Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp514287ybi; Fri, 24 May 2019 07:19:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqwsf/KyJ9P1R8KMUvbC2YMa8H0jK9/dCoSkJoiZuTFeyM1wtcTXRI+8kwPgc64o6XnKk2wB X-Received: by 2002:a17:90a:b296:: with SMTP id c22mr9909978pjr.28.1558707575612; Fri, 24 May 2019 07:19:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558707575; cv=none; d=google.com; s=arc-20160816; b=Rdi7OX9JyjucG+BAg8BYIThnrSyUSdNE2WzcTAYA88FVMBn9ua61tkw8i3exh1GQCo LkURW+xP6baRMeHNlAfvxHN1a+cVeVrQYyVHvizbEcCSK2tlEOb2RYee3aljTxeRIItc OLFYB1ZLYzit41xL4MLV8iXGVTY1Cv+IhjG9SoSAAL40Sapw/G2uaTUFGzXjTFHGmWNI 13Tw7JetjCkSjmKj0581oupcdNExkQBFNczmOJOzXaPpRBqM49iA3QEi496Vpe9LgRgT HMvvNHgWJivue8jMddIq0+eAFjtk3W+CuCHDs1yZi3MkN82IPx2J/45qf7GV91JwVJaA al3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=SiZIBmqxZzrvKilzoZ9zmqojvjyJR3JHFsIJjr9mL/U=; b=aXR6EnLYIgFQExdA/8sjCcGBp2nU4p+UH2G1JjRGgzMFjQqLRreX33XAvMP9+Ph/dv j1KNyo0nwO7mAapVoPabZNGqyRsFNROSU2825hkYOU6kv8auSZfF92uqZ3MUE+z40XBX YHLBuBDKMI0yJicPo4HLIstDs6zlPwGAlWk4GYrMPCcd7YlkL4cNQs/swltgmWIA4qYG xUzLN9EanNjLlMjIJq616mjtKKpYsVslbJpNbDXBiQZAUyrs/fqqCnLmB4wvWPpKlxlT hxVtZvitX5MKd1i0sYy9D85uAcJ4IowbJFRexxIbb4iT8kIAIUtgsZt+VtWYD27EQ6me 0tyA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=GIl4k66w; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 5si4278755pgm.540.2019.05.24.07.19.18; Fri, 24 May 2019 07:19:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=GIl4k66w; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2404103AbfEXORg (ORCPT + 99 others); Fri, 24 May 2019 10:17:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:52714 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2403917AbfEXORf (ORCPT ); Fri, 24 May 2019 10:17:35 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 420D020673; Fri, 24 May 2019 14:17:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1558707454; bh=Ly/qXNblcj6nTmgNO9vZijpkqkJFY1NjX2g/yRrwRXU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=GIl4k66ws5pUeVrvkGpDk+3pIsbuq17/KAV6o4+bT8OzTqKiUq0m/9vscvMRI4O2H mm9CvKcNChu2czCmqM4eV1rc640R2qZ/+DDl0I8m+nN0I5nqpVX6f0K91x2tn/onOX SbtiqAcmUr64ICWNRlYZo/XrHXsA0HnR5iq4wdfw= Date: Fri, 24 May 2019 16:17:32 +0200 From: Greg Kroah-Hartman To: Jinpu Wang Cc: Thomas Gleixner , tony.luck@intel.com, Arjan van de Ven , linux-kernel@vger.kernel.org, Elmar Gerdes Subject: Re: Is 2nd Generation Intel(R) Xeon(R) Processors (Formerly Cascade Lake) affected by MDS Message-ID: <20190524141732.GA4412@kroah.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.4 (2019-03-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 24, 2019 at 03:19:34PM +0200, Jinpu Wang wrote: > Resend with plain text, and remove confidential unnecessary signature. > sorry for spam. > > Hi Thomas, hi Greg, hi Tony, hi Arjan, hi other expert on the list > > I noticed on our Cascade lake with 4.14.120, the kernel is reporting > vulnerable: > jwang@ps401a-912:~$ head /sys/devices/system/cpu/vulnerabilities/mds > Vulnerable: Clear CPU buffers attempted, no microcode; SMT vulnerable > > But according to INTEL, they have built the mitigation in hardware > for Cascade Lake: > https://www.intel.com/content/www/us/en/architecture-and-technology/engineering-new-protections-into-hardware.html > > We are using latest microcode from debian: > https://metadata.ftp-master.debian.org/changelogs//non-free/i/intel-microcode/intel-microcode_3.20190514.1~deb9u1_changelog > lscpu: > jwang@ps401a-912:~$ lscpu > Architecture: x86_64 > CPU op-mode(s): 32-bit, 64-bit > Byte Order: Little Endian > CPU(s): 96 > On-line CPU(s) list: 0-95 > Thread(s) per core: 2 > Core(s) per socket: 24 > Socket(s): 2 > NUMA node(s): 2 > Vendor ID: GenuineIntel > CPU family: 6 > Model: 85 > Model name: Intel(R) Xeon(R) Platinum 8268 CPU @ 2.90GHz > Stepping: 5 > CPU MHz: 3228.226 > CPU max MHz: 3900.0000 > CPU min MHz: 1000.0000 > BogoMIPS: 5800.00 > Virtualization: VT-x > L1d cache: 32K > L1i cache: 32K > L2 cache: 1024K > L3 cache: 33792K > NUMA node0 CPU(s): 0-23,48-71 > NUMA node1 CPU(s): 24-47,72-95 > Flags: fpu vme de pse tsc msr pae mce cx8 apic sep > mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht > tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs > bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq > dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm > pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes > xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb cat_l3 > cdp_l3 invpcid_single intel_ppin ssbd mba ibrs ibpb stibp tpr_shadow > vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 > erms invpcid rtm cqm mpx rdt_a avx512f avx512dq rdseed adx smap > clflushopt clwb intel_pt avx512cd avx512bw avx512vl xsaveopt xsavec > xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local > dtherm ida arat pln pts pku ospke flush_l1d arch_capabilities > > Clearly we want to buy Cascade Lake if the hardware mitigations are in > place, but the information on the internet is quite limited and > misleading. > > Could anyone of you could clarify it for us? > Does it mean 4.14.120 is missing patches for detecting Cascade Lake > mitigation, Or maybe only small set of cascade lake has mitigation? > Or the community/intel are not sure about it yet? Did you try 4.19 or 5.1? Try those and see if anything changes. If not, odds are you need a microcode update from Intel, please contact them, nothing we can do about that. If 4.14 works different from 4.19 or 5.1, please let us know. thanks, greg k-h