Received: by 2002:a05:6a10:eb17:0:0:0:0 with SMTP id hx23csp3414612pxb; Mon, 6 Sep 2021 21:43:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyRzOH3flosgn5PvBv90df96rfRVhDfCSDPaJ9x894GlG4hroCrbrySfAiDgKUwqM88/5Ze X-Received: by 2002:aa7:da81:: with SMTP id q1mr16065842eds.29.1630989784129; Mon, 06 Sep 2021 21:43:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1630989784; cv=none; d=google.com; s=arc-20160816; b=AXP8MleNYbvlMwvSZbiTuaZ08bb8sj7y8cLjFdQgkTpR0NVjOS9/CWC7Zd1a3B3D4S XT/5MyuIwNEQ9sulJariy9p4bPeF9XsOFSSRD4pnyRXCq8emmyoYIm3obylMyl2vP6zz 9ah3tfkzil2qHNxVPZMGlfg0HV0KzSZmbUbDPEmgepA5gpUMLTs0Hb0YiQLWL6ZkfN5y UdlL1+SHO4PNMs1a3rt6dHDBKdADNVWdRSYpy7/ilo41OwnDRoYiQdkYVtkFyo47eGBg SB4VuHXks2FwhYKqj4D+xONbgUx2GysYAX+2gg/1BUovRteqoy0SN26symbw5fXqVSBD eYLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=muAtmFk8EW8AT3D1cyjk+uuRCMlDhq4lTi32y59wnD0=; b=VkIl2qdSEJQW67WeTCKZazcJauHimRE5+9hEGJrLgpid1mQmZMW4f47wg0rLT4MFrf nQcHyIjp+RibNXUiOiud8oIQqtPqEoo7d13D+e8jBi32o8fX53W5Vy03z/5t7PIfABEf EPHBamc99bAaeGpIZih4SUjCVoH6U7DFRM1uvg+/hMGFLeiWA2zX9m2jFqK7tu0+q50s NXHPRD/IGzNlrOhO085XeEKrPqhzdJgKUI+EnXTxkwv2LtwZF0DSu4gjKLgZahaECo8f bUAGwBEu7RaHYzgpuKuZ8c4ZeksuRZ/dcOMnCUqmEnZtIyulTHzw8taRW+tkmbufKVKH KSbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=iFAs2jn9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b10si11038668ejj.295.2021.09.06.21.42.32; Mon, 06 Sep 2021 21:43:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=iFAs2jn9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231992AbhIGEkl (ORCPT + 99 others); Tue, 7 Sep 2021 00:40:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50382 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229456AbhIGEkh (ORCPT ); Tue, 7 Sep 2021 00:40:37 -0400 Received: from mail-ua1-x92e.google.com (mail-ua1-x92e.google.com [IPv6:2607:f8b0:4864:20::92e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7788EC061575 for ; Mon, 6 Sep 2021 21:39:31 -0700 (PDT) Received: by mail-ua1-x92e.google.com with SMTP id l24so4869861uai.1 for ; Mon, 06 Sep 2021 21:39:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=muAtmFk8EW8AT3D1cyjk+uuRCMlDhq4lTi32y59wnD0=; b=iFAs2jn9JfPMhFjxzdFLUoZepMDTpSEGgV69ccxCR22rtqQxvz00SCmCtQ6rgD1uhA NhpdWgrHmgOMOI99tRwMfv4uOyFQxeRyI/ln8CEmWG5kekZOF4lBrgbkQ7d/1xgoD7kX 94z5+z55ar1NNCKO3N4mmhZaejQF2yKFNJapesx0Pmjmjp4/cXA6fAlAu2//2FYc0hEM dAVoBN2JN+0K/9L6oFZ/5Wa/ImHX1g94vpfVxV8SDcdQmK3jzF8HFoXBrE/maozFULHo aQcb1YsLmhimzNTIfjOMWqUcmFLVtTioBSGyESoLigYdWkekCuL7AbMQnt1RamZqZZXU IFEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=muAtmFk8EW8AT3D1cyjk+uuRCMlDhq4lTi32y59wnD0=; b=VbeZSdSK8EBY+ETRDuFqBFnBj4b49za6WRQJVnPqQIEx2t7fII1CJctNjdbA/7c0L0 Y/vMYcPYQgF1R+KEw1iiYOEBxmI5W/VN/2RX8XvmdOrILDN9YhK4AvcTj7R64p2i+dTF uyJO3w4U1OTwn/k2nVrsGtaBhlam7szbtd/7C/YpPfuV0lGn0BYRM6mhNXI/yJBeQ2Ej caRQCNHVab79YTq//MgLr69s1cG+bX8KOX0N9IKIr6TocMlwR8EBWInz4yK9CitwSlRZ TFR7CQmAW9Jq1xefD5bHGubQ1qfbIK9q2maM6qXGfvmaQ0WKnLQTQXZX+KPZpV3GAqQp 7zRA== X-Gm-Message-State: AOAM533YEaj+NVqXi6dsPpu84UMl7IgdXC/y6tMJIzXxr12BWFvGA8Zr N+AORv+KqQNNaFw+14yrnSPdF2PUJ/7lAg3neOY= X-Received: by 2002:ab0:28d2:: with SMTP id g18mr7379906uaq.40.1630989570562; Mon, 06 Sep 2021 21:39:30 -0700 (PDT) MIME-Version: 1.0 References: <77e8d483-4395-0017-300e-0886f75217bb@intel.com> In-Reply-To: From: Hao Peng Date: Tue, 7 Sep 2021 12:39:03 +0800 Message-ID: Subject: Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported To: Xiaoyao Li Cc: Borislav Petkov , tglx@linutronix.de, mingo@redhat.com, x86@kernel.org, linux-kernel@vger.kernel.org, Pawan Gupta Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 7, 2021 at 12:26 PM Xiaoyao Li wrote: > > On 9/7/2021 11:40 AM, Hao Peng wrote: > > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li wrote= : > >> > >> On 9/7/2021 10:35 AM, Hao Peng wrote: > >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li wro= te: > >>>> > >>>> On 9/7/2021 9:47 AM, Hao Peng wrote: > >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov wrote= : > >>>>>> > >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest suppo= rts > >>>>>>> RTM and HLE features, it will affect TAA mitigation. > >>>>>>> > >>>>>>> Signed-off-by: Peng Hao > >>>>>>> --- > >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ > >>>>>>> 1 file changed, 7 insertions(+) > >>>>>>> > >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.= c > >>>>>>> index 9c7a5f049292..5e852c14fef2 100644 > >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c > >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c > >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) > >>>>>>> > >>>>>>> if (!tsx_ctrl_is_supported()) { > >>>>>>> tsx_ctrl_state =3D TSX_CTRL_NOT_SUPPORTED; > >>>>>>> + > >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CT= RL emulation, > >>>>>>> + * but guest supports RTM and HLE features, it wi= ll affect TAA > >>>>>>> + * =EF=BC=88tsx_async_abort=EF=BC=89mitigation. > >>>>>>> + */ > >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); > >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); > >>>> > >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in > >>>> taa_select_mitigation() > >>>> > >>>>>>> return; > >>>>>>> } > >>>>>> > >>>>>> How does that even happen - the hypervisor does not support the MS= R but > >>>>>> "guest supports" TSX features?! > >>>>>> > >>>>>> I guess the guest is detecting it wrong. > >>>>>> > >>>>>> What hypervisor, what guest, how do I reproduce? > >>>>>> > >>>>> hypervisor is kvm, guest is linux too. > >>>>>> Please give full details. > >>>>>> > >>>>> The host I used is kernel-5.4, and guest is kernel-5.13. > >>>>> MSR_IA32_TSX_CTRL is exposed > >>>>> to guest and guest to support RTM and HLE features, no direct > >>>>> dependence. at the qemu I > >>>>> started guest with -cpu host-model. > >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not > >>>>> exposed to guest. > >>>> > >>>> Does guest see TAA_NO bit? > >>>> > >>> Guest can't see taa_no, which requires updating qemu to solve. But I = think > >>> there is a compatibility process here. > >> > >> Anyway, there should be some existing code in kernel already to handle > >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn= 't > >> report MSR_TSX_CTRL nor TAA_NO. > >> > > Can you point out which patches ? At present, guest is kernel-5.13 > > still has this problem. > > What's the output of 'cat > /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest? > Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unkno= wn. > > Thanks. > >> And the Patch itself makes no sense. > >> > >>>>> Thanks. > >>>>>> -- > >>>>>> Regards/Gruss, > >>>>>> Boris. > >>>>>> > >>>>>> https://people.kernel.org/tglx/notes-about-netiquette > >>>> > >> >