[MODERATED] Re: [patch V6 12/14] MDS basics 12

From: Borislav Petkov <bp@suse.de>
To: speck@linutronix.de
Subject: [MODERATED] Re: [patch V6 12/14] MDS basics 12
Date: Wed, 6 Mar 2019 15:42:46 +0100	[thread overview]
Message-ID: <20190306144246.GG21338@zn.tnic> (raw)
In-Reply-To: <20190301214848.253554490@linutronix.de>

On Fri, Mar 01, 2019 at 10:47:50PM +0100, speck for Thomas Gleixner wrote:
> Subject: [patch V6 12/14] x86/speculation/mds: Add mitigation mode VMWERV
> From: Thomas Gleixner <tglx@linutronix.de>
> 
> In virtualized environments it can happen that the host has the microcode
> update which utilizes the VERW instruction to clear CPU buffers, but the
> hypervisor is not yet updated to expose the X86_FEATURE_MD_CLEAR CPUID bit
> to guests.
> 
> Introduce an internal mitigation mode VWWERV which enables the invocation
> of the CPU buffer clearing even if X86_FEATURE_MD_CLEAR is not set. If the
> system has no updated microcode this results in a pointless execution of
> the VERW instruction wasting a few CPU cycles. If the microcode is updated,
> but not exposed to a guest then the CPU buffers will be cleared.
> 
> That said: Virtual Machines Will Eventually Receive Vaccine
> 
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> ---
> V2 -> V3: Rename mode.
> ---
>  Documentation/x86/mds.rst        |   27 +++++++++++++++++++++++++++
>  arch/x86/include/asm/processor.h |    1 +
>  arch/x86/kernel/cpu/bugs.c       |   18 ++++++++++++------
>  3 files changed, 40 insertions(+), 6 deletions(-)

...

> @@ -235,10 +236,9 @@ static void mds_select_mitigation(void)
>  	}
>  
>  	if (mds_mitigation == MDS_MITIGATION_FULL) {
> -		if (boot_cpu_has(X86_FEATURE_MD_CLEAR))
> -			static_branch_enable(&mds_user_clear);
> -		else
> -			mds_mitigation = MDS_MITIGATION_OFF;
> +		if (!boot_cpu_has(X86_FEATURE_MD_CLEAR))
> +			mds_mitigation = MDS_MITIGATION_VMWERV;
> +		static_branch_enable(&mds_user_clear);
>  	}
>  	pr_info("%s\n", mds_strings[mds_mitigation]);
>  }
> @@ -703,8 +703,14 @@ void arch_smt_update(void)
>  		break;
>  	}
>  
> -	if (mds_mitigation == MDS_MITIGATION_FULL)
> +	switch(mds_mitigation) {

ERROR: space required before the open parenthesis '('
#119: FILE: arch/x86/kernel/cpu/bugs.c:706:
+       switch(mds_mitigation) {


with that addressed:

Reviewed-by: Borislav Petkov <bp@suse.de>

-- 
Regards/Gruss,
    Boris.

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--