hv: cve hotfix: Disable RRSBA on platform using retpoline

For platform that supports RRSBA (Restricted Return Stack Buffer Alternate), using retpoline may not be sufficient to guard against branch history injection or intra-mode branch target injection. RRSBA must be disabled to prevent CPUs from using alternate predictors for RETs. Quoting Intel CVE-2022-0001/CVE-2022-0002: Where software is using retpoline as a mitigation for BHI or intra-mode BTI, and the processor both enumerates RRSBA and enumerates RRSBA_DIS controls, it should disable this behavior. ... Software using retpoline as a mitigation for BHI or intra-mode BTI should use these new indirect predictor controls to disable alternate predictors for RETs. See: https://www.intel.com/content/www/us/en/developer/articles/technical/ software-security-guidance/technical-documentation/branch-history-injection.html Tracked-On: #7907 Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
2025-09-22 17:27:53 +00:00 · 2022-07-19 00:31:23 +00:00
parent de8877e71a
commit 4f4da08490
7 changed files with 51 additions and 1 deletions
--- a/hypervisor/arch/x86/cpu.c
+++ b/hypervisor/arch/x86/cpu.c
@@ -231,6 +231,10 @@ void init_pcpu_post(uint16_t pcpu_id)

 	init_pcpu_xsave();

+#ifdef CONFIG_RETPOLINE
+	disable_rrsba();
+#endif
+
 	if (pcpu_id == BSP_CPU_ID) {
 		/* Print Hypervisor Banner */
 		print_hv_banner();
--- a/hypervisor/arch/x86/cpu_caps.c
+++ b/hypervisor/arch/x86/cpu_caps.c
@@ -355,6 +355,9 @@ void init_pcpu_capabilities(void)
 		&boot_cpu_data.cpuid_leaves[FEAT_7_0_ECX],
 		&boot_cpu_data.cpuid_leaves[FEAT_7_0_EDX]);

+	cpuid_subleaf(CPUID_EXTEND_FEATURE, 0x2U, &unused, &unused, &unused,
+		&boot_cpu_data.cpuid_leaves[FEAT_7_2_EDX]);
+
 	cpuid_subleaf(CPUID_MAX_EXTENDED_FUNCTION, 0x0U,
 		&boot_cpu_data.extended_cpuid_level,
 		&unused, &unused, &unused);
--- a/hypervisor/arch/x86/security.c
+++ b/hypervisor/arch/x86/security.c
@@ -44,6 +44,42 @@ static void detect_ibrs(void)
 #endif
 }

+#ifdef CONFIG_RETPOLINE
+/* For platform that supports RRSBA (Restricted Return Stack Buffer Alternate),
+ * using retpoline may not be sufficient to guard against branch history injection (BHI)
+ * or Intra-mode branch target injection (IMBTI). RRSBA must be disabled to
+ * prevent CPUs from using alternate predictors for RETs.
+ *
+ * Quoting Intel CVE-2022-0001/CVE-2022-0002 documentation:
+ *
+ * Where software is using retpoline as a mitigation for BHI or intra-mode BTI,
+ * and the processor both enumerates RRSBA and enumerates RRSBA_DIS controls,
+ * it should disable this behavior.
+ * ...
+ * Software using retpoline as a mitigation for BHI or intra-mode BTI should use
+ * these new indirect predictor controls to disable alternate predictors for RETs.
+ *
+ * See: https://www.intel.com/content/www/us/en/developer/articles/technical/
+ * software-security-guidance/technical-documentation/branch-history-injection.html
+ */
+void disable_rrsba(void) {
+	uint64_t v, x86_arch_caps;
+	bool rrsba_behavior = false;
+
+	if (pcpu_has_cap(X86_FEATURE_ARCH_CAP)) {
+		x86_arch_caps = msr_read(MSR_IA32_ARCH_CAPABILITIES);
+		rrsba_behavior = ((x86_arch_caps & IA32_ARCH_CAP_RESTRICTED_RSBA) != 0UL);
+	}
+
+	if (rrsba_behavior && pcpu_has_cap(X86_FEATURE_RRSBA_CTRL)) {
+		v = msr_read(MSR_IA32_SPEC_CTRL);
+		/* Setting SPEC_RRSBA_DIS_S disables RRSBA behavior for CPL0/1/2 */
+		v |= SPEC_RRSBA_DIS_S;
+		msr_write(MSR_IA32_SPEC_CTRL, v);
+	}
+}
+#endif
+
 int32_t get_ibrs_type(void)
 {
 	return ibrs_type;