Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1566841ybt;
        Mon, 15 Jun 2020 03:49:40 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyTu4mPFD99B5o54pkU8TlzX82DNkIHelyd0fwTuaJHKYgdN0H46OX4lhKYtRI28njvbwL4
X-Received: by 2002:a50:f087:: with SMTP id v7mr22603673edl.225.1592218180547;
        Mon, 15 Jun 2020 03:49:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1592218180; cv=none;
        d=google.com; s=arc-20160816;
        b=sbpw+nfi0PX1lBSFOTGkGkrfVc3wiiLPrLGmyPQJgGdIdZY98oF8YQkY6EKHS3tRI8
         7EZNUbYKYLXjZNxHSen6ofXbAxt4i7DhOIKMLtpfJHuN+B5J8v0ITO5um0Do18G0vy+O
         RD0CYCUNo9+lUgfSkQ/jald/siUfgHD5LnXqk0BxtnY2D2UKfl+4apjdwPWqwoyGq0Dq
         TBmnC1wF5GZaWUOj/02rLthOa3MxIyGDTVcI2V/1MEe3wkCyHHFxo4sdW18c0zf3RNPW
         hmeETglrjeCXLEYHyg0wOtEYNWjJ4JG6R/tonR6hoFidbMesfgfD6O/mXaB6XHYbGy1x
         o9Hg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=MHpggwvr0BvKUJlLLSPpdNMqETzjB0UWRAJLzGCSE/s=;
        b=i/rJqdMpHrUZgfjppMJfTuE8gAy//fEDuRbAVbJ35NjRjpbvG8gmx3e2ogwq3yMU7u
         JNrmu1OcN0yMIVXVfew5aEA/jR7QHtKp+8lMUpu3eGdGJ48SspKilaeQxWkaAlT0ZzG1
         89nhDw7p66pWlnV8T9yoSy2aYYbRltLkE9QE3mbPGJtpynf2rJP27QDU/KoH1R8rcFeO
         K3bEhuikGA11eRddPwfMhJMRNVDPr6A2UVKhrxassvDtWvPjY42twM4OHHVz4OdXkXi7
         FXc9ooVY5p6AHfFfsybt1VSRzY/BUnHp6e3EfLG9FzCu8ZRxAX6AN9DJh2xYkqSARXiL
         TssQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b="iL/tiCXi";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id m10si8271810edv.322.2020.06.15.03.49.18;
        Mon, 15 Jun 2020 03:49:40 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b="iL/tiCXi";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729280AbgFOKrW (ORCPT <rfc822;chenc2371@gmail.com> + 99 others);
        Mon, 15 Jun 2020 06:47:22 -0400
Received: from mail.skyhub.de ([5.9.137.197]:33814 "EHLO mail.skyhub.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728815AbgFOKrV (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 15 Jun 2020 06:47:21 -0400
Received: from zn.tnic (p200300ec2f063c00a9ba54d750d72537.dip0.t-ipconnect.de [IPv6:2003:ec:2f06:3c00:a9ba:54d7:50d7:2537])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 3ADD41EC035B;
        Mon, 15 Jun 2020 12:47:20 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim;
        t=1592218040;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:in-reply-to:in-reply-to:  references:references;
        bh=MHpggwvr0BvKUJlLLSPpdNMqETzjB0UWRAJLzGCSE/s=;
        b=iL/tiCXidPNan8giRcIyigGQx5uElNnFHtoi8CPJqgTD1GDpCflOrn0nAU3x/BFR1MKsr9
        /FbVAxLKXMjzZ9eB8hrm/0c/bc8xDsoB5bbHqdA5bOB1ooC7cz3ft3Luc/KTbs/VQQOdaw
        5J1XrRalyY763xRL08Jx9Q9rnTD72K4=
Date:   Mon, 15 Jun 2020 12:47:13 +0200
From:   Borislav Petkov <bp@alien8.de>
To:     Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
        Mark Gross <mgross@linux.intel.com>
Cc:     linux-kernel@vger.kernel.org, Mark Gross <mgross@linux.intel.com>,
        x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
        Ingo Molnar <mingo@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        John Johansen <john.johansen@canonical.com>,
        Steve Beattie <sbeattie@ubuntu.com>
Subject: Re: [PATCH] x86/speculation/srbds: do not try to turn mitigation off
 when not supported
Message-ID: <20200615104713.GE14668@zn.tnic>
References: <20200609174313.2600320-1-cascardo@canonical.com>
 <20200615082858.GC14668@zn.tnic>
 <20200615102738.GZ4342@mussarela>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20200615102738.GZ4342@mussarela>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Jun 15, 2020 at 07:27:38AM -0300, Thadeu Lima de Souza Cascardo wrote:
> It was booted without the microcode update. There was microcode available, but
> systems may be booted without it, thus causing warnings due to the MSR
> read/write.

Right.

> That's exactly the fix in the patch I sent, right? Do you want me to resend
> with a comment, then?

Your patch replaced

-       if (srbds_mitigation == SRBDS_MITIGATION_UCODE_NEEDED)

Thinking about this more, I think the proper thing to do is this:

---
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 0b71970d2d3d..ce2931563f8f 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -432,14 +432,14 @@ void update_srbds_msr(void)
 	if (boot_cpu_has(X86_FEATURE_HYPERVISOR))
 		return;
 
-	if (srbds_mitigation == SRBDS_MITIGATION_UCODE_NEEDED)
+	if (srbds_mitigation == SRBDS_MITIGATION_UCODE_NEEDED ||
+	    srbds_mitigation == SRBDS_MITIGATION_TSX_OFF)
 		return;
 
 	rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
 
 	switch (srbds_mitigation) {
 	case SRBDS_MITIGATION_OFF:
-	case SRBDS_MITIGATION_TSX_OFF:
 		mcu_ctrl |= RNGDS_MITG_DIS;
 		break;
 	case SRBDS_MITIGATION_FULL:
---

because looking at:

  7e5b3c267d25 ("x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation")

it says:

    While it is present on all affected CPU models, the microcode mitigation
    is not needed on models that enumerate ARCH_CAPABILITIES[MDS_NO] in the
    cases where TSX is not supported or has been disabled with TSX_CTRL.

which could be also understood as "there won't be microcode for those
CPUs and thus MSR_IA32_MCU_OPT_CTRL won't be there."

Because if that is the case, then SRBDS_MITIGATION_TSX_OFF means the MSR
is not there and therefore we should not touch it.

And you've actually shown that without the microcode loaded, you
can have a system which is MDS_NO and which hasn't generated
MSR_IA32_MCU_OPT_CTRL (because the microcode is not loaded) and thus
can't touch said MSR.

Mark?

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette