From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tyhicks@canonical.com>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 13 Feb
  2019 22:26:41 -0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by Galois.linutronix.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:256)
	(Exim 4.80)
	(envelope-from <tyhicks@canonical.com>)
	id 1gu2zI-00070h-Cl
	for speck@linutronix.de; Wed, 13 Feb 2019 23:26:40 +0100
Received: from 162-237-133-238.lightspeed.rcsntx.sbcglobal.net
 ([162.237.133.238] helo=lindsey)	by youngberry.canonical.com with esmtpsa
 (TLS1.0:RSA_AES_256_CBC_SHA1:32)	(Exim 4.76)	(envelope-from
 <tyhicks@canonical.com>)	id 1gu2zB-0000FQ-S7	for speck@linutronix.de; Wed, 13
 Feb 2019 22:26:34 +0000
Date: Wed, 13 Feb 2019 16:26:31 -0600
From: Tyler Hicks <tyhicks@canonical.com>
Subject: [MODERATED] Re: [PATCH v5 07/27] MDSv5 0
Message-ID: <20190213222630.GK4516@lindsey>
References: <cover.1547858934.git.ak@linux.intel.com>
 <4f18a51190afc9dbd03cc32d5659e184f1b64e0a.1547858934.git.ak@linux.intel.com>
MIME-Version: 1.0
In-Reply-To: 
 <4f18a51190afc9dbd03cc32d5659e184f1b64e0a.1547858934.git.ak@linux.intel.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On 2019-01-18 16:50:22, speck for Andi Kleen wrote:
> From: Andi Kleen <ak@linux.intel.com>
> Subject:  x86/speculation/mds: Add sysfs reporting
> 
> Report mds mitigation state in sysfs vulnerabilities.
> 
> Signed-off-by: Andi Kleen <ak@linux.intel.com>
> ---
>  .../ABI/testing/sysfs-devices-system-cpu         |  1 +
>  arch/x86/kernel/cpu/bugs.c                       | 16 ++++++++++++++++
>  drivers/base/cpu.c                               |  8 ++++++++
>  3 files changed, 25 insertions(+)
> 
> diff --git a/Documentation/ABI/testing/sysfs-devices-system-cpu b/Documentation/ABI/testing/sysfs-devices-system-cpu
> index 9605dbd4b5b5..2db5c3407fd6 100644
> --- a/Documentation/ABI/testing/sysfs-devices-system-cpu
> +++ b/Documentation/ABI/testing/sysfs-devices-system-cpu
> @@ -484,6 +484,7 @@ What:		/sys/devices/system/cpu/vulnerabilities
>  		/sys/devices/system/cpu/vulnerabilities/spectre_v2
>  		/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
>  		/sys/devices/system/cpu/vulnerabilities/l1tf
> +		/sys/devices/system/cpu/vulnerabilities/mds
>  Date:		January 2018
>  Contact:	Linux kernel mailing list <linux-kernel@vger.kernel.org>
>  Description:	Information about CPU vulnerabilities
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index ce0e367753ff..715ab147f3e6 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -1176,6 +1176,16 @@ static ssize_t cpu_show_common(struct device *dev, struct device_attribute *attr
>  		if (boot_cpu_has(X86_FEATURE_L1TF_PTEINV))
>  			return l1tf_show_state(buf);
>  		break;
> +
> +	case X86_BUG_MDS:
> +		/* Assumes Hypervisor exposed HT state to us if in guest */
> +		if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) {
> +			if (cpu_smt_control != CPU_SMT_ENABLED)
> +				return sprintf(buf, "Mitigation: microcode\n");
> +			return sprintf(buf, "Mitigation: microcode, HT vulnerable\n");

Existing user-facing messaging for the status of CPU vulnerability
mitigations use "SMT" rather than "HT". For example:

 $ cat /sys/devices/system/cpu/vulnerabilities/l1tf
 Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable

Also, this STIBP log message from update_stibp_strict():

	pr_info("Update user space SMT mitigation: STIBP %s\n",
		mask & SPEC_CTRL_STIBP ? "always-on" : "off");

I think it would be best to be consistent and use "SMT" in this patch
series, too.

Tyler

> +		}
> +		return sprintf(buf, "Vulnerable\n");
> +
>  	default:
>  		break;
>  	}
> @@ -1207,4 +1217,10 @@ ssize_t cpu_show_l1tf(struct device *dev, struct device_attribute *attr, char *b
>  {
>  	return cpu_show_common(dev, attr, buf, X86_BUG_L1TF);
>  }
> +
> +ssize_t cpu_show_mds(struct device *dev, struct device_attribute *attr, char *buf)
> +{
> +	return cpu_show_common(dev, attr, buf, X86_BUG_MDS);
> +}
> +
>  #endif
> diff --git a/drivers/base/cpu.c b/drivers/base/cpu.c
> index eb9443d5bae1..2fd6ca1021c2 100644
> --- a/drivers/base/cpu.c
> +++ b/drivers/base/cpu.c
> @@ -546,11 +546,18 @@ ssize_t __weak cpu_show_l1tf(struct device *dev,
>  	return sprintf(buf, "Not affected\n");
>  }
>  
> +ssize_t __weak cpu_show_mds(struct device *dev,
> +			    struct device_attribute *attr, char *buf)
> +{
> +	return sprintf(buf, "Not affected\n");
> +}
> +
>  static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
>  static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
>  static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
>  static DEVICE_ATTR(spec_store_bypass, 0444, cpu_show_spec_store_bypass, NULL);
>  static DEVICE_ATTR(l1tf, 0444, cpu_show_l1tf, NULL);
> +static DEVICE_ATTR(mds, 0444, cpu_show_mds, NULL);
>  
>  static struct attribute *cpu_root_vulnerabilities_attrs[] = {
>  	&dev_attr_meltdown.attr,
> @@ -558,6 +565,7 @@ static struct attribute *cpu_root_vulnerabilities_attrs[] = {
>  	&dev_attr_spectre_v2.attr,
>  	&dev_attr_spec_store_bypass.attr,
>  	&dev_attr_l1tf.attr,
> +	&dev_attr_mds.attr,
>  	NULL
>  };
>  
> -- 
> 2.17.2