From: deraadt <deraadt@openbsd.org>
Date: Mon, 24 Jul 2023 14:53:58 +0000 (+0000)
Subject: Set DE_CFG[9] -- a chickenbit which stops Zenbleed.  The chickenbit may
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=c2cf4345bb542c4405ab5e11724350bc1740044e;p=openbsd

Set DE_CFG[9] -- a chickenbit which stops Zenbleed.  The chickenbit may
have other side-effects (not disclosed by AMD), and firmwares fixes may
be better (and have other side-effects, same story).  Newer processors
will probably be validated more carefully by AMD.
Issue found by Tavis Ormandy.
This is errata 7.2/033_amdcpu.patch.sig and 7.3/011_amdcpu.patch.sig
Zenbleed also blocked on select cpus by using errata
7.3/012_amdfirmware.patch.sig + 7.3/013_amdcpufirmware.patch /
7.2/034_amdfirmware.patch.sig + 7.2/035_amdcpufirmware.patch.sig
which load AMD cpu firmwares (firmware.openbsd.org is updated often to
contain the best firmwares)
ok jsg
---

diff --git a/sys/arch/amd64/amd64/cpu.c b/sys/arch/amd64/amd64/cpu.c
index 9cee5a06313..4d766727076 100644
--- a/sys/arch/amd64/amd64/cpu.c
+++ b/sys/arch/amd64/amd64/cpu.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cpu.c,v 1.171 2023/07/21 04:04:51 guenther Exp $	*/
+/*	$OpenBSD: cpu.c,v 1.172 2023/07/24 14:53:58 deraadt Exp $	*/
 /* $NetBSD: cpu.c,v 1.1 2003/04/26 18:39:26 fvdl Exp $ */
 
 /*-
@@ -1168,7 +1168,7 @@ void
 cpu_fix_msrs(struct cpu_info *ci)
 {
 	int family = ci->ci_family;
-	uint64_t msr;
+	uint64_t msr, nmsr;
 
 	if (!strcmp(cpu_vendor, "GenuineIntel")) {
 		if ((family > 6 || (family == 6 && ci->ci_model >= 0xd)) &&
@@ -1211,11 +1211,16 @@ cpu_fix_msrs(struct cpu_info *ci)
 		 * where LFENCE is always serializing.
 		 */
 		if (family >= 0x10 && family != 0x11) {
-			msr = rdmsr(MSR_DE_CFG);
-			if ((msr & DE_CFG_SERIALIZE_LFENCE) == 0) {
-				msr |= DE_CFG_SERIALIZE_LFENCE;
-				wrmsr(MSR_DE_CFG, msr);
-			}
+			nmsr = msr = rdmsr(MSR_DE_CFG);
+			nmsr |= DE_CFG_SERIALIZE_LFENCE;
+			if (msr != nmsr)
+				wrmsr(MSR_DE_CFG, nmsr);
+		}
+		if (family == 0x17 && ci->ci_model >= 0x31) {
+			nmsr = msr = rdmsr(MSR_DE_CFG);
+			nmsr |= DE_CFG_SERIALIZE_9;
+			if (msr != nmsr)
+				wrmsr(MSR_DE_CFG, nmsr);
 		}
 	}
 
diff --git a/sys/arch/amd64/include/specialreg.h b/sys/arch/amd64/include/specialreg.h
index f639379a0b0..db5d02aeedb 100644
--- a/sys/arch/amd64/include/specialreg.h
+++ b/sys/arch/amd64/include/specialreg.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: specialreg.h,v 1.104 2023/07/21 04:04:51 guenther Exp $	*/
+/*	$OpenBSD: specialreg.h,v 1.105 2023/07/24 14:54:00 deraadt Exp $	*/
 /*	$NetBSD: specialreg.h,v 1.1 2003/04/26 18:39:48 fvdl Exp $	*/
 /*	$NetBSD: x86/specialreg.h,v 1.2 2003/04/25 21:54:30 fvdl Exp $	*/
 
@@ -590,6 +590,7 @@
 #define MSR_DE_CFG	0xc0011029	/* Decode Configuration */
 #define	DE_CFG_721	0x00000001	/* errata 721 */
 #define DE_CFG_SERIALIZE_LFENCE	(1 << 1)	/* Enable serializing lfence */
+#define DE_CFG_SERIALIZE_9 (1 << 9)	/* Zenbleed chickenbit */
 
 #define IPM_C1E_CMP_HLT	0x10000000
 #define IPM_SMI_CMP_HLT	0x08000000
diff --git a/sys/arch/i386/i386/machdep.c b/sys/arch/i386/i386/machdep.c
index 14949a6b913..6ef885c0b2c 100644
--- a/sys/arch/i386/i386/machdep.c
+++ b/sys/arch/i386/i386/machdep.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: machdep.c,v 1.663 2023/01/30 10:49:05 jsg Exp $	*/
+/*	$OpenBSD: machdep.c,v 1.664 2023/07/24 14:54:00 deraadt Exp $	*/
 /*	$NetBSD: machdep.c,v 1.214 1996/11/10 03:16:17 thorpej Exp $	*/
 
 /*-
@@ -1639,6 +1639,7 @@ identifycpu(struct cpu_info *ci)
 	char *cpu_device = ci->ci_dev->dv_xname;
 	int skipspace;
 	extern uint32_t cpu_meltdown;
+	uint64_t msr, nmsr;
 
 	if (cpuid_level == -1) {
 		name = "486DX";
@@ -1987,13 +1988,16 @@ identifycpu(struct cpu_info *ci)
 	 */
 	if (!strcmp(cpu_vendor, "AuthenticAMD")) {
 		if (ci->ci_family >= 0x10 && ci->ci_family != 0x11) {
-			uint64_t msr;
-
-			msr = rdmsr(MSR_DE_CFG);
-			if ((msr & DE_CFG_SERIALIZE_LFENCE) == 0) {
-				msr |= DE_CFG_SERIALIZE_LFENCE;
-				wrmsr(MSR_DE_CFG, msr);
-			}
+			nmsr = msr = rdmsr(MSR_DE_CFG);
+			nmsr |= DE_CFG_SERIALIZE_LFENCE;
+			if (msr != nmsr)
+				wrmsr(MSR_DE_CFG, nmsr);
+		}
+		if (family == 0x17 && ci->ci_model >= 0x31) {
+			nmsr = msr = rdmsr(MSR_DE_CFG);
+			nmsr |= DE_CFG_SERIALIZE_9;
+			if (msr != nmsr)
+				wrmsr(MSR_DE_CFG, nmsr);
 		}
 	}
 
diff --git a/sys/arch/i386/include/specialreg.h b/sys/arch/i386/include/specialreg.h
index cbf5fab1758..3e90b1721e8 100644
--- a/sys/arch/i386/include/specialreg.h
+++ b/sys/arch/i386/include/specialreg.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: specialreg.h,v 1.82 2023/07/21 04:04:52 guenther Exp $	*/
+/*	$OpenBSD: specialreg.h,v 1.83 2023/07/24 14:54:00 deraadt Exp $	*/
 /*	$NetBSD: specialreg.h,v 1.7 1994/10/27 04:16:26 cgd Exp $	*/
 
 /*-
@@ -529,6 +529,7 @@
 #define MSR_DE_CFG	0xc0011029		/* Decode Configuration */
 #define	DE_CFG_721	0x00000001	/* errata 721 */
 #define	DE_CFG_SERIALIZE_LFENCE	(1 << 1)	/* Enable serializing lfence */
+#define DE_CFG_SERIALIZE_9 (1 << 9)		/* Zenbleed chickenbit */
 
 #define IPM_C1E_CMP_HLT	0x10000000
 #define IPM_SMI_CMP_HLT	0x08000000