Received: by 2002:a05:6a10:7420:0:0:0:0 with SMTP id hk32csp607322pxb; Tue, 15 Feb 2022 23:36:17 -0800 (PST) X-Google-Smtp-Source: ABdhPJwjGxnuoxI0GTFh+f6De7LjebjMtfjRSyaiZaTDZtdSpfDtmDJySfwKz1VEYEOzHkI4nA5D X-Received: by 2002:a63:1046:0:b0:36d:1173:f2d7 with SMTP id 6-20020a631046000000b0036d1173f2d7mr1195558pgq.475.1644996977438; Tue, 15 Feb 2022 23:36:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644996977; cv=none; d=google.com; s=arc-20160816; b=Lg78D0YRr17HhsHL5BcoqGg14hBYiFKYNzMyWhi4PT1ueSV7dUWzDYbV2fslPJjeMc lz0kz2VY++BN8xdEhMVEkKoRMkmEx7ULHcGgt3f4sCaVLeHAO/WNj8THnm/JyOf06Go2 SiqSbzTd1/tx31/+fFFUCk/DqfsnQWMH4hjBmIS3G4j9+jHYw56nDxnsGyUEjj4A+v+6 WS4LC+gtglRn9njGnooxQ/ux4+GcdIyXG2K1FpF+dijQpIrZhLuk9hg/PPUz6ubC0Js8 DcCPI9oclCbY/O98sK1LcFKKmihwrr580UXq06BZNBudtaCLOwTXE9JycPpY/M67t0ev Zs+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=3f4y2yguXvUrU7lczgu8gh9tQfZt363S1MBqO0zPhoA=; b=uPt+k40UYUQHMYvkenbeGnZpBUyNqzysBKDAO80t3vzLaMUJRARZNHnnhf5fD7cYq5 eYLXGeOqIKZJeYfHXCeENZErUMRR0WOQ2meuKJKGZ20Kva29cNcSOxnvjG+LkgrlLRB/ rV923M8q80X8Y/1IV9UpQYMTqcjgN+e8PGRlsVFbQ/28eIaL8bdP8D8E7nAakjNlw0yq fPf1caHsCW5528hO73fgWCYa+hda2eCts2YPui6pJ3zAxS9PtES/l99pS2KPfNYfUgML D1LGRSaj4Vb2Q8/lhhi1qyfyJ2gdmRjTXv7qx3JxGPT3teVGnmEu1ZMjCajoi0hquve0 m/sw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=I7IRy1s6; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id e4si10464115pjr.42.2022.02.15.23.36.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Feb 2022 23:36:17 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=I7IRy1s6; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 6CB922B1A82; Tue, 15 Feb 2022 23:02:03 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245014AbiBPB2z (ORCPT + 99 others); Tue, 15 Feb 2022 20:28:55 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:50012 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238335AbiBPB2y (ORCPT ); Tue, 15 Feb 2022 20:28:54 -0500 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 91EC2CD5C6; Tue, 15 Feb 2022 17:28:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1644974923; x=1676510923; h=date:from:to:cc:subject:message-id:references: mime-version:content-transfer-encoding:in-reply-to; bh=3f4y2yguXvUrU7lczgu8gh9tQfZt363S1MBqO0zPhoA=; b=I7IRy1s6SkucObgiO4o9dMgmcGx2YFoMCebj9SqXyhAuFo3CLMpDltoj B0IKGiXXYiZTWQZkGruATwWEzLtJYcAHme1wIg+oiIroXWk+1bewTaHvz f85eP63c2g7Wf7VmRxfQNV1zy7OA7Q6SE5SSkYPxv3cWbQx8RwA3KRywP e+R5+xlgPSQpgd6ULiXeugFOOCSQ1nNujeoIPAV74ROW1n7gy5J1+KdPD MQBOk8zOV14WHs14/2HTlSsw0iTqcKg1rgJpfkQsVuhRvLqnyMCxSzfK/ SlWgw2wofKPzLVQjgpYS4L8IdyiGCOQkwgDlFVeINNSwN5OKntGYT6gZp w==; X-IronPort-AV: E=McAfee;i="6200,9189,10259"; a="311238524" X-IronPort-AV: E=Sophos;i="5.88,371,1635231600"; d="scan'208";a="311238524" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2022 17:28:43 -0800 X-IronPort-AV: E=Sophos;i="5.88,371,1635231600"; d="scan'208";a="529171432" Received: from guptapa-mobl1.amr.corp.intel.com ([10.209.113.151]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2022 17:28:42 -0800 Date: Tue, 15 Feb 2022 17:28:41 -0800 From: Pawan Gupta To: Andrew Cooper Cc: Borislav Petkov , Thomas Gleixner , Ingo Molnar , Dave Hansen , "x86@kernel.org" , "H. Peter Anvin" , Andi Kleen , Tony Luck , "linux-kernel@vger.kernel.org" , "antonio.gomez.iglesias@linux.intel.com" , "neelima.krishnan@intel.com" , "stable@vger.kernel.org" Subject: Re: [PATCH] x86/tsx: Use MSR_TSX_CTRL to clear CPUID bits Message-ID: <20220216012841.vxlnugre2j4pczp7@guptapa-mobl1.amr.corp.intel.com> References: <20220214224121.ilhu23cfjdyhvahk@guptapa-mobl1.amr.corp.intel.com> <20220215002014.mb7g4y3hfefmyozx@guptapa-mobl1.amr.corp.intel.com> <20220215121103.vhb2lpoygxn3xywy@guptapa-mobl1.amr.corp.intel.com> <20220215181931.wxfsn2a3npg7xmi2@guptapa-mobl1.amr.corp.intel.com> <20220216003950.5jxecuf773g2kuwl@guptapa-mobl1.amr.corp.intel.com> <6724088f-c7cf-da92-e894-d8970f13bf1e@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <6724088f-c7cf-da92-e894-d8970f13bf1e@citrix.com> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 16.02.2022 00:49, Andrew Cooper wrote: >On 16/02/2022 00:39, Pawan Gupta wrote: >> On 15.02.2022 20:33, Borislav Petkov wrote: >>> On Tue, Feb 15, 2022 at 10:19:31AM -0800, Pawan Gupta wrote: >>>> I admit it has gotten complicated with so many bits associated with >>>> TSX. >>> >>> Yah, and looka here: >>> >>> https://github.com/andyhhp/xen/commit/ad9f7c3b2e0df38ad6d54f4769d4dccf765fbcee >>> >>> >>> It seems it isn't complicated enough. ;-\ >>> >>> Andy just made me aware of this thing where you guys have added a new >>> MSR bit: >>> >>> MSR_MCU_OPT_CTRL[1] which is called something like >>> MCU_OPT_CTRL_RTM_ALLOW or so. >> >> RTM_ALLOW bit was added to MSR_MCU_OPT_CTRL, but its not set by default, >> and it is *not* recommended to be used in production deployments [1]: >> >>   Although MSR 0x122 (TSX_CTRL) and MSR 0x123 (IA32_MCU_OPT_CTRL) can be >>   used to reenable Intel TSX for development, doing so is not recommended >>   for production deployments. In particular, applying MD_CLEAR flows for >>   mitigation of the Intel TSX Asynchronous Abort (TAA) transient >> execution >>   attack may not be effective on these processors when Intel TSX is >>   enabled with updated microcode. The processors continue to be mitigated >>   against TAA when Intel TSX is disabled. > >The purpose of setting RTM_ALLOW isn't to enable TSX per say. > >The purpose is to make MSR_TSX_CTRL.RTM_DISABLE behaves consistently on >all hardware, which reduces the complexity and invasiveness of dealing >with this special case, because the TAA workaround will still turn TSX >off by default. > >The configuration you don't want to be running with is RTM_ALLOW && >!RTM_DISABLE, because that is "still vulnerable to TSX Async Abort". I am not sure how a system can end up with RTM_ALLOW && !RTM_DISABLE? I have no problem taking care of this case, I am just debating why we need it. One way to get to this state is BIOS sets RTM_ALLOW (dont know why?) and linux cmdline has tsx=on. Thanks, Pawan