From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 20 Feb 2020 19:36:04 -0000 Received: from mga12.intel.com ([192.55.52.136]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1j4rcA-0006BW-OV for speck@linutronix.de; Thu, 20 Feb 2020 20:36:03 +0100 Date: Thu, 20 Feb 2020 11:35:50 -0800 From: mark gross Subject: [MODERATED] Re: [PATCH 2/2] more sampling fun 2 Message-ID: <20200220193549.GF58564@mtg-dev.jf.intel.com> Reply-To: mgross@linux.intel.com References: =?utf-8?q?=3Cc5bae80efe4694c81d9cbbce633a2228086a330c=2E1582?= =?utf-8?b?MTU9P3V0Zi04P3E/MjMyMj89LmdpdC5tZ3Jvc3NAbGludXguaW50ZWwuY29tPg==?= <9ff51a370c09d7a1a32fe9b0748e91d72f0348ff.camel@decadent.org.uk> MIME-Version: 1.0 In-Reply-To: <9ff51a370c09d7a1a32fe9b0748e91d72f0348ff.camel@decadent.org.uk> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Thu, Feb 20, 2020 at 07:06:46PM +0000, speck for Ben Hutchings wrote: > On Thu, 2020-01-16 at 14:16 -0800, speck for mark gross wrote: > [...] > > --- a/arch/x86/kernel/cpu/bugs.c > > +++ b/arch/x86/kernel/cpu/bugs.c > [...] > > +void srbds_configure_mitigation(void) > > +{ > > + u64 mcu_ctrl; > > + > > + if (!boot_cpu_has_bug(X86_BUG_SRBDS) && !boot_cpu_has_bug(X86_BUG_SRBDS_TSX)) > > + return; > > + > > + if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL)) > > + return; > > + > > + rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl); > > + if (srbds_mitigation == SRBDS_MITIGATION_FULL) > > + mcu_ctrl &= ~SRBDS_MITG_DIS; > > + else if (srbds_mitigation == SRBDS_MITIGATION_OFF) > > + mcu_ctrl |= SRBDS_MITG_DIS; > > + > > + if (boot_cpu_has_bug(X86_BUG_SRBDS_TSX) && !boot_cpu_has(X86_FEATURE_RTM)) > > + mcu_ctrl |= SRBDS_MITG_DIS; > > In this case we will incorrectly report "Mitigation: bus lock when > using RDRAND or RDSEED" whereas the actual mitigation is that TSX is > disabled. I am not calling disabling TSX a mitigation in this case. If TSX is disabled then you are not vulnerable and the mitigation can be disabled.. > > > + wrmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl); > > +} > [...] > > --- a/arch/x86/kernel/cpu/common.c > > +++ b/arch/x86/kernel/cpu/common.c > [...] > > @@ -1042,6 +1047,19 @@ static const struct x86_cpu_id_ext cpu_vuln_whitelist[] __initconst = { > > > > VULNWL_INTEL(CORE_YONAH, NO_SSB), > > > > + VULNWL_INTEL(IVYBRIDGE, SRBDS), /*06_3A*/ > > + VULNWL_INTEL(HASWELL, SRBDS), /*06_3C*/ > > + VULNWL_INTEL(HASWELL_L, SRBDS), /*06_45*/ > > + VULNWL_INTEL(HASWELL_G, SRBDS), /*06_46*/ > > + VULNWL_INTEL(BROADWELL_G, SRBDS), /*06_47*/ > > + VULNWL_INTEL(BROADWELL, SRBDS), /*06_3D*/ > > + VULNWL_INTEL(SKYLAKE_L, SRBDS), /*06_4E*/ > > + VULNWL_INTEL(SKYLAKE, SRBDS), /*06_5E*/ > > + VULNWL_INTEL_STEPPING(KABYLAKE_L, (BIT(0xA)-1), SRBDS), /*06_8E steppings <=A*/ > > But this matches steppings 0-9. well, with the bitmask its zero based indexing of the stepping. I'll check with others to double check my assumption. > > > + VULNWL_INTEL_STEPPING(KABYLAKE_L, BIT(0xB)|BIT(0xC), SRBDS_TSX), /*06_8E stepping = 0xB if TSX enabled*/ > > + VULNWL_INTEL_STEPPING(KABYLAKE, (BIT(0xB)-1), SRBDS), /*06_9E steppings <=B*/ > > And this matches steppings 0-A. > > > + VULNWL_INTEL_STEPPING(KABYLAKE, BIT(0xC)|BIT(0xD), SRBDS_TSX), /*06_9E stepping = 0xC if TSX enabled*/ > [...] > > You should write the bit masks using GENMASK() instead of BIT(). Ok I'll swith to GENMASK on the next version. --mark