From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tyhicks@canonical.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 15 Oct
  2019 19:34:36 -0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.80)
	(envelope-from <tyhicks@canonical.com>)
	id 1iKSaX-0006bE-2K
	for speck@linutronix.de; Tue, 15 Oct 2019 21:34:35 +0200
Received: from [184.169.45.4] (helo=elm)	by youngberry.canonical.com with
 esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)	(Exim 4.86_2)
	(envelope-from <tyhicks@canonical.com>)	id 1iKSaP-0002vR-94	for
 speck@linutronix.de; Tue, 15 Oct 2019 19:34:26 +0000
Date: Tue, 15 Oct 2019 14:34:16 -0500
From: Tyler Hicks <tyhicks@canonical.com>
Subject: [MODERATED] Re: ***UNCHECKED*** Re: [PATCH v5 08/11] TAAv5 8
Message-ID: <20191015193414.GA31070@elm>
References: <alpine.DEB.2.21.1910142122210.1880@nanos.tec.linutronix.de>
 <nycvar.YFH.7.76.1910142143380.13160@cbobk.fhfr.pm>
 <20191014210458.GF4957@zn.tnic>
 <nycvar.YFH.7.76.1910142327350.13160@cbobk.fhfr.pm>
 <alpine.DEB.2.21.1910151000480.1880@nanos.tec.linutronix.de>
 <20191015103454.GW317@dhcp22.suse.cz>
 <20191015130627.7jkhqy2zrtm35ool@treble>
 <nycvar.YFH.7.76.1910151509040.13160@cbobk.fhfr.pm>
 <20191015152649.yim4krwuttrh6xgi@treble>
 <nycvar.YFH.7.76.1910151728110.13160@cbobk.fhfr.pm>
MIME-Version: 1.0
In-Reply-To: <nycvar.YFH.7.76.1910151728110.13160@cbobk.fhfr.pm>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On 2019-10-15 17:32:08, speck for Jiri Kosina wrote:
> On Tue, 15 Oct 2019, speck for Josh Poimboeuf wrote:
> 
> > > > Since all (or most?) modern Intel CPUs are vulnerable to TAA, 
> > > > defaulting to tsx=auto would effectively be the same as defaulting 
> > > > to tsx=off, right?  How does this help with regressions?
> > > 
> > > The mitigation is only needed on CPUs where verw doesn't have the buffer 
> > > clearing semantics.
> > 
> > Can you elaborate?  I have no idea what you're trying to say and how it
> > relates to my question :-)
> 
> Only those CPUs with TSX *and* with MDS_NO need TSX disabled in order to 
> protect from this issues.
> 
> The CPUs that don't enumarate MDS_NO (and therefore got ucode update with 
> verw buffer-clearing semantics) are fully mitigated against TAA by MDS 
> mitigations already.

I don't think "fully mitigated" is true in this case. My understanding
is that they're still vulnerable to cross-thread attacks when SMT is on.

Tyler

> 
> Therefore the set of CPUs where we *really* need to turn of TSX in order 
> to protect from TAA is currently rather minimal (CascadeLake-B, 
> WhiskeyLake-V, CommitLake, CoffeeLake-R), so force-disabling on all CPUs 
> covers way bigger set of platforms than actually needed.
> 
> -- 
> Jiri Kosina
> SUSE Labs