From: Michal Hocko <mhocko@suse.com>
To: speck@linutronix.de
Subject: [MODERATED] [PATCH v7 09/10] TAAv7 9
Date: Mon, 21 Oct 2019 13:31:02 -0700 [thread overview]
Message-ID: <=?utf-8?q?=3Cd869f27b307ada1054cf94f6b944892b8e3a1a4d=2E157168?= =?utf-8?q?8957=2Egit=2Epawan=2Ekumar=2Egupta=40linux=2Eintel=2Ecom=3E?=> (raw)
In-Reply-To: <cover.1571688957.git.pawan.kumar.gupta@linux.intel.com>
From: Michal Hocko <mhocko@suse.com>
Subject: [PATCH v7 09/10] x86/tsx: Add config options to set tsx=on|off|auto
There is a general consensus that TSX usage is not largely spread while
the history shows there is a non trivial space for side channel attacks
possible. Therefore the tsx is disabled by default even on platforms
that might have a safe implementation of TSX according to the current
knowledge. This is a fair trade off to make.
There are, however, workloads that really do benefit from using TSX and
updating to a newer kernel with TSX disabled might introduce a
noticeable regressions. This would be especially a problem for Linux
distributions which will provide TAA mitigations.
Introduce config options X86_INTEL_TSX_MODE_OFF, X86_INTEL_TSX_MODE_ON
and X86_INTEL_TSX_MODE_AUTO to control the TSX feature. The config
setting can be overridden by the tsx cmdline options.
Suggested-by: Borislav Petkov <bpetkov@suse.de>
Signed-off-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
---
arch/x86/Kconfig | 45 +++++++++++++++++++++++++++++++++++++++
arch/x86/kernel/cpu/tsx.c | 22 +++++++++++++------
2 files changed, 61 insertions(+), 6 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index d6e1faa28c58..eebae89726c4 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1940,6 +1940,51 @@ config X86_INTEL_MEMORY_PROTECTION_KEYS
If unsure, say y.
+choice
+ prompt "TSX enable mode"
+ depends on CPU_SUP_INTEL
+ default X86_INTEL_TSX_MODE_OFF
+ help
+ Intel's TSX (Transactional Synchronization Extensions) feature
+ allows to optimize locking protocols through lock elision which
+ can lead to a noticeable performance boost.
+
+ On the other hand it has been shown that TSX can be exploited
+ to form side channel attacks (e.g. TAA) and chances are there
+ will be more of those attacks discovered in the future.
+
+ Therefore TSX is not enabled by default (aka tsx=off). An admin
+ might override this decision by tsx=on command line parameter. This
+ has a risk that TSX will get enabled also on platforms which are
+ known to be vulnerable to attacks like TAA and a safer option is to
+ use tsx=auto command line parameter.
+
+ This options allows to set the default tsx mode between tsx=on, off
+ and auto. See Documentation/admin-guide/kernel-parameters.txt for more
+ details.
+
+ Say off if not sure, auto if TSX is in use but it should be used on safe
+ platforms or on if TSX is in use and the security aspect of tsx is not
+ relevant.
+
+config X86_INTEL_TSX_MODE_OFF
+ bool "off"
+ help
+ TSX is always disabled - equals tsx=off command line parameter.
+
+config X86_INTEL_TSX_MODE_ON
+ bool "on"
+ help
+ TSX is always enabled on TSX capable HW - equals tsx=on command line
+ parameter.
+
+config X86_INTEL_TSX_MODE_AUTO
+ bool "auto"
+ help
+ TSX is enabled on TSX capable HW that is believed to be safe against
+ side channel attacks- equals tsx=auto command line parameter.
+endchoice
+
config EFI
bool "EFI runtime service support"
depends on ACPI
diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c
index 9d7d3ad324b7..bd74f216f026 100644
--- a/arch/x86/kernel/cpu/tsx.c
+++ b/arch/x86/kernel/cpu/tsx.c
@@ -65,6 +65,14 @@ static bool __init tsx_ctrl_is_supported(void)
return !!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR);
}
+static enum tsx_ctrl_states x86_get_tsx_auto_mode(void)
+{
+ if (boot_cpu_has_bug(X86_BUG_TAA))
+ return TSX_CTRL_DISABLE;
+
+ return TSX_CTRL_ENABLE;
+}
+
void __init tsx_init(void)
{
char arg[20];
@@ -80,17 +88,19 @@ void __init tsx_init(void)
} else if (!strcmp(arg, "off")) {
tsx_ctrl_state = TSX_CTRL_DISABLE;
} else if (!strcmp(arg, "auto")) {
- if (boot_cpu_has_bug(X86_BUG_TAA))
- tsx_ctrl_state = TSX_CTRL_DISABLE;
- else
- tsx_ctrl_state = TSX_CTRL_ENABLE;
+ tsx_ctrl_state = x86_get_tsx_auto_mode();
} else {
tsx_ctrl_state = TSX_CTRL_DISABLE;
pr_err("tsx: invalid option, defaulting to off\n");
}
} else {
- /* tsx= not provided, defaulting to off */
- tsx_ctrl_state = TSX_CTRL_DISABLE;
+ /* tsx= not provided */
+ if (IS_ENABLED(CONFIG_X86_INTEL_TSX_MODE_AUTO))
+ tsx_ctrl_state = x86_get_tsx_auto_mode();
+ else if (IS_ENABLED(CONFIG_X86_INTEL_TSX_MODE_OFF))
+ tsx_ctrl_state = TSX_CTRL_DISABLE;
+ else
+ tsx_ctrl_state = TSX_CTRL_ENABLE;
}
if (tsx_ctrl_state == TSX_CTRL_DISABLE) {
--
2.20.1
next prev parent reply other threads:[~2019-10-21 20:37 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-21 20:22 [MODERATED] [PATCH v7 00/10] TAAv7 0 Pawan Gupta
2019-10-21 20:23 ` [MODERATED] [PATCH v7 01/10] TAAv7 1 Pawan Gupta
2019-10-21 20:24 ` [MODERATED] [PATCH v7 02/10] TAAv7 2 Pawan Gupta
2019-10-21 20:25 ` [MODERATED] [PATCH v7 03/10] TAAv7 3 Pawan Gupta
2019-10-21 20:26 ` [MODERATED] [PATCH v7 04/10] TAAv7 4 Pawan Gupta
2019-10-21 20:27 ` [MODERATED] [PATCH v7 05/10] TAAv7 5 Pawan Gupta
2019-10-21 20:28 ` [MODERATED] [PATCH v7 06/10] TAAv7 6 Pawan Gupta
2019-10-21 20:29 ` [MODERATED] [PATCH v7 07/10] TAAv7 7 Pawan Gupta
2019-10-21 20:30 ` [MODERATED] [PATCH v7 08/10] TAAv7 8 Pawan Gupta
2019-10-21 20:31 ` Michal Hocko [this message]
2019-10-21 20:32 ` [MODERATED] [PATCH v7 10/10] TAAv7 10 Pawan Gupta
2019-10-21 21:32 ` [MODERATED] Re: [PATCH v7 00/10] TAAv7 0 Andy Lutomirski
2019-10-21 23:06 ` Andrew Cooper
2019-10-22 0:34 ` Pawan Gupta
2019-10-22 4:10 ` [MODERATED] Jon Masters
2019-10-22 5:53 ` [MODERATED] Pawan Gupta
2019-10-22 7:58 ` [MODERATED] Re: ***UNCHECKED*** [PATCH v7 07/10] TAAv7 7 Michal Hocko
2019-10-22 16:55 ` [MODERATED] " Pawan Gupta
2019-10-22 8:00 ` [MODERATED] Re: ***UNCHECKED*** [PATCH v7 09/10] TAAv7 9 Michal Hocko
2019-10-22 8:15 ` [MODERATED] Re: ***UNCHECKED*** [PATCH v7 03/10] TAAv7 3 Michal Hocko
2019-10-22 14:42 ` Josh Poimboeuf
2019-10-22 16:48 ` [MODERATED] " Pawan Gupta
2019-10-22 17:01 ` [MODERATED] Re: ***UNCHECKED*** " Michal Hocko
2019-10-22 17:35 ` Josh Poimboeuf
2019-10-22 14:38 ` [MODERATED] " Borislav Petkov
2019-10-22 16:58 ` Pawan Gupta
2019-10-22 14:48 ` Borislav Petkov
2019-10-22 17:00 ` Pawan Gupta
2019-10-22 17:16 ` [MODERATED] " Borislav Petkov
2019-10-22 18:07 ` [MODERATED] " Pawan Gupta
2019-10-22 15:07 ` Borislav Petkov
2019-10-22 18:36 ` Pawan Gupta
2019-10-22 18:59 ` [MODERATED] " Borislav Petkov
2019-10-22 16:51 ` [MODERATED] Re: [PATCH v7 04/10] TAAv7 4 Borislav Petkov
2019-10-22 17:02 ` Borislav Petkov
2019-10-22 18:00 ` Pawan Gupta
2019-10-22 18:12 ` [MODERATED] " Borislav Petkov
2019-10-22 19:16 ` Luck, Tony
2019-10-22 19:28 ` [MODERATED] " Borislav Petkov
2019-10-22 20:02 ` Luck, Tony
2019-10-22 20:48 ` [MODERATED] Jon Masters
2019-10-22 20:54 ` [MODERATED] Re: [PATCH v7 04/10] TAAv7 4 Borislav Petkov
2019-10-22 21:38 ` Josh Poimboeuf
2019-10-22 21:46 ` Borislav Petkov
2019-10-22 22:06 ` Josh Poimboeuf
2019-10-22 22:13 ` Borislav Petkov
2019-10-22 17:44 ` Pawan Gupta
2019-10-22 19:04 ` [MODERATED] " Borislav Petkov
2019-10-22 21:29 ` [MODERATED] " Pawan Gupta
2019-10-22 21:53 ` Borislav Petkov
2019-10-22 22:05 ` Borislav Petkov
2019-10-23 0:27 ` Pawan Gupta
2019-10-23 5:25 ` Pawan Gupta
2019-10-23 6:46 ` Borislav Petkov
2019-10-23 13:28 ` Pawan Gupta
2019-10-23 14:39 ` Borislav Petkov
2019-10-23 1:33 ` Pawan Gupta
2019-10-23 6:48 ` Borislav Petkov
2019-10-22 17:25 ` [MODERATED] Re: [PATCH v7 01/10] TAAv7 1 Josh Poimboeuf
2019-10-23 9:26 ` Borislav Petkov
2019-10-22 17:26 ` Josh Poimboeuf
2019-10-22 20:44 ` [MODERATED] Jon Masters
2019-10-22 17:47 ` [MODERATED] Re: [PATCH v7 03/10] TAAv7 3 Josh Poimboeuf
2019-10-22 18:39 ` [MODERATED] Re: [PATCH v7 10/10] TAAv7 10 Josh Poimboeuf
2019-10-23 7:24 ` Borislav Petkov
2019-10-22 21:20 ` [MODERATED] Re: [PATCH v7 04/10] TAAv7 4 Josh Poimboeuf
2019-10-22 21:35 ` Andrew Cooper
2019-10-22 21:44 ` Josh Poimboeuf
2019-10-22 22:03 ` Andrew Cooper
2019-10-23 1:16 ` Josh Poimboeuf
2019-10-23 15:46 ` [MODERATED] Re: [PATCH v7 00/10] TAAv7 0 Borislav Petkov
2019-10-23 17:11 ` Josh Poimboeuf
2019-10-23 21:49 ` Borislav Petkov
2019-10-23 22:12 ` Pawan Gupta
2019-10-24 14:08 ` Borislav Petkov
[not found] ` <5dae165e.1c69fb81.4beee.e271SMTPIN_ADDED_BROKEN@mx.google.com>
2019-10-24 20:53 ` [MODERATED] Re: [PATCH v7 06/10] TAAv7 6 Paolo Bonzini
2019-10-24 21:00 ` Luck, Tony
2019-10-24 21:33 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='=?utf-8?q?=3Cd869f27b307ada1054cf94f6b944892b8e3a1a4d=2E157168?= =?utf-8?q?8957=2Egit=2Epawan=2Ekumar=2Egupta=40linux=2Eintel=2Ecom=3E?=' \
--to=mhocko@suse.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).