Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp362063rwn; Wed, 7 Sep 2022 18:25:07 -0700 (PDT) X-Google-Smtp-Source: AA6agR5ngrCWrf43HEGAgYY9xrym3ciuDJ5P0OAk5wyw4vtjBYdsTVKPchORtc/hVjx4ixdk7ywm X-Received: by 2002:a05:6402:228d:b0:44e:f15e:a841 with SMTP id cw13-20020a056402228d00b0044ef15ea841mr5008361edb.157.1662600306949; Wed, 07 Sep 2022 18:25:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1662600306; cv=none; d=google.com; s=arc-20160816; b=kU3NwMZIIpXTbc79RJkmz8Q7cHYdca0QRTDs0bxeJGDXgase0NqsDdunnZw/0DzMQ7 jRdKkGnlvggyGYwYsEGhGRjwqhVhdjEnEVMixPbdjTWmsBJv5Z2qzi+BuWniZih8Er12 kffVGGgxD/4Hf7t+55dz3GAdokA5vhp6Mxwl36bzMsSf1qBnaUlowJpaDHtVp98kQ5PD 7bEir/TJdUcUc86g/3jm+ER7P2PRIX01KqMYUEAj4mplD1FKGTjksi3FkYnY849rJPeq J7MoMZ1ILM+WgarAyF4hgtvMfAErknFnfaK0to8BND4QAx2ha68DHcUyPrKKtEOK2PBR GbxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=AkkCHU7rDz8WKLJ9x7wkBRI8buLLIldwEbHO+WaoOu0=; b=BSHwuZ1DiuBlFJWqBKdN7XrZ5pwNXCJ4x3Py0I9fBxfUR9B3bdvHx2Hf8Yap39dlBf WglQz6O9XMN2ywD0nQ61DM2Gm6UggivDUrw4ycjcKmKK7IR7vtHU5+di88wBIc6OKNkE MP4rZp9ECBPtx5ouOTSUeEodu4nwqSgmEhvCOTpklkgZKzTXDBK4mmXkD2fkXblg6jPo z6wmCYoW1lBUDfgudj4BPsaDKF2mkVttk49ukcriUIreUhtFwqpzm0uH0eWSBdfuqqn/ oeah1Vd1JTxYYR0yf4PF3y+L3Bvv0k70M0QN3PryEH4jwNwXd31mWzPYjhgBWwOURECk 6GJQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=miNINWJc; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bo12-20020a170906d04c00b007725ee6ea55si773932ejb.76.2022.09.07.18.24.42; Wed, 07 Sep 2022 18:25:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=miNINWJc; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230130AbiIHBDm (ORCPT + 99 others); Wed, 7 Sep 2022 21:03:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42204 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230128AbiIHBDc (ORCPT ); Wed, 7 Sep 2022 21:03:32 -0400 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7C7FDC2F82 for ; Wed, 7 Sep 2022 18:03:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1662599011; x=1694135011; h=date:from:to:cc:subject:message-id:references: mime-version:content-transfer-encoding:in-reply-to; bh=26/imFb4csvZ9bWbHVMwcbyUMlLP50BKdvRpDIg2LU4=; b=miNINWJcXH/nJY0k6UV1U8H+rhdalyRtrjIolvWx311ViKur4gVW3Roe QfPN5SnafpzVbsAKXuAjH0+lv7KI0AhL0lmBCmPAcGmPQZXuYckmeQayX cr3tNJf1W0W5oU3NEnuci8JzYKU+hKbVZXs/hsmZ6oQ9KpODafUkLGEMV 2ea/gcvOTYrf8j+qYKJO3VXlCxKSehEKz2ZD5j6dMN7LWRv8Sqevg6wcG /Sa6T8sszA82a7iR10I6CGo+P4WZM7qMYu3RpRVT2NhVObh/BNfxzZnsr X1ihA0Ojz7GhYPKlV9yQBnFyvRb1T6Mv7dU84zgxOB71agIKhz+L22X8V A==; X-IronPort-AV: E=McAfee;i="6500,9779,10463"; a="280064706" X-IronPort-AV: E=Sophos;i="5.93,298,1654585200"; d="scan'208";a="280064706" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Sep 2022 18:03:31 -0700 X-IronPort-AV: E=Sophos;i="5.93,298,1654585200"; d="scan'208";a="591943895" Received: from arashsob-mobl.amr.corp.intel.com (HELO desk) ([10.209.110.101]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Sep 2022 18:03:30 -0700 Date: Wed, 7 Sep 2022 18:03:29 -0700 From: Pawan Gupta To: Andrew Cooper Cc: Peter Zijlstra , Hans de Goede , "Rafael J . Wysocki" , Pavel Machek , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H . Peter Anvin" , "x86@kernel.org" , "linux-kernel@vger.kernel.org" , Dave Hansen Subject: Re: [PATCH] x86/cpu: Avoid writing MSR_IA32_TSX_CTRL when writing it is not supported Message-ID: <20220908010329.rhetlp6plqlaiegf@desk> References: <20220906201743.436091-1-hdegoede@redhat.com> <6ff23930-325b-4207-12fc-4d8fd5bea1ff@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 06, 2022 at 11:00:08PM +0000, Andrew Cooper wrote: > On 06/09/2022 22:00, Peter Zijlstra wrote: > > On Tue, Sep 06, 2022 at 10:56:47PM +0200, Hans de Goede wrote: > >> Hi, > >> > >> On 9/6/22 22:43, Peter Zijlstra wrote: > >>> On Tue, Sep 06, 2022 at 10:17:43PM +0200, Hans de Goede wrote: > >>>> On an Intel Atom N2600 (and presumable other Cedar Trail models) > >>>> MSR_IA32_TSX_CTRL can be read, causing saved_msr.valid to be set for it > >>>> by msr_build_context(). > >>>> > >>>> This causes restore_processor_state() to try and restore it, but writing > >>>> this MSR is not allowed on the Intel Atom N2600 leading to: > >>> FWIW, virt tends to do this same thing a lot. They'll allow reading > >>> random MSRs and only fail on write. > >> Right. So I guess I should send a v2 with an updated commit > >> message mentioning this ? > > Nah, just saying this is a somewhat common pattern with MSRs. > > > > The best ones are the one where writing the value read is invalid :/ or > > those who also silently eat a 0 write just for giggles. Luckily that > > doesn't happen often. > > Several comments.  First of all, MSR_TSX_CTRL is a fully read/write > MSR.  If virt is doing this wrong, fix the hypervisor.  But this doesn't > look virt related? > > More importantly, MSR_TSX_CTRL does not plausibly exist on an Atom > N2600, as it is more than a decade old. > > MSR_TSX_CTRL was retrofitted in microcode to the MDS_NO, TAA-vulnerable > CPUs which is a very narrow range from about 1 quarter of 2019 which > includes Cascade Lake, and then included architecturally on subsequent > parts which support TSX. > > pm_save_spec_msr() is totally broken.  It's poking MSRs blindly without > checking the enumeration of the capability first. pm_save_spec_msr() relies on valid-msr-check in build_msr_context(), but obviously it is not working in this particular case. Does adding the enumeration check as below looks okay: (I am not sure if I got the enumeration right for MSR_AMD64_LS_CFG). --- diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h index 8cbf623f0ecf..a750c1a1964b 100644 --- a/arch/x86/include/asm/cpu.h +++ b/arch/x86/include/asm/cpu.h @@ -76,6 +76,8 @@ static inline void init_ia32_feat_ctl(struct cpuinfo_x86 *c) {} extern __noendbr void cet_disable(void); +extern bool spec_msr_valid(u32 msr_id); + struct ucode_cpu_info; int intel_cpu_collect_info(struct ucode_cpu_info *uci); diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 3e508f239098..7430a36fd7ae 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1278,6 +1278,26 @@ static bool __init cpu_matches(const struct x86_cpu_id *table, unsigned long whi return m && !!(m->driver_data & which); } +bool spec_msr_valid(u32 msr_id) +{ + u64 ia32_cap = x86_read_arch_cap_msr(); + + switch (msr_id) { + case MSR_IA32_SPEC_CTRL: + return boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL); + case MSR_IA32_TSX_CTRL: + return !!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR); + case MSR_TSX_FORCE_ABORT: + return boot_cpu_has(X86_FEATURE_TSX_FORCE_ABORT); + case MSR_IA32_MCU_OPT_CTRL: + return boot_cpu_has(X86_FEATURE_SRBDS_CTRL); + case MSR_AMD64_LS_CFG: + return boot_cpu_has(X86_FEATURE_LS_CFG_SSBD); + } + + return false; +} + u64 x86_read_arch_cap_msr(void) { u64 ia32_cap = 0; diff --git a/arch/x86/power/cpu.c b/arch/x86/power/cpu.c index bb176c72891c..8db73f7982c7 100644 --- a/arch/x86/power/cpu.c +++ b/arch/x86/power/cpu.c @@ -520,8 +520,12 @@ static void pm_save_spec_msr(void) MSR_IA32_MCU_OPT_CTRL, MSR_AMD64_LS_CFG, }; + int i; - msr_build_context(spec_msr_id, ARRAY_SIZE(spec_msr_id)); + for (i=0; i < ARRAY_SIZE(spec_msr_id); i++) { + if (spec_msr_valid(spec_msr_id[i])) + msr_build_context(&spec_msr_id[i], 1); + } } static int pm_check_save_msr(void)