From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pawan.kumar.gupta@linux.intel.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 09 Oct
  2019 01:51:49 -0000
Received: from mga12.intel.com ([192.55.52.136])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <pawan.kumar.gupta@linux.intel.com>)
	id 1iI18m-0003Lt-6v
	for speck@linutronix.de; Wed, 09 Oct 2019 03:51:48 +0200
Date: Tue, 8 Oct 2019 18:45:58 -0700
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Subject: [MODERATED] Re: [PATCH v5 05/11] TAAv5 5
Message-ID: <20191009014558.GB11840@guptapadev.amr>
References: <cover.1570255065.git.pawan.kumar.gupta@linux.intel.com>
 <20191008024642.rydvop7ug2luc6zg@treble>
MIME-Version: 1.0
In-Reply-To: <20191008024642.rydvop7ug2luc6zg@treble>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Mon, Oct 07, 2019 at 09:46:42PM -0500, speck for Josh Poimboeuf wrote:
> > -/* Update the static key controlling the MDS CPU buffer clear in idle */
> > +/* Update the static key controlling the MDS and TAA CPU buffer clear in idle */
> >  static void update_mds_branch_idle(void)
> >  {
> >  	/*
> > @@ -775,8 +881,11 @@ static void update_mds_branch_idle(void)
> >  	 * The other variants cannot be mitigated when SMT is enabled, so
> >  	 * clearing the buffers on idle just to prevent the Store Buffer
> >  	 * repartitioning leak would be a window dressing exercise.
> > +	 *
> > +	 * Apply idle buffer clearing to TAA affected CPUs also.
> >  	 */
> > -	if (!boot_cpu_has_bug(X86_BUG_MSBDS_ONLY))
> > +	if (!boot_cpu_has_bug(X86_BUG_MSBDS_ONLY) &&
> > +	    !boot_cpu_has_bug(X86_BUG_TAA))
> >  		return;
> 
> I'm not sure this belongs here.  The existing check was for
> X86_BUG_MSBDS_ONLY, which is the only MDS variant which can be mitigated
> in idle with SMT enabled.  If the other MDS variants are present (which
> is true for most CPUs) then this function doesn't enable the MDS idle
> mitigation, because it wouldn't be sufficient.
> 
> So does this fully mitigate TAA on idle threads with SMT enabled?  If
> not then this change is probably pointless.

It does provide protection against the "store buffer" leak. But the other
buffers(fill buffer and load port) are still SMT vulnerable. Do you prefer it
removed?

Thanks,
Pawan