Received: by 2002:a25:ca44:0:0:0:0:0 with SMTP id a65csp1529867ybg; Wed, 29 Jul 2020 17:14:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyg7l+DLn2eMiAm+rzLP/19FazhNQ4AvkI46HLUHwdrf38QrnmJEdkGcC6RC2re/JSf44iJ X-Received: by 2002:a50:b941:: with SMTP id m59mr247126ede.321.1596068086768; Wed, 29 Jul 2020 17:14:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1596068086; cv=none; d=google.com; s=arc-20160816; b=wGwo5uaS7eUkR+RNWEHNjTjmk7dGXLAGKs5w/GgkzYENOr7C+BXuCO9CALK+Fqz0l4 OelaxMai7I4WqnD6FEXq0TfyTMnPjw8w8z2J0YwhzOb50EEqortRlE4F/eIA6A6ssGX0 L+/t4+Auv9qhcCn5roKkSXhyf5kwdRagHYksALoYGQWCoFyWbIz7VkI5ZYYxNiuvEwuV DOU9N/bHHV9UzuppSQuuoqHX+soiPdtqz36ilonrumBAORPEZZ/A9p2Zm9+zNyHQNDRk VCStpxfq2FukGsQH48LHqcyXQqDXn4DSAYaatsA1anqq7oqxD1vym0+B0Ju8z6U3fwh+ 6PRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:ironport-sdr :dkim-signature; bh=sI99ASFOpAizx/017vNG8t+8unNbilMwdFtd7ktWwNI=; b=kP1AgBKNBy6UZ7Tl8VP7HM/+sLF+8U2uF1qDbShDFsWO8c2Rsn3B9EEuhQ8Sdfy/K8 OUcBzPN3w3QL7YUzlGl0KOT/G+9L0Hu7zElTKkLGJn2FrdLtfdA4EITHKuC8lKFdfv0c QP3N3sMuvnlnPHMlnyBnK5ClkqF2XimttqY2p8rxWbCDJnCmQEmmKCmoZA90O2Z/A4v3 DxvFrtUwYz4e0UdBGL/I1rtvm932+zge6X0X+C7eAUy9HCdeJtdjZWc5EzxX8ShmTETi OrQdgGT8gFjWFn75nCJVXmfMoYaIl+yfX9J92DNnEYzZbE1+YojMoaFwO8bEIgajSg4y zt3w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=CjZeOFae; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s26si2011131ejv.28.2020.07.29.17.14.24; Wed, 29 Jul 2020 17:14:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=CjZeOFae; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727858AbgG3AN2 (ORCPT + 99 others); Wed, 29 Jul 2020 20:13:28 -0400 Received: from smtp-fw-9101.amazon.com ([207.171.184.25]:24877 "EHLO smtp-fw-9101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727072AbgG3AN2 (ORCPT ); Wed, 29 Jul 2020 20:13:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1596068007; x=1627604007; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=sI99ASFOpAizx/017vNG8t+8unNbilMwdFtd7ktWwNI=; b=CjZeOFaeNhlBHlJUuOFp1qZa7770KIFw2XjNLzf69rfxgH6sEShOo9/1 TycdtgKKRGidwFxh+xn9Lu0k75r3/EznyTyyR4xnx9Erk5kLXCW4RHEZM 7M/l0HLSBShbZ43oThXT45HQmXq4chMTt2uPTX0W9h2LWNkbRuS0q+ic2 c=; IronPort-SDR: YB+60HzVqX3P8qq7WfcqIW5Cpu+lDqk7BquDe8xVzzb5joWUr+VOxyep7nZ4qTlbXSIGZ7+/F/ WrTq24b9csMA== X-IronPort-AV: E=Sophos;i="5.75,412,1589241600"; d="scan'208";a="55915251" Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-1e-62350142.us-east-1.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP; 30 Jul 2020 00:13:18 +0000 Received: from EX13MTAUWA001.ant.amazon.com (iad55-ws-svc-p15-lb9-vlan2.iad.amazon.com [10.40.159.162]) by email-inbound-relay-1e-62350142.us-east-1.amazon.com (Postfix) with ESMTPS id 3DB1AA25C4; Thu, 30 Jul 2020 00:13:13 +0000 (UTC) Received: from EX13D01UWA002.ant.amazon.com (10.43.160.74) by EX13MTAUWA001.ant.amazon.com (10.43.160.58) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 30 Jul 2020 00:13:13 +0000 Received: from f8ffc2228008.ant.amazon.com (10.43.161.203) by EX13d01UWA002.ant.amazon.com (10.43.160.74) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 30 Jul 2020 00:13:10 +0000 Subject: Re: [PATCH v2 4/5] prctl: Hook L1D flushing in via prctl To: Tom Lendacky , , CC: , , , , , , , References: <20200729001103.6450-1-sblbir@amazon.com> <20200729001103.6450-5-sblbir@amazon.com> <982c1d40-aac1-df0c-c3b7-2699dc0b9b6f@amd.com> From: "Singh, Balbir" Message-ID: <33b99d83-f2de-6984-c3d6-a44960aac828@amazon.com> Date: Thu, 30 Jul 2020 10:13:09 +1000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.0.1 MIME-Version: 1.0 In-Reply-To: <982c1d40-aac1-df0c-c3b7-2699dc0b9b6f@amd.com> Content-Type: text/plain; charset="utf-8" Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Originating-IP: [10.43.161.203] X-ClientProxiedBy: EX13D40UWA003.ant.amazon.com (10.43.160.29) To EX13d01UWA002.ant.amazon.com (10.43.160.74) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 29/7/20 11:14 pm, Tom Lendacky wrote: > > > On 7/28/20 7:11 PM, Balbir Singh wrote: >> Use the existing PR_GET/SET_SPECULATION_CTRL API to expose the L1D >> flush capability. For L1D flushing PR_SPEC_FORCE_DISABLE and >> PR_SPEC_DISABLE_NOEXEC are not supported. >> >> There is also no seccomp integration for the feature. >> >> Signed-off-by: Balbir Singh >> --- >> arch/x86/kernel/cpu/bugs.c | 54 ++++++++++++++++++++++++++++++++++++++ >> arch/x86/mm/tlb.c | 25 +++++++++++++++++- >> include/uapi/linux/prctl.h | 1 + >> 3 files changed, 79 insertions(+), 1 deletion(-) >> >> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c >> index 0b71970d2d3d..935ea88313ab 100644 >> --- a/arch/x86/kernel/cpu/bugs.c >> +++ b/arch/x86/kernel/cpu/bugs.c >> @@ -295,6 +295,13 @@ enum taa_mitigations { >> TAA_MITIGATION_TSX_DISABLED, >> }; >> >> +enum l1d_flush_out_mitigations { >> + L1D_FLUSH_OUT_OFF, >> + L1D_FLUSH_OUT_ON, >> +}; >> + >> +static enum l1d_flush_out_mitigations l1d_flush_out_mitigation __ro_after_init = L1D_FLUSH_OUT_ON; >> + >> /* Default mitigation for TAA-affected CPUs */ >> static enum taa_mitigations taa_mitigation __ro_after_init = TAA_MITIGATION_VERW; >> static bool taa_nosmt __ro_after_init; >> @@ -378,6 +385,18 @@ static void __init taa_select_mitigation(void) >> pr_info("%s\n", taa_strings[taa_mitigation]); >> } >> >> +static int __init l1d_flush_out_parse_cmdline(char *str) >> +{ >> + if (!boot_cpu_has_bug(X86_BUG_L1TF)) >> + return 0; > > Shouldn't this set the l1d_flush_out_mitigation to L1D_FLUSH_OUT_OFF since > it is set to L1D_FLUSH_OUT_ON by default? Or does it not matter because > the enable_l1d_flush_for_task() will return -EINVAL if the cpu doesn't > have the L1TF bug? > > I guess it depends on what you want l1d_flush_out_prctl_set() and > l1d_flush_out_prctl_get() to return in this case. > Exactly! We want to differentiate between force disabled and not applicable. Thanks for the review, Balbir Singh.