Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1458659pxb; Wed, 30 Mar 2022 04:09:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxT/UQQqeld4c4huPQX8XON4XlWUzurIVOvc2W+crAxXdIkQgAm12+50zCpvvO7X2X/9R5P X-Received: by 2002:a05:6638:4197:b0:321:4854:b5e2 with SMTP id az23-20020a056638419700b003214854b5e2mr19635910jab.272.1648638581056; Wed, 30 Mar 2022 04:09:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648638581; cv=none; d=google.com; s=arc-20160816; b=zOG9EyTpOljiKbCTusVfY2lOex8q0rmZjQOBA3XjQ49HqkLUBj4RR5Y229vR7mdvxg WKDaWKiqIldxoyzbZudIRhqrZqkItgf0lDtDddZvnYgro7yeX8D5XGjQvh7KfC4xW+oi tFlqbnF6urSNr5DtUZKoVpu5+bA9W9UZO8zCfocqFU7k15K3rhWrAZFfyjv4HrmTPf6t BrCCXQ68EEHZdJt0k4yubtZap8XlooVoy5ofWrzPHlNO39DfJRDUwW5IJ7IJ0LyNv8dE uRBT39oFuxl7FishNw6VN/lmjXB9mSARsfPyXI/j+KcWlnYn7zEYHP5UVw4A+KR79h4W aEoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=DW2wDFQCImf26v5ntXjunDURAmpRUuqLKKejVbtGCVM=; b=gYYFWshifQtbgrbZUeDFTmrYTnwg8f+Dmf2I52XmrBYQ24DtIJx1/wXiT2kcN5FCxR /GUMeDnW1e4nKyOAYTNRxNruAdfhONT7LnUrx26IkDYjdajRjekOqK1N6PreqZkhj0VQ RWTqaMyFUFDItRHOYjFHIqrAbj6XEFPbkunDyrfpSx/BnwRgXWf5s65M2mI5nQRvkN0j iR8Z4uuJmPwoJD4qXMpqrj8gsxA0/YyYNNb+Gp3nYTuPdt6jGqeIKflyZi0W2gPbpYyV CmlRp2Lwh/JgNLPMXh9UXN9bM4lLqtuOvRpKFNILcyD8DpEgOXNtA4yKLAEODkgekCGy wX8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@collabora.com header.s=mail header.b=Yn3KxJPO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=collabora.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w4-20020a92ad04000000b002c9a6d77372si13424877ilh.94.2022.03.30.04.09.26; Wed, 30 Mar 2022 04:09:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@collabora.com header.s=mail header.b=Yn3KxJPO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=collabora.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243273AbiC3IWf (ORCPT + 99 others); Wed, 30 Mar 2022 04:22:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57084 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230199AbiC3IWe (ORCPT ); Wed, 30 Mar 2022 04:22:34 -0400 Received: from bhuna.collabora.co.uk (bhuna.collabora.co.uk [46.235.227.227]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF38430F52 for ; Wed, 30 Mar 2022 01:20:48 -0700 (PDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: rcn) with ESMTPSA id 817A61F443EE DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=collabora.com; s=mail; t=1648628447; bh=BsgS3Yrnz9Ahm/XDneBzS9oUTSGp3sCkzNQSr/FIjUI=; h=From:To:Cc:Subject:Date:From; b=Yn3KxJPOdxeKyamCekKoxq+nkIoxQ91HCB4lWUbQKWKSZ3eZkdHtCxtVux8dYq8O3 OlYLzH0WwcrfK1R9f8GxEhOXNvB3l0D+lmtJJi6ieTSikWj1ARXJ7i1VFJGEnHfylN HUufNYEDww+CSdjALmGvm9GSt4UL63uQ/N6u/eRc6QP5jeCXvLFgGYUoRJ3C8QjOOR r+UMn2wuSY70PMZO0YZSOKY15eDnI5Qe9rZT0wczJgFt4TXdk1XW3ZytgJLGowzHpc etoGT2a95xn7oInMXjOaOG7S357vMOFz9eSijXrFhvI9pGuxAn8F1x4kZF5Trv3i7n adPwaDHRtKJCw== From: =?UTF-8?q?Ricardo=20Ca=C3=B1uelo?= To: linux-kernel@vger.kernel.org Cc: =?UTF-8?q?Ricardo=20Ca=C3=B1uelo?= , Borislav Petkov , Thadeu Lima de Souza Cascardo , Mark Gross , x86@kernel.org, "H. Peter Anvin" , Ingo Molnar , Thomas Gleixner , John Johansen , Steve Beattie , kernel@collabora.com Subject: [PATCH v2] x86/speculation/srbds: do not try to turn mitigation off when not supported Date: Wed, 30 Mar 2022 10:20:26 +0200 Message-Id: <20220330082026.1549073-1-ricardo.canuelo@collabora.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When SRBDS is mitigated by TSX OFF, update_srbds_msr will still read and write to MSR_IA32_MCU_OPT_CTRL even when that is not supported by the microcode. Checking for X86_FEATURE_SRBDS_CTRL as a CPU feature available makes more sense than checking for SRBDS_MITIGATION_UCODE_NEEDED as the found "mitigation". Signed-off-by: Thadeu Lima de Souza Cascardo Signed-off-by: Borislav Petkov Signed-off-by: Ricardo Cañuelo Tested-by: Ricardo Cañuelo --- Hi all, This patch was originally posted here: https://lore.kernel.org/all/20200609174313.2600320-1-cascardo@canonical.com/#t by Boris, based on the original patch by Cascardo, I didn't make any changes to it. I didn't see it merged or discussed further and I can still reproduce the issue on a Samsung Galaxy Chromebook 2 (Intel Cometlake-U). When booted without the proper CPU u-codes, TSX is disabled (so the CPU isn't vulnerable to SRDBS) but this code still tries to access an unavailable MSR register so I get these two warning messages: unchecked MSR access error: RDMSR from 0x123 at rIP: 0xffffffff8203707e (update_srbds_msr+0x2e/0xa0) Call Trace: check_bugs+0x994/0xa6e ? __get_locked_pte+0x8f/0x100 start_kernel+0x630/0x664 secondary_startup_64_no_verify+0xd5/0xdb unchecked MSR access error: WRMSR to 0x123 (tried to write 0x0000000000000001) at rIP: 0xffffffff820370a9 (update_srbds_msr+0x59/0xa0) Call Trace: check_bugs+0x994/0xa6e ? __get_locked_pte+0x8f/0x100 start_kernel+0x630/0x664 secondary_startup_64_no_verify+0xd5/0xdb This patch avoids them. arch/x86/kernel/cpu/bugs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 6296e1ebed1d..9b14cb2ec693 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -443,14 +443,14 @@ void update_srbds_msr(void) if (boot_cpu_has(X86_FEATURE_HYPERVISOR)) return; - if (srbds_mitigation == SRBDS_MITIGATION_UCODE_NEEDED) + if (srbds_mitigation == SRBDS_MITIGATION_UCODE_NEEDED || + srbds_mitigation == SRBDS_MITIGATION_TSX_OFF) return; rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl); switch (srbds_mitigation) { case SRBDS_MITIGATION_OFF: - case SRBDS_MITIGATION_TSX_OFF: mcu_ctrl |= RNGDS_MITG_DIS; break; case SRBDS_MITIGATION_FULL: -- 2.25.1