Received: by 2002:a05:7412:bc1a:b0:d7:7d3a:4fe2 with SMTP id ki26csp303285rdb; Sat, 19 Aug 2023 02:21:10 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFfRY46PktEt2EEtfzPRJ5NdTacfdZJ5VWil2T8duOJp5Q0E/Qh6XmocGCUgqxIaMPVxFyB X-Received: by 2002:a05:6a20:4417:b0:140:5248:e028 with SMTP id ce23-20020a056a20441700b001405248e028mr1532840pzb.45.1692436869953; Sat, 19 Aug 2023 02:21:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692436869; cv=none; d=google.com; s=arc-20160816; b=jJ+GVvskoSAyUMgykI1biMu6AN4MqnBB3y1Ygdb1Pr4x/OzN4pO/0Fqp3cTqynamZT kDQc6G3zcbNAWIKs/yHSyQ+31OEh1G7+5YliC3HLf3b/O32VUSwJj68buegm9OAU5QMI E1HHxTcLb5oH1yB6XdKxTtj0EtGGMyafQuYDbhoq2PpSZeBChGU98jhvZUMAs0z9n70K KpTfHU/h+UR3I2fcs2bOMeSxp2RzhEFqcWBEbEcIogiuMdotswX24EWOaZQkMifN9QAm sGYJ3PrLWuTFh6pqAR2XnZ2wCIciW5ZrJvQP9wGNk+BVzuYFzwpSUPU3hBLvLgIb62sY iJvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=6fIiGtcO50eZqRlr69+zGZ9SB6CP6hhr+LwhWQckS7o=; fh=gKLyGoVE5kyeekC9wm1hIBWPDfgK5z4wsOZ8yWMTN4s=; b=go8bfyC8mXXISP1K34X0pO/OsCC+aUPMUnaoXNtF3G6nYV19MiD0hATdu6fA0JWOph 1ePWfF/sqtbY7dhwhg1+n3UYImvHfdPAAw2JXA+iPvO/9ABTdqDPR7X5QvAoojHaYi5c OXnpskhDBOZNolQ5lZl4LOPsOl3AJF4hCtPdDXGluu4ouijbnOe8fX2HClBxVzqZprFX qLsfanfoY9DZ+eLgQfRphp1f3vgYJgD28YP5cX7cmxEkR9xc5TJ8YGLxiu3K0+J7CfU1 rjMpz3ERzOkZnIbNX3SBwTBWfkua9oMi2WGskDd3vZ6jW64CZFKWviLeNJamU7UAQLPs loXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=AeAT4nBD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kv4-20020a17090328c400b001b8039317cesi2987398plb.301.2023.08.19.02.20.57; Sat, 19 Aug 2023 02:21:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=AeAT4nBD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240091AbjHOV2J (ORCPT + 99 others); Tue, 15 Aug 2023 17:28:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44190 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240280AbjHOV15 (ORCPT ); Tue, 15 Aug 2023 17:27:57 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1DFB619A7 for ; Tue, 15 Aug 2023 14:27:54 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9400D643C9 for ; Tue, 15 Aug 2023 21:27:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BB6E1C433C7; Tue, 15 Aug 2023 21:27:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1692134873; bh=ZZDEcQyn5dlUdM05H92yE2d+GFcS0xdhRw8L9pzrQnE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=AeAT4nBDG48Mb46evkZoy2Y5CXNY669h+MkxsO0PxKLGZ9S7fNSioAusZnI0fmo3+ uVx60u8JFhN3WrNlpTwNqKKrZ8/+6MCd4RPYvLXwBK6AcJDddIrS7/sKzOvuCCR6bh r/G19AMh45sQKAnKC7lvspxdVRrsqNCfY8UPvIcQCQSIcXonbDTOv3gRN/2o6IDw+A UjCyju9vYS22IWgPX4HjWzfDt+UdxkGos1/cR+30/8J8vHYLtcVfUtBkuKwkURQ9+6 DNgxB3duVFQTgggRUFrZ6CvYaaKiTcj7khd35WVtRpwc8tw6kggRxxp6hRwTT1YYag /jcixy22sDfBA== Date: Tue, 15 Aug 2023 14:27:51 -0700 From: Josh Poimboeuf To: Borislav Petkov Cc: Nikolay Borisov , X86 ML , Josh Poimboeuf , LKML Subject: Re: [PATCH] x86/srso: Correct the mitigation status when SMT is disabled Message-ID: <20230815212751.xhsyn7iwj2gwpuk5@treble> References: <20230813104517.3346-1-bp@alien8.de> <1588ed00-be11-ff9d-e4c2-12db78cca06f@suse.com> <20230814200813.p5czl47zssuej7nv@treble> <20230814202545.GKZNqNybUnKv+xyrtP@fat_crate.local> <20230814205300.krikym7jeckehqik@treble> <20230814211727.GLZNqZ5+flxtyaDjMQ@fat_crate.local> <20230815095724.GBZNtMBPUJSEegviJN@fat_crate.local> <20230815195831.2opbgrznnpszaa32@treble> <20230815201753.GGZNvdcbPHXtEXn4As@fat_crate.local> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20230815201753.GGZNvdcbPHXtEXn4As@fat_crate.local> X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 15, 2023 at 10:17:53PM +0200, Borislav Petkov wrote: > On Tue, Aug 15, 2023 at 12:58:31PM -0700, Josh Poimboeuf wrote: > > AFAICT, nowhere in the spec does it say the SRSO_NO bit won't get set by > > future (fixed) HW. In fact I'd expect it will, similar to other *_NO > > flags. > > I'm pretty sure it won't. > > SRSO_NO is synthesized by the hypervisor *software*. Nothing else. Citation needed. > It is there so that you don't check microcode version in the guest which > is nearly impossible anyway. > > > Regardless, here SRSO_NO seems to mean two different things: "reported > > safe by host (or HW)" and "not reported safe on Zen1/2 with SMT not > > possible". > > Huh? Can you clarify what doesn't make sense? > > Also, in this code, the SRSO_NO+SMT combo doesn't seem logically > > possible, as srso_show_state() only gets called if X86_BUG_SRSO is set, > > which only happens if SRSO_NO is not set by the HW/host in the first > > place. So here, if boot_cpu_has(X86_FEATURE_SRSO_NO), it means SRSO_NO > > was manually set by srso_select_mitigation(), and SMT can't possibly be > > enabled. > > Have you considered the case where Linux would set SRSO_NO when booting > on future hardware, which is fixed? > > There SRSO_NO and SMT will very much be possible. How is that relevant to my comment? The bug bit still wouldn't get set and srso_show_state() still wouldn't be called. -- Josh