x86/bugs: Workaround for incorrectly set X86_BUG_RETBLEED under VMware (!2757) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Waiman Long requested to merge llong1/centos-stream-9:bz2189577_vmware into main Jun 30, 2023

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2189577
Upstream Status: RHEL only

It is found that VMware hypervisor may incorrectly set the ARCH_CAP_RSBA bit (RET may use alternative branch predictors) of the MSR_IA32_ARCH_CAPABILITIES MSR on some older Intel processors like Haswell which is not affected by RETBleed. This causes the RHEL kernel to think that the processor is vulnerable to RETBleed and hence sets X86_BUG_RETBLEED. This has the side effect of forcing the use of IBRS as Spectre v2 mitigation for processors that have it which can have a significant performance impact.

Since it is known that Intel CPUs before Skylake are not speculative enough to be susceptible to RETBleed, we can work around this VMware issue by putting some of the Intel CPUs before Skylake (Westmere, SandyBridge, IvyBridge, Haswell, Broadwell) in a new whitelist and checking that list before setting X86_BUG_RETBLEED.

For other hypervisors or bare metal that does not have the bug, the new code will not be activated on those older Intel processors since the ARCH_CAP_RSBA bit should not be set.

Signed-off-by: Waiman Long longman@redhat.com

Admin message

x86/bugs: Workaround for incorrectly set X86_BUG_RETBLEED under VMware

Merge request reports