Received: by 2002:ab2:b82:0:b0:1f3:401:3cfb with SMTP id 2csp904553lqh;
        Thu, 28 Mar 2024 23:57:56 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCXhcnzbvkD1vClOqkWBJELAtlfLDyozQnGvC4c9hrD+CuBH2Omcf1zIyUdjtW3iX3SCqIpIW17b9LMnMq7xLhjVHl4h8cUA8jPkDqDfgQ==
X-Google-Smtp-Source: AGHT+IGx8sAD6BesWzigAAi++9Jxht8oNiU9yFdiMNdlkcK4A3kV10Dgq2Ng+7G5zs3VbjlGQRFA
X-Received: by 2002:a25:af03:0:b0:dbd:be40:2191 with SMTP id a3-20020a25af03000000b00dbdbe402191mr1553191ybh.42.1711695476129;
        Thu, 28 Mar 2024 23:57:56 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1711695476; cv=pass;
        d=google.com; s=arc-20160816;
        b=YZCIPlBPZpPuUmNTD0H0qEn3tgeHRpXG9T+LCiyN+ioG+XFOYHUTKAJZzsIL6po5wx
         tP5XGCEAVd4c/Ma7INkAKd8cO9W80hsm/1E8ZAmveV7sZuxl4GJAavN7aG9+/gar9Qxo
         ZodxexVbsiRQZL41DYUCn4uT2GOuqfQJMSXRxYzVqBFDhVKMemM1kkdOQm0u9KuGoYdO
         VxvFYCX7XiXsexyjaA2SMpfGSIXr7Edn11bUS+9CWoncnVOvRnPDMf6TS3ECxZix9fST
         SJKtKllfBWDhsi8WM7mua93lHu0sQ/zHLKUOzJ+1IYrLOyaUJtYmqpEX6Zx5mhh+pmV7
         APaA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=S03lgh5vJ5SsuDZO0iZmFS0X106Zo892EW93mGRk8sU=;
        fh=nhbGY5htpDLtfCpJ5ZnnQM+C4RdwDqzcPnntbXpvbss=;
        b=ISpOeK9tpwOG56U11U8pS6uarQE2IZB3J0zjQgoAxCr/aOl8ap8KvKUXt8aJRoLrhs
         EX1bLxvB/MLBYNMzSL6a6XmFllqg3q1gOGDH5Cga+p7APFQiaA7lN8IALrzcEh3lt+sd
         LfHleIoxPA6Imhk2SyM8BIE+cxHby5YsfOUcJOB+XDxuFn9rtoQjBamfd09yyELQudKe
         vT9eQHCBtkxOtqE1aS26U7A9lW/pOwcDkDYWNCkj9sh6ipSJF/W+TQlq3Di4yhpO7lok
         poRGHl0Uhe6P8obnq7SYRKjl4ypEGbPYAtHLgcSIEhq2ZEN8sgQ3/tM7FbSTCJAAT/2O
         xFug==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=RPeog6it;
       arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com);
       spf=pass (google.com: domain of linux-crypto+bounces-3057-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3057-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-crypto+bounces-3057-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id d12-20020a05622a05cc00b00432b583054esi2802023qtb.156.2024.03.28.23.57.55
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 28 Mar 2024 23:57:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto+bounces-3057-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=RPeog6it;
       arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com);
       spf=pass (google.com: domain of linux-crypto+bounces-3057-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3057-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id C58C71C2230B
	for <linux.lists.archive@gmail.com>; Fri, 29 Mar 2024 06:57:55 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id EC0983FBB3;
	Fri, 29 Mar 2024 06:57:51 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="RPeog6it"
X-Original-To: linux-crypto@vger.kernel.org
Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.13])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 43F293FB8C;
	Fri, 29 Mar 2024 06:57:49 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.13
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1711695471; cv=none; b=P44/vE3hjlBgAUKwqwCsCYC6kmX55WBd3RtvwgNhCe/lwVIovBSOVWqVVSNZqbz+lYrvxM0o/wB1pzbSRKKeKW0+454reCzv2ra+7U4Uq1GP2a4B38iTslF53WSn9JZ7q8uQDfn6xX4VZzDHatm55/dk0vz+Rom+U5eBvRjKCyI=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1711695471; c=relaxed/simple;
	bh=3tp0OjNh8FoNAxu2MnETSB9plHBlxQ/kYzlSx8y1UpU=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=QyteSu2uykixX1DVdkIx/2rBSWRwB62rtmQzPSXSnEefnfcBJOnmMG1dKfz6xiomo2rGPp3LUPymIwoJ8U8WJoXsf5BJPNz4ofACp4hYnY38i2QbRyxvqAeyJVdPC5d6mP7foeAhflCZlu0GvjANLDrswb7+3GRfVlLaCtE6lHc=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=RPeog6it; arc=none smtp.client-ip=198.175.65.13
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com
Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1711695470; x=1743231470;
  h=date:from:to:cc:subject:message-id:references:
   mime-version:in-reply-to;
  bh=3tp0OjNh8FoNAxu2MnETSB9plHBlxQ/kYzlSx8y1UpU=;
  b=RPeog6itdr8XcKWKrmQNUQYPfkYt/pQ0yJ5HsnRnfRWG+72H7uAXjtBy
   7dPHRIvrEg2u3pS9+J8aImXKCwXoeF8JXSzv+kSDCudzj47gxdsSxWasa
   bq/mWvG3UIkYJmFm7EoPQIfNrOj0LMnhYLPzAEeb+u0y47XI4adcq6EKL
   Kxoc6FXctL/kGVxb+JxUhMITgXzxGJeN/kZlUdsm7J0COYofjWQy08Vzb
   65IcXd7WhXZYgye2gwUyk0qC2EmCPmD6bDsr4lIfR/Z2IDHe0WyivA84+
   MWXuUqJzROS34qTYqiv/ntsIO4VHtQTEVvJfuhnivg34Fta5Jw5jZKOqQ
   Q==;
X-CSE-ConnectionGUID: Vr6mqM4oQ1aS2gFIn90QCw==
X-CSE-MsgGUID: eK9qESqfTnWfuHLKAK91ag==
X-IronPort-AV: E=McAfee;i="6600,9927,11027"; a="18027410"
X-IronPort-AV: E=Sophos;i="6.07,164,1708416000"; 
   d="scan'208";a="18027410"
Received: from orviesa001.jf.intel.com ([10.64.159.141])
  by orvoesa105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Mar 2024 23:57:49 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.07,164,1708416000"; 
   d="scan'208";a="54351691"
Received: from atanneer-mobl.amr.corp.intel.com (HELO desk) ([10.209.84.81])
  by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Mar 2024 23:57:49 -0700
Date: Thu, 28 Mar 2024 23:57:42 -0700
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
To: "Chang S. Bae" <chang.seok.bae@intel.com>
Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
	dm-devel@redhat.com, ebiggers@kernel.org, luto@kernel.org,
	dave.hansen@linux.intel.com, tglx@linutronix.de, bp@alien8.de,
	mingo@kernel.org, x86@kernel.org, herbert@gondor.apana.org.au,
	ardb@kernel.org, elliott@hpe.com, dan.j.williams@intel.com,
	bernie.keany@intel.com, charishma1.gairuboyina@intel.com,
	Dave Hansen <dave.hansen@intel.com>
Subject: Re: [PATCH v9 10/14] x86/cpu/keylocker: Check Gather Data Sampling
 mitigation
Message-ID: <20240329065742.fc5of75e776y2g4b@desk>
References: <20230603152227.12335-1-chang.seok.bae@intel.com>
 <20240329015346.635933-1-chang.seok.bae@intel.com>
 <20240329015346.635933-11-chang.seok.bae@intel.com>
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240329015346.635933-11-chang.seok.bae@intel.com>

On Thu, Mar 28, 2024 at 06:53:42PM -0700, Chang S. Bae wrote:
> +/*
> + * The mitigation is implemented at a microcode level. Ensure that the
> + * microcode update is applied and the mitigation is locked.
> + */
> +static bool __init have_gds_mitigation(void)
> +{
> +	u64 mcu_ctrl;
> +
> +	/* GDS_CTRL is set if new microcode is loaded. */
> +	if (!(x86_read_arch_cap_msr() & ARCH_CAP_GDS_CTRL))
> +		goto vulnerable;
> +
> +	/* If GDS_MITG_LOCKED is set, GDS_MITG_DIS is forced to 0. */
> +	rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> +	if (mcu_ctrl & GDS_MITG_LOCKED)
> +		return true;

Similar to RFDS, above checks can be simplified to:

	if (gds_mitigation == GDS_MITIGATION_FULL_LOCKED)
		return true;
> +
> +vulnerable:
> +	pr_warn("x86/keylocker: Susceptible to the GDS vulnerability.\n");
> +	return false;
> +}