#define X86_FEATURE_TSA_L1_NO		(21*32+12) /* AMD CPU not vulnerable to TSA-L1 */

#define X86_FEATURE_CLEAR_CPU_BUF_VM	(21*32+13) /* Clear CPU buffers using VERW before VMRUN */

/*

 * BUG word(s)

#define X86_BUG_OLD_MICROCODE		X86_BUG( 1*32+ 6) /* "old_microcode" CPU has old microcode, it is surely vulnerable to something */

#define X86_BUG_ITS			X86_BUG( 1*32+ 7) /* "its" CPU is affected by Indirect Target Selection */

#define X86_BUG_ITS_NATIVE_ONLY		X86_BUG( 1*32+ 8) /* "its_native_only" CPU is affected by ITS, VMX is not affected */

#define X86_BUG_TSA			X86_BUG( 1*32+ 9) /* "tsa" CPU is affected by Transient Scheduler Attacks */

#endif /* _ASM_X86_CPUFEATURES_H */

 */

static __always_inline void __mwaitx(u32 eax, u32 ebx, u32 ecx)

{

	/* No MDS buffer clear as this is AMD/HYGON only */

	/* No need for TSA buffer clearing on AMD */

	/* "mwaitx %eax, %ebx, %ecx" */

	asm volatile(".byte 0x0f, 0x01, 0xfb"