From: mark gross <mgross@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH 2/2] more sampling fun 2
Date: Thu, 20 Feb 2020 11:35:50 -0800 [thread overview]
Message-ID: <20200220193549.GF58564@mtg-dev.jf.intel.com> (raw)
In-Reply-To: <9ff51a370c09d7a1a32fe9b0748e91d72f0348ff.camel@decadent.org.uk>
On Thu, Feb 20, 2020 at 07:06:46PM +0000, speck for Ben Hutchings wrote:
> On Thu, 2020-01-16 at 14:16 -0800, speck for mark gross wrote:
> [...]
> > --- a/arch/x86/kernel/cpu/bugs.c
> > +++ b/arch/x86/kernel/cpu/bugs.c
> [...]
> > +void srbds_configure_mitigation(void)
> > +{
> > + u64 mcu_ctrl;
> > +
> > + if (!boot_cpu_has_bug(X86_BUG_SRBDS) && !boot_cpu_has_bug(X86_BUG_SRBDS_TSX))
> > + return;
> > +
> > + if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL))
> > + return;
> > +
> > + rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> > + if (srbds_mitigation == SRBDS_MITIGATION_FULL)
> > + mcu_ctrl &= ~SRBDS_MITG_DIS;
> > + else if (srbds_mitigation == SRBDS_MITIGATION_OFF)
> > + mcu_ctrl |= SRBDS_MITG_DIS;
> > +
> > + if (boot_cpu_has_bug(X86_BUG_SRBDS_TSX) && !boot_cpu_has(X86_FEATURE_RTM))
> > + mcu_ctrl |= SRBDS_MITG_DIS;
>
> In this case we will incorrectly report "Mitigation: bus lock when
> using RDRAND or RDSEED" whereas the actual mitigation is that TSX is
> disabled.
I am not calling disabling TSX a mitigation in this case. If TSX is disabled
then you are not vulnerable and the mitigation can be disabled..
>
> > + wrmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> > +}
> [...]
> > --- a/arch/x86/kernel/cpu/common.c
> > +++ b/arch/x86/kernel/cpu/common.c
> [...]
> > @@ -1042,6 +1047,19 @@ static const struct x86_cpu_id_ext cpu_vuln_whitelist[] __initconst = {
> >
> > VULNWL_INTEL(CORE_YONAH, NO_SSB),
> >
> > + VULNWL_INTEL(IVYBRIDGE, SRBDS), /*06_3A*/
> > + VULNWL_INTEL(HASWELL, SRBDS), /*06_3C*/
> > + VULNWL_INTEL(HASWELL_L, SRBDS), /*06_45*/
> > + VULNWL_INTEL(HASWELL_G, SRBDS), /*06_46*/
> > + VULNWL_INTEL(BROADWELL_G, SRBDS), /*06_47*/
> > + VULNWL_INTEL(BROADWELL, SRBDS), /*06_3D*/
> > + VULNWL_INTEL(SKYLAKE_L, SRBDS), /*06_4E*/
> > + VULNWL_INTEL(SKYLAKE, SRBDS), /*06_5E*/
> > + VULNWL_INTEL_STEPPING(KABYLAKE_L, (BIT(0xA)-1), SRBDS), /*06_8E steppings <=A*/
>
> But this matches steppings 0-9.
well, with the bitmask its zero based indexing of the stepping. I'll check
with others to double check my assumption.
>
> > + VULNWL_INTEL_STEPPING(KABYLAKE_L, BIT(0xB)|BIT(0xC), SRBDS_TSX), /*06_8E stepping = 0xB if TSX enabled*/
> > + VULNWL_INTEL_STEPPING(KABYLAKE, (BIT(0xB)-1), SRBDS), /*06_9E steppings <=B*/
>
> And this matches steppings 0-A.
>
> > + VULNWL_INTEL_STEPPING(KABYLAKE, BIT(0xC)|BIT(0xD), SRBDS_TSX), /*06_9E stepping = 0xC if TSX enabled*/
> [...]
>
> You should write the bit masks using GENMASK() instead of BIT().
Ok I'll swith to GENMASK on the next version.
--mark
next prev parent reply other threads:[~2020-02-20 19:36 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <c5bae80efe4694c81d9cbbce633a2228086a330c.158215=?utf-8?q?2322?= .git.mgross@linux.intel.com>
2020-02-20 19:06 ` [MODERATED] Re: [PATCH 2/2] more sampling fun 2 Ben Hutchings
2020-02-20 19:35 ` mark gross [this message]
2020-02-21 22:25 ` mark gross
2020-02-24 17:31 Konrad Rzeszutek Wilk
2020-02-24 18:17 ` [MODERATED] " Borislav Petkov
2020-02-24 21:39 ` mark gross
2020-02-24 23:10 ` [MODERATED] " Borislav Petkov
2020-02-25 1:26 ` Josh Poimboeuf
2020-02-25 10:46 ` Borislav Petkov
2020-02-25 14:18 ` Josh Poimboeuf
2020-02-25 14:23 ` Jiri Kosina
2020-02-25 14:44 ` Josh Poimboeuf
2020-02-25 14:59 ` Borislav Petkov
2020-02-26 20:20 ` Josh Poimboeuf
2020-02-26 21:16 ` Thomas Gleixner
2020-02-26 22:19 ` [MODERATED] " Konrad Rzeszutek Wilk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200220193549.GF58564@mtg-dev.jf.intel.com \
--to=mgross@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.