* [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported @ 2021-09-06 2:46 Hao Peng 2021-09-06 9:30 ` Borislav Petkov 2021-09-07 5:14 ` Pawan Gupta 0 siblings, 2 replies; 18+ messages in thread From: Hao Peng @ 2021-09-06 2:46 UTC (permalink / raw) To: tglx, mingo, bp; +Cc: x86, linux-kernel If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports RTM and HLE features, it will affect TAA mitigation. Signed-off-by: Peng Hao <flyingpeng@tencent.com> --- arch/x86/kernel/cpu/tsx.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c index 9c7a5f049292..5e852c14fef2 100644 --- a/arch/x86/kernel/cpu/tsx.c +++ b/arch/x86/kernel/cpu/tsx.c @@ -122,6 +122,13 @@ void __init tsx_init(void) if (!tsx_ctrl_is_supported()) { tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; + + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, + * but guest supports RTM and HLE features, it will affect TAA + * (tsx_async_abort)mitigation. + */ + setup_clear_cpu_cap(X86_FEATURE_RTM); + setup_clear_cpu_cap(X86_FEATURE_HLE); return; } -- 2.27.0 ^ permalink raw reply related [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-06 2:46 [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported Hao Peng @ 2021-09-06 9:30 ` Borislav Petkov 2021-09-07 1:47 ` Hao Peng 2021-09-07 5:14 ` Pawan Gupta 1 sibling, 1 reply; 18+ messages in thread From: Borislav Petkov @ 2021-09-06 9:30 UTC (permalink / raw) To: Hao Peng; +Cc: tglx, mingo, x86, linux-kernel, Pawan Gupta On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > RTM and HLE features, it will affect TAA mitigation. > > Signed-off-by: Peng Hao <flyingpeng@tencent.com> > --- > arch/x86/kernel/cpu/tsx.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > index 9c7a5f049292..5e852c14fef2 100644 > --- a/arch/x86/kernel/cpu/tsx.c > +++ b/arch/x86/kernel/cpu/tsx.c > @@ -122,6 +122,13 @@ void __init tsx_init(void) > > if (!tsx_ctrl_is_supported()) { > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > + > + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > + * but guest supports RTM and HLE features, it will affect TAA > + * (tsx_async_abort)mitigation. > + */ > + setup_clear_cpu_cap(X86_FEATURE_RTM); > + setup_clear_cpu_cap(X86_FEATURE_HLE); > return; > } How does that even happen - the hypervisor does not support the MSR but "guest supports" TSX features?! I guess the guest is detecting it wrong. What hypervisor, what guest, how do I reproduce? Please give full details. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-06 9:30 ` Borislav Petkov @ 2021-09-07 1:47 ` Hao Peng 2021-09-07 2:08 ` Xiaoyao Li 0 siblings, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-07 1:47 UTC (permalink / raw) To: Borislav Petkov; +Cc: tglx, mingo, x86, linux-kernel, Pawan Gupta On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: > > On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > > If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > > RTM and HLE features, it will affect TAA mitigation. > > > > Signed-off-by: Peng Hao <flyingpeng@tencent.com> > > --- > > arch/x86/kernel/cpu/tsx.c | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > > diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > > index 9c7a5f049292..5e852c14fef2 100644 > > --- a/arch/x86/kernel/cpu/tsx.c > > +++ b/arch/x86/kernel/cpu/tsx.c > > @@ -122,6 +122,13 @@ void __init tsx_init(void) > > > > if (!tsx_ctrl_is_supported()) { > > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > > + > > + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > > + * but guest supports RTM and HLE features, it will affect TAA > > + * (tsx_async_abort)mitigation. > > + */ > > + setup_clear_cpu_cap(X86_FEATURE_RTM); > > + setup_clear_cpu_cap(X86_FEATURE_HLE); > > return; > > } > > How does that even happen - the hypervisor does not support the MSR but > "guest supports" TSX features?! > > I guess the guest is detecting it wrong. > > What hypervisor, what guest, how do I reproduce? > hypervisor is kvm, guest is linux too. > Please give full details. > The host I used is kernel-5.4, and guest is kernel-5.13. MSR_IA32_TSX_CTRL is exposed to guest and guest to support RTM and HLE features, no direct dependence. at the qemu I started guest with -cpu host-model. I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not exposed to guest. Thanks. > -- > Regards/Gruss, > Boris. > > https://people.kernel.org/tglx/notes-about-netiquette ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 1:47 ` Hao Peng @ 2021-09-07 2:08 ` Xiaoyao Li 2021-09-07 2:35 ` Hao Peng 0 siblings, 1 reply; 18+ messages in thread From: Xiaoyao Li @ 2021-09-07 2:08 UTC (permalink / raw) To: Hao Peng, Borislav Petkov; +Cc: tglx, mingo, x86, linux-kernel, Pawan Gupta On 9/7/2021 9:47 AM, Hao Peng wrote: > On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: >> >> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: >>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >>> RTM and HLE features, it will affect TAA mitigation. >>> >>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> >>> --- >>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ >>> 1 file changed, 7 insertions(+) >>> >>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >>> index 9c7a5f049292..5e852c14fef2 100644 >>> --- a/arch/x86/kernel/cpu/tsx.c >>> +++ b/arch/x86/kernel/cpu/tsx.c >>> @@ -122,6 +122,13 @@ void __init tsx_init(void) >>> >>> if (!tsx_ctrl_is_supported()) { >>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >>> + >>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >>> + * but guest supports RTM and HLE features, it will affect TAA >>> + * (tsx_async_abort)mitigation. >>> + */ >>> + setup_clear_cpu_cap(X86_FEATURE_RTM); >>> + setup_clear_cpu_cap(X86_FEATURE_HLE); anyway, IMHO, we shouldn't do anything here for TAA. It should be in taa_select_mitigation() >>> return; >>> } >> >> How does that even happen - the hypervisor does not support the MSR but >> "guest supports" TSX features?! >> >> I guess the guest is detecting it wrong. >> >> What hypervisor, what guest, how do I reproduce? >> > hypervisor is kvm, guest is linux too. >> Please give full details. >> > The host I used is kernel-5.4, and guest is kernel-5.13. > MSR_IA32_TSX_CTRL is exposed > to guest and guest to support RTM and HLE features, no direct > dependence. at the qemu I > started guest with -cpu host-model. > I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not > exposed to guest. Does guest see TAA_NO bit? > Thanks. >> -- >> Regards/Gruss, >> Boris. >> >> https://people.kernel.org/tglx/notes-about-netiquette ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 2:08 ` Xiaoyao Li @ 2021-09-07 2:35 ` Hao Peng 2021-09-07 2:56 ` Xiaoyao Li 0 siblings, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-07 2:35 UTC (permalink / raw) To: Xiaoyao Li; +Cc: Borislav Petkov, tglx, mingo, x86, linux-kernel, Pawan Gupta On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > > On 9/7/2021 9:47 AM, Hao Peng wrote: > > On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: > >> > >> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > >>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > >>> RTM and HLE features, it will affect TAA mitigation. > >>> > >>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> > >>> --- > >>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ > >>> 1 file changed, 7 insertions(+) > >>> > >>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > >>> index 9c7a5f049292..5e852c14fef2 100644 > >>> --- a/arch/x86/kernel/cpu/tsx.c > >>> +++ b/arch/x86/kernel/cpu/tsx.c > >>> @@ -122,6 +122,13 @@ void __init tsx_init(void) > >>> > >>> if (!tsx_ctrl_is_supported()) { > >>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > >>> + > >>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > >>> + * but guest supports RTM and HLE features, it will affect TAA > >>> + * (tsx_async_abort)mitigation. > >>> + */ > >>> + setup_clear_cpu_cap(X86_FEATURE_RTM); > >>> + setup_clear_cpu_cap(X86_FEATURE_HLE); > > anyway, IMHO, we shouldn't do anything here for TAA. It should be in > taa_select_mitigation() > > >>> return; > >>> } > >> > >> How does that even happen - the hypervisor does not support the MSR but > >> "guest supports" TSX features?! > >> > >> I guess the guest is detecting it wrong. > >> > >> What hypervisor, what guest, how do I reproduce? > >> > > hypervisor is kvm, guest is linux too. > >> Please give full details. > >> > > The host I used is kernel-5.4, and guest is kernel-5.13. > > MSR_IA32_TSX_CTRL is exposed > > to guest and guest to support RTM and HLE features, no direct > > dependence. at the qemu I > > started guest with -cpu host-model. > > I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not > > exposed to guest. > > Does guest see TAA_NO bit? > Guest can't see taa_no, which requires updating qemu to solve. But I think there is a compatibility process here. > > Thanks. > >> -- > >> Regards/Gruss, > >> Boris. > >> > >> https://people.kernel.org/tglx/notes-about-netiquette > ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 2:35 ` Hao Peng @ 2021-09-07 2:56 ` Xiaoyao Li 2021-09-07 3:40 ` Hao Peng 2021-09-07 5:28 ` Pawan Gupta 0 siblings, 2 replies; 18+ messages in thread From: Xiaoyao Li @ 2021-09-07 2:56 UTC (permalink / raw) To: Hao Peng, Xiaoyao Li Cc: Borislav Petkov, tglx, mingo, x86, linux-kernel, Pawan Gupta On 9/7/2021 10:35 AM, Hao Peng wrote: > On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> On 9/7/2021 9:47 AM, Hao Peng wrote: >>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: >>>> >>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: >>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >>>>> RTM and HLE features, it will affect TAA mitigation. >>>>> >>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> >>>>> --- >>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ >>>>> 1 file changed, 7 insertions(+) >>>>> >>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >>>>> index 9c7a5f049292..5e852c14fef2 100644 >>>>> --- a/arch/x86/kernel/cpu/tsx.c >>>>> +++ b/arch/x86/kernel/cpu/tsx.c >>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) >>>>> >>>>> if (!tsx_ctrl_is_supported()) { >>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >>>>> + >>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >>>>> + * but guest supports RTM and HLE features, it will affect TAA >>>>> + * (tsx_async_abort)mitigation. >>>>> + */ >>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); >>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); >> >> anyway, IMHO, we shouldn't do anything here for TAA. It should be in >> taa_select_mitigation() >> >>>>> return; >>>>> } >>>> >>>> How does that even happen - the hypervisor does not support the MSR but >>>> "guest supports" TSX features?! >>>> >>>> I guess the guest is detecting it wrong. >>>> >>>> What hypervisor, what guest, how do I reproduce? >>>> >>> hypervisor is kvm, guest is linux too. >>>> Please give full details. >>>> >>> The host I used is kernel-5.4, and guest is kernel-5.13. >>> MSR_IA32_TSX_CTRL is exposed >>> to guest and guest to support RTM and HLE features, no direct >>> dependence. at the qemu I >>> started guest with -cpu host-model. >>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not >>> exposed to guest. >> >> Does guest see TAA_NO bit? >> > Guest can't see taa_no, which requires updating qemu to solve. But I think > there is a compatibility process here. Anyway, there should be some existing code in kernel already to handle the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't report MSR_TSX_CTRL nor TAA_NO. And the Patch itself makes no sense. >>> Thanks. >>>> -- >>>> Regards/Gruss, >>>> Boris. >>>> >>>> https://people.kernel.org/tglx/notes-about-netiquette >> ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 2:56 ` Xiaoyao Li @ 2021-09-07 3:40 ` Hao Peng 2021-09-07 4:26 ` Xiaoyao Li 2021-09-07 5:28 ` Pawan Gupta 1 sibling, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-07 3:40 UTC (permalink / raw) To: Xiaoyao Li; +Cc: Borislav Petkov, tglx, mingo, x86, linux-kernel, Pawan Gupta On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > > On 9/7/2021 10:35 AM, Hao Peng wrote: > > On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > >> > >> On 9/7/2021 9:47 AM, Hao Peng wrote: > >>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: > >>>> > >>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > >>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > >>>>> RTM and HLE features, it will affect TAA mitigation. > >>>>> > >>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> > >>>>> --- > >>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ > >>>>> 1 file changed, 7 insertions(+) > >>>>> > >>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > >>>>> index 9c7a5f049292..5e852c14fef2 100644 > >>>>> --- a/arch/x86/kernel/cpu/tsx.c > >>>>> +++ b/arch/x86/kernel/cpu/tsx.c > >>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) > >>>>> > >>>>> if (!tsx_ctrl_is_supported()) { > >>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > >>>>> + > >>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > >>>>> + * but guest supports RTM and HLE features, it will affect TAA > >>>>> + * (tsx_async_abort)mitigation. > >>>>> + */ > >>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); > >>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); > >> > >> anyway, IMHO, we shouldn't do anything here for TAA. It should be in > >> taa_select_mitigation() > >> > >>>>> return; > >>>>> } > >>>> > >>>> How does that even happen - the hypervisor does not support the MSR but > >>>> "guest supports" TSX features?! > >>>> > >>>> I guess the guest is detecting it wrong. > >>>> > >>>> What hypervisor, what guest, how do I reproduce? > >>>> > >>> hypervisor is kvm, guest is linux too. > >>>> Please give full details. > >>>> > >>> The host I used is kernel-5.4, and guest is kernel-5.13. > >>> MSR_IA32_TSX_CTRL is exposed > >>> to guest and guest to support RTM and HLE features, no direct > >>> dependence. at the qemu I > >>> started guest with -cpu host-model. > >>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not > >>> exposed to guest. > >> > >> Does guest see TAA_NO bit? > >> > > Guest can't see taa_no, which requires updating qemu to solve. But I think > > there is a compatibility process here. > > Anyway, there should be some existing code in kernel already to handle > the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't > report MSR_TSX_CTRL nor TAA_NO. > Can you point out which patches ? At present, guest is kernel-5.13 still has this problem. Thanks. > And the Patch itself makes no sense. > > >>> Thanks. > >>>> -- > >>>> Regards/Gruss, > >>>> Boris. > >>>> > >>>> https://people.kernel.org/tglx/notes-about-netiquette > >> > ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 3:40 ` Hao Peng @ 2021-09-07 4:26 ` Xiaoyao Li 2021-09-07 4:39 ` Hao Peng 0 siblings, 1 reply; 18+ messages in thread From: Xiaoyao Li @ 2021-09-07 4:26 UTC (permalink / raw) To: Hao Peng; +Cc: Borislav Petkov, tglx, mingo, x86, linux-kernel, Pawan Gupta On 9/7/2021 11:40 AM, Hao Peng wrote: > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> On 9/7/2021 10:35 AM, Hao Peng wrote: >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >>>> >>>> On 9/7/2021 9:47 AM, Hao Peng wrote: >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: >>>>>> >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >>>>>>> RTM and HLE features, it will affect TAA mitigation. >>>>>>> >>>>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> >>>>>>> --- >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ >>>>>>> 1 file changed, 7 insertions(+) >>>>>>> >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >>>>>>> index 9c7a5f049292..5e852c14fef2 100644 >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) >>>>>>> >>>>>>> if (!tsx_ctrl_is_supported()) { >>>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >>>>>>> + >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >>>>>>> + * but guest supports RTM and HLE features, it will affect TAA >>>>>>> + * (tsx_async_abort)mitigation. >>>>>>> + */ >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); >>>> >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in >>>> taa_select_mitigation() >>>> >>>>>>> return; >>>>>>> } >>>>>> >>>>>> How does that even happen - the hypervisor does not support the MSR but >>>>>> "guest supports" TSX features?! >>>>>> >>>>>> I guess the guest is detecting it wrong. >>>>>> >>>>>> What hypervisor, what guest, how do I reproduce? >>>>>> >>>>> hypervisor is kvm, guest is linux too. >>>>>> Please give full details. >>>>>> >>>>> The host I used is kernel-5.4, and guest is kernel-5.13. >>>>> MSR_IA32_TSX_CTRL is exposed >>>>> to guest and guest to support RTM and HLE features, no direct >>>>> dependence. at the qemu I >>>>> started guest with -cpu host-model. >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not >>>>> exposed to guest. >>>> >>>> Does guest see TAA_NO bit? >>>> >>> Guest can't see taa_no, which requires updating qemu to solve. But I think >>> there is a compatibility process here. >> >> Anyway, there should be some existing code in kernel already to handle >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't >> report MSR_TSX_CTRL nor TAA_NO. >> > Can you point out which patches ? At present, guest is kernel-5.13 > still has this problem. What's the output of 'cat /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest? > Thanks. >> And the Patch itself makes no sense. >> >>>>> Thanks. >>>>>> -- >>>>>> Regards/Gruss, >>>>>> Boris. >>>>>> >>>>>> https://people.kernel.org/tglx/notes-about-netiquette >>>> >> ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 4:26 ` Xiaoyao Li @ 2021-09-07 4:39 ` Hao Peng 2021-09-07 5:38 ` Pawan Gupta 0 siblings, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-07 4:39 UTC (permalink / raw) To: Xiaoyao Li; +Cc: Borislav Petkov, tglx, mingo, x86, linux-kernel, Pawan Gupta On Tue, Sep 7, 2021 at 12:26 PM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > > On 9/7/2021 11:40 AM, Hao Peng wrote: > > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > >> > >> On 9/7/2021 10:35 AM, Hao Peng wrote: > >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > >>>> > >>>> On 9/7/2021 9:47 AM, Hao Peng wrote: > >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: > >>>>>> > >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > >>>>>>> RTM and HLE features, it will affect TAA mitigation. > >>>>>>> > >>>>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> > >>>>>>> --- > >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ > >>>>>>> 1 file changed, 7 insertions(+) > >>>>>>> > >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > >>>>>>> index 9c7a5f049292..5e852c14fef2 100644 > >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c > >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c > >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) > >>>>>>> > >>>>>>> if (!tsx_ctrl_is_supported()) { > >>>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > >>>>>>> + > >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > >>>>>>> + * but guest supports RTM and HLE features, it will affect TAA > >>>>>>> + * (tsx_async_abort)mitigation. > >>>>>>> + */ > >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); > >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); > >>>> > >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in > >>>> taa_select_mitigation() > >>>> > >>>>>>> return; > >>>>>>> } > >>>>>> > >>>>>> How does that even happen - the hypervisor does not support the MSR but > >>>>>> "guest supports" TSX features?! > >>>>>> > >>>>>> I guess the guest is detecting it wrong. > >>>>>> > >>>>>> What hypervisor, what guest, how do I reproduce? > >>>>>> > >>>>> hypervisor is kvm, guest is linux too. > >>>>>> Please give full details. > >>>>>> > >>>>> The host I used is kernel-5.4, and guest is kernel-5.13. > >>>>> MSR_IA32_TSX_CTRL is exposed > >>>>> to guest and guest to support RTM and HLE features, no direct > >>>>> dependence. at the qemu I > >>>>> started guest with -cpu host-model. > >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not > >>>>> exposed to guest. > >>>> > >>>> Does guest see TAA_NO bit? > >>>> > >>> Guest can't see taa_no, which requires updating qemu to solve. But I think > >>> there is a compatibility process here. > >> > >> Anyway, there should be some existing code in kernel already to handle > >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't > >> report MSR_TSX_CTRL nor TAA_NO. > >> > > Can you point out which patches ? At present, guest is kernel-5.13 > > still has this problem. > > What's the output of 'cat > /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest? > Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown. > > Thanks. > >> And the Patch itself makes no sense. > >> > >>>>> Thanks. > >>>>>> -- > >>>>>> Regards/Gruss, > >>>>>> Boris. > >>>>>> > >>>>>> https://people.kernel.org/tglx/notes-about-netiquette > >>>> > >> > ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 4:39 ` Hao Peng @ 2021-09-07 5:38 ` Pawan Gupta 2021-09-07 6:56 ` Hao Peng 0 siblings, 1 reply; 18+ messages in thread From: Pawan Gupta @ 2021-09-07 5:38 UTC (permalink / raw) To: Hao Peng; +Cc: Xiaoyao Li, Borislav Petkov, tglx, mingo, x86, linux-kernel On 07.09.2021 12:39, Hao Peng wrote: >On Tue, Sep 7, 2021 at 12:26 PM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> On 9/7/2021 11:40 AM, Hao Peng wrote: >> > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> >> >> On 9/7/2021 10:35 AM, Hao Peng wrote: >> >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >>>> >> >>>> On 9/7/2021 9:47 AM, Hao Peng wrote: >> >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: >> >>>>>> >> >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: >> >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >> >>>>>>> RTM and HLE features, it will affect TAA mitigation. >> >>>>>>> >> >>>>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> >> >>>>>>> --- >> >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ >> >>>>>>> 1 file changed, 7 insertions(+) >> >>>>>>> >> >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >> >>>>>>> index 9c7a5f049292..5e852c14fef2 100644 >> >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c >> >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c >> >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) >> >>>>>>> >> >>>>>>> if (!tsx_ctrl_is_supported()) { >> >>>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >> >>>>>>> + >> >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >> >>>>>>> + * but guest supports RTM and HLE features, it will affect TAA >> >>>>>>> + * (tsx_async_abort)mitigation. >> >>>>>>> + */ >> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); >> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); >> >>>> >> >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in >> >>>> taa_select_mitigation() >> >>>> >> >>>>>>> return; >> >>>>>>> } >> >>>>>> >> >>>>>> How does that even happen - the hypervisor does not support the MSR but >> >>>>>> "guest supports" TSX features?! >> >>>>>> >> >>>>>> I guess the guest is detecting it wrong. >> >>>>>> >> >>>>>> What hypervisor, what guest, how do I reproduce? >> >>>>>> >> >>>>> hypervisor is kvm, guest is linux too. >> >>>>>> Please give full details. >> >>>>>> >> >>>>> The host I used is kernel-5.4, and guest is kernel-5.13. >> >>>>> MSR_IA32_TSX_CTRL is exposed >> >>>>> to guest and guest to support RTM and HLE features, no direct >> >>>>> dependence. at the qemu I >> >>>>> started guest with -cpu host-model. >> >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not >> >>>>> exposed to guest. >> >>>> >> >>>> Does guest see TAA_NO bit? >> >>>> >> >>> Guest can't see taa_no, which requires updating qemu to solve. But I think >> >>> there is a compatibility process here. >> >> >> >> Anyway, there should be some existing code in kernel already to handle >> >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't >> >> report MSR_TSX_CTRL nor TAA_NO. >> >> >> > Can you point out which patches ? At present, guest is kernel-5.13 >> > still has this problem. >> >> What's the output of 'cat >> /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest? >> >Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown. This suggests that the microcode is old. Can you please share the output of below cmds on host and guest: $ grep . /sys/devices/system/cpu/vulnerabilities/* $ lscpu $ grep microcode /proc/cpuinfo | uniq $ cat /proc/cmdline Thanks, Pawan ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 5:38 ` Pawan Gupta @ 2021-09-07 6:56 ` Hao Peng 2021-09-07 23:07 ` Pawan Gupta 0 siblings, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-07 6:56 UTC (permalink / raw) To: Pawan Gupta; +Cc: Xiaoyao Li, Borislav Petkov, tglx, mingo, x86, linux-kernel On Tue, Sep 7, 2021 at 1:36 PM Pawan Gupta <pawan.kumar.gupta@linux.intel.com> wrote: > > On 07.09.2021 12:39, Hao Peng wrote: > >On Tue, Sep 7, 2021 at 12:26 PM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > >> > >> On 9/7/2021 11:40 AM, Hao Peng wrote: > >> > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > >> >> > >> >> On 9/7/2021 10:35 AM, Hao Peng wrote: > >> >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: > >> >>>> > >> >>>> On 9/7/2021 9:47 AM, Hao Peng wrote: > >> >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: > >> >>>>>> > >> >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: > >> >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > >> >>>>>>> RTM and HLE features, it will affect TAA mitigation. > >> >>>>>>> > >> >>>>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> > >> >>>>>>> --- > >> >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ > >> >>>>>>> 1 file changed, 7 insertions(+) > >> >>>>>>> > >> >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > >> >>>>>>> index 9c7a5f049292..5e852c14fef2 100644 > >> >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c > >> >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c > >> >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) > >> >>>>>>> > >> >>>>>>> if (!tsx_ctrl_is_supported()) { > >> >>>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > >> >>>>>>> + > >> >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > >> >>>>>>> + * but guest supports RTM and HLE features, it will affect TAA > >> >>>>>>> + * (tsx_async_abort)mitigation. > >> >>>>>>> + */ > >> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); > >> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); > >> >>>> > >> >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in > >> >>>> taa_select_mitigation() > >> >>>> > >> >>>>>>> return; > >> >>>>>>> } > >> >>>>>> > >> >>>>>> How does that even happen - the hypervisor does not support the MSR but > >> >>>>>> "guest supports" TSX features?! > >> >>>>>> > >> >>>>>> I guess the guest is detecting it wrong. > >> >>>>>> > >> >>>>>> What hypervisor, what guest, how do I reproduce? > >> >>>>>> > >> >>>>> hypervisor is kvm, guest is linux too. > >> >>>>>> Please give full details. > >> >>>>>> > >> >>>>> The host I used is kernel-5.4, and guest is kernel-5.13. > >> >>>>> MSR_IA32_TSX_CTRL is exposed > >> >>>>> to guest and guest to support RTM and HLE features, no direct > >> >>>>> dependence. at the qemu I > >> >>>>> started guest with -cpu host-model. > >> >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not > >> >>>>> exposed to guest. > >> >>>> > >> >>>> Does guest see TAA_NO bit? > >> >>>> > >> >>> Guest can't see taa_no, which requires updating qemu to solve. But I think > >> >>> there is a compatibility process here. > >> >> > >> >> Anyway, there should be some existing code in kernel already to handle > >> >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't > >> >> report MSR_TSX_CTRL nor TAA_NO. > >> >> > >> > Can you point out which patches ? At present, guest is kernel-5.13 > >> > still has this problem. > >> > >> What's the output of 'cat > >> /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest? > >> > >Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown. > > This suggests that the microcode is old. Can you please share the output > of below cmds on host and guest: > > $ grep . /sys/devices/system/cpu/vulnerabilities/* host : not affected guest: Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown. > $ lscpu > $ grep microcode /proc/cpuinfo | uniq host: microcode : 0xd000250 guest: microcode : 0x1 > $ cat /proc/cmdline There are no command line parameters for tsx both host and guest. > > Thanks, > Pawan ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 6:56 ` Hao Peng @ 2021-09-07 23:07 ` Pawan Gupta 0 siblings, 0 replies; 18+ messages in thread From: Pawan Gupta @ 2021-09-07 23:07 UTC (permalink / raw) To: Hao Peng; +Cc: Xiaoyao Li, Borislav Petkov, tglx, mingo, x86, linux-kernel On 07.09.2021 14:56, Hao Peng wrote: >On Tue, Sep 7, 2021 at 1:36 PM Pawan Gupta ><pawan.kumar.gupta@linux.intel.com> wrote: >> >> On 07.09.2021 12:39, Hao Peng wrote: >> >On Tue, Sep 7, 2021 at 12:26 PM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> >> >> On 9/7/2021 11:40 AM, Hao Peng wrote: >> >> > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> >> >> >> >> On 9/7/2021 10:35 AM, Hao Peng wrote: >> >> >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >> >> >>>> >> >> >>>> On 9/7/2021 9:47 AM, Hao Peng wrote: >> >> >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: >> >> >>>>>> >> >> >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: >> >> >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >> >> >>>>>>> RTM and HLE features, it will affect TAA mitigation. >> >> >>>>>>> >> >> >>>>>>> Signed-off-by: Peng Hao <flyingpeng@tencent.com> >> >> >>>>>>> --- >> >> >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ >> >> >>>>>>> 1 file changed, 7 insertions(+) >> >> >>>>>>> >> >> >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >> >> >>>>>>> index 9c7a5f049292..5e852c14fef2 100644 >> >> >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c >> >> >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c >> >> >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void) >> >> >>>>>>> >> >> >>>>>>> if (!tsx_ctrl_is_supported()) { >> >> >>>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >> >> >>>>>>> + >> >> >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >> >> >>>>>>> + * but guest supports RTM and HLE features, it will affect TAA >> >> >>>>>>> + * (tsx_async_abort)mitigation. >> >> >>>>>>> + */ >> >> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM); >> >> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE); >> >> >>>> >> >> >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in >> >> >>>> taa_select_mitigation() >> >> >>>> >> >> >>>>>>> return; >> >> >>>>>>> } >> >> >>>>>> >> >> >>>>>> How does that even happen - the hypervisor does not support the MSR but >> >> >>>>>> "guest supports" TSX features?! >> >> >>>>>> >> >> >>>>>> I guess the guest is detecting it wrong. >> >> >>>>>> >> >> >>>>>> What hypervisor, what guest, how do I reproduce? >> >> >>>>>> >> >> >>>>> hypervisor is kvm, guest is linux too. >> >> >>>>>> Please give full details. >> >> >>>>>> >> >> >>>>> The host I used is kernel-5.4, and guest is kernel-5.13. >> >> >>>>> MSR_IA32_TSX_CTRL is exposed >> >> >>>>> to guest and guest to support RTM and HLE features, no direct >> >> >>>>> dependence. at the qemu I >> >> >>>>> started guest with -cpu host-model. >> >> >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not >> >> >>>>> exposed to guest. >> >> >>>> >> >> >>>> Does guest see TAA_NO bit? >> >> >>>> >> >> >>> Guest can't see taa_no, which requires updating qemu to solve. But I think >> >> >>> there is a compatibility process here. >> >> >> >> >> >> Anyway, there should be some existing code in kernel already to handle >> >> >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't >> >> >> report MSR_TSX_CTRL nor TAA_NO. >> >> >> >> >> > Can you point out which patches ? At present, guest is kernel-5.13 >> >> > still has this problem. >> >> >> >> What's the output of 'cat >> >> /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest? >> >> >> >Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown. >> >> This suggests that the microcode is old. Can you please share the output >> of below cmds on host and guest: >> >> $ grep . /sys/devices/system/cpu/vulnerabilities/* >host : not affected >guest: Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host >state unknown. This would mean TAA_NO is not being exported to guest. Most likely qemu needs to be patched for the CPU configuration you are using. Thanks, Pawan ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 2:56 ` Xiaoyao Li 2021-09-07 3:40 ` Hao Peng @ 2021-09-07 5:28 ` Pawan Gupta 1 sibling, 0 replies; 18+ messages in thread From: Pawan Gupta @ 2021-09-07 5:28 UTC (permalink / raw) To: Xiaoyao Li; +Cc: Hao Peng, Borislav Petkov, tglx, mingo, x86, linux-kernel On 07.09.2021 10:56, Xiaoyao Li wrote: >On 9/7/2021 10:35 AM, Hao Peng wrote: >>On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@intel.com> wrote: >>> >>>On 9/7/2021 9:47 AM, Hao Peng wrote: >>>>On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@alien8.de> wrote: >>>>> >>>>>On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote: >>>>>>If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >>>>>>RTM and HLE features, it will affect TAA mitigation. >>>>>> >>>>>>Signed-off-by: Peng Hao <flyingpeng@tencent.com> >>>>>>--- >>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++ >>>>>> 1 file changed, 7 insertions(+) >>>>>> >>>>>>diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >>>>>>index 9c7a5f049292..5e852c14fef2 100644 >>>>>>--- a/arch/x86/kernel/cpu/tsx.c >>>>>>+++ b/arch/x86/kernel/cpu/tsx.c >>>>>>@@ -122,6 +122,13 @@ void __init tsx_init(void) >>>>>> >>>>>> if (!tsx_ctrl_is_supported()) { >>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >>>>>>+ >>>>>>+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >>>>>>+ * but guest supports RTM and HLE features, it will affect TAA >>>>>>+ * (tsx_async_abort)mitigation. >>>>>>+ */ >>>>>>+ setup_clear_cpu_cap(X86_FEATURE_RTM); >>>>>>+ setup_clear_cpu_cap(X86_FEATURE_HLE); >>> >>>anyway, IMHO, we shouldn't do anything here for TAA. It should be in >>>taa_select_mitigation() >>> >>>>>> return; >>>>>> } >>>>> >>>>>How does that even happen - the hypervisor does not support the MSR but >>>>>"guest supports" TSX features?! >>>>> >>>>>I guess the guest is detecting it wrong. >>>>> >>>>>What hypervisor, what guest, how do I reproduce? >>>>> >>>>hypervisor is kvm, guest is linux too. >>>>>Please give full details. >>>>> >>>>The host I used is kernel-5.4, and guest is kernel-5.13. >>>>MSR_IA32_TSX_CTRL is exposed >>>>to guest and guest to support RTM and HLE features, no direct >>>>dependence. at the qemu I >>>>started guest with -cpu host-model. >>>>I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not >>>>exposed to guest. >>> >>>Does guest see TAA_NO bit? >>> >>Guest can't see taa_no, which requires updating qemu to solve. But I think >>there is a compatibility process here. > >Anyway, there should be some existing code in kernel already to handle >the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES >doesn't report MSR_TSX_CTRL nor TAA_NO. When TSX_CTRL MSR is not supported, TAA mitigation is same as MDS, and it is deployed automatically provided the system has a recent microcode. Thanks, Pawan ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-06 2:46 [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported Hao Peng 2021-09-06 9:30 ` Borislav Petkov @ 2021-09-07 5:14 ` Pawan Gupta 2021-09-07 6:36 ` Hao Peng 1 sibling, 1 reply; 18+ messages in thread From: Pawan Gupta @ 2021-09-07 5:14 UTC (permalink / raw) To: Hao Peng; +Cc: tglx, mingo, bp, x86, linux-kernel On 06.09.2021 10:46, Hao Peng wrote: >If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >RTM and HLE features, it will affect TAA mitigation. Guests are on purpose not allowed to control TSX via MSR_IA32_TSX_CTRL, otherwise a malicious guest can enable TSX and attack host or other guests. The TAA mitigation within a guest is same as MDS i.e. micro-architectural buffer clear using VERW instruction. Support for VERW is added by the microcode update and enumerate by MSR_ARCH_CAP[MD_CLEAR] bit. >Signed-off-by: Peng Hao <flyingpeng@tencent.com> >--- > arch/x86/kernel/cpu/tsx.c | 7 +++++++ > 1 file changed, 7 insertions(+) > >diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >index 9c7a5f049292..5e852c14fef2 100644 >--- a/arch/x86/kernel/cpu/tsx.c >+++ b/arch/x86/kernel/cpu/tsx.c >@@ -122,6 +122,13 @@ void __init tsx_init(void) > > if (!tsx_ctrl_is_supported()) { > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >+ >+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >+ * but guest supports RTM and HLE features, it will affect TAA >+ * (tsx_async_abort)mitigation. >+ */ >+ setup_clear_cpu_cap(X86_FEATURE_RTM); >+ setup_clear_cpu_cap(X86_FEATURE_HLE); This is not correct. TSX feature can exist without TSX_CTRL MSR. Moreover, clearing the cached bits with setup_clear_cpu_cap() doesn't disable the TSX feature in CPU. Thanks, Pawan ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 5:14 ` Pawan Gupta @ 2021-09-07 6:36 ` Hao Peng 2021-09-07 22:59 ` Pawan Gupta 0 siblings, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-07 6:36 UTC (permalink / raw) To: Pawan Gupta; +Cc: tglx, mingo, Borislav Petkov, x86, linux-kernel On Tue, Sep 7, 2021 at 1:13 PM Pawan Gupta <pawan.kumar.gupta@linux.intel.com> wrote: > > On 06.09.2021 10:46, Hao Peng wrote: > >If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > >RTM and HLE features, it will affect TAA mitigation. > > Guests are on purpose not allowed to control TSX via MSR_IA32_TSX_CTRL, > otherwise a malicious guest can enable TSX and attack host or other > guests. The TAA mitigation within a guest is same as MDS i.e. > micro-architectural buffer clear using VERW instruction. Support for > VERW is added by the microcode update and enumerate by > MSR_ARCH_CAP[MD_CLEAR] bit. > > >Signed-off-by: Peng Hao <flyingpeng@tencent.com> > >--- > > arch/x86/kernel/cpu/tsx.c | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > >diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > >index 9c7a5f049292..5e852c14fef2 100644 > >--- a/arch/x86/kernel/cpu/tsx.c > >+++ b/arch/x86/kernel/cpu/tsx.c > >@@ -122,6 +122,13 @@ void __init tsx_init(void) > > > > if (!tsx_ctrl_is_supported()) { > > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > >+ > >+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > >+ * but guest supports RTM and HLE features, it will affect TAA > >+ * (tsx_async_abort)mitigation. > >+ */ > >+ setup_clear_cpu_cap(X86_FEATURE_RTM); > >+ setup_clear_cpu_cap(X86_FEATURE_HLE); > > This is not correct. TSX feature can exist without TSX_CTRL MSR. > Moreover, clearing the cached bits with setup_clear_cpu_cap() doesn't > disable the TSX feature in CPU. > After applying this patch, the output of /sys/devices/system/cpu/vulnerabilities/tsx_async_abort becomes “Mitigation: TSX disabled”.Do you mean that tsx is still enabled in this case in guest? I made a mistake in the description before. This problem occurred under the qemu -cpu Icelake-server . When I debug this problem to -cpu host, the guest can see taa-no. Thanks. > Thanks, > Pawan ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 6:36 ` Hao Peng @ 2021-09-07 22:59 ` Pawan Gupta 2021-09-08 5:06 ` Hao Peng 0 siblings, 1 reply; 18+ messages in thread From: Pawan Gupta @ 2021-09-07 22:59 UTC (permalink / raw) To: Hao Peng; +Cc: tglx, mingo, Borislav Petkov, x86, linux-kernel On 07.09.2021 14:36, Hao Peng wrote: >On Tue, Sep 7, 2021 at 1:13 PM Pawan Gupta ><pawan.kumar.gupta@linux.intel.com> wrote: >> >> On 06.09.2021 10:46, Hao Peng wrote: >> >If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >> >RTM and HLE features, it will affect TAA mitigation. >> >> Guests are on purpose not allowed to control TSX via MSR_IA32_TSX_CTRL, >> otherwise a malicious guest can enable TSX and attack host or other >> guests. The TAA mitigation within a guest is same as MDS i.e. >> micro-architectural buffer clear using VERW instruction. Support for >> VERW is added by the microcode update and enumerate by >> MSR_ARCH_CAP[MD_CLEAR] bit. >> >> >Signed-off-by: Peng Hao <flyingpeng@tencent.com> >> >--- >> > arch/x86/kernel/cpu/tsx.c | 7 +++++++ >> > 1 file changed, 7 insertions(+) >> > >> >diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >> >index 9c7a5f049292..5e852c14fef2 100644 >> >--- a/arch/x86/kernel/cpu/tsx.c >> >+++ b/arch/x86/kernel/cpu/tsx.c >> >@@ -122,6 +122,13 @@ void __init tsx_init(void) >> > >> > if (!tsx_ctrl_is_supported()) { >> > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >> >+ >> >+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >> >+ * but guest supports RTM and HLE features, it will affect TAA >> >+ * (tsx_async_abort)mitigation. >> >+ */ >> >+ setup_clear_cpu_cap(X86_FEATURE_RTM); >> >+ setup_clear_cpu_cap(X86_FEATURE_HLE); >> >> This is not correct. TSX feature can exist without TSX_CTRL MSR. >> Moreover, clearing the cached bits with setup_clear_cpu_cap() doesn't >> disable the TSX feature in CPU. >> >After applying this patch, the output of >/sys/devices/system/cpu/vulnerabilities/tsx_async_abort >becomes “Mitigation: TSX disabled”.Do you mean that tsx is still >enabled in this case in guest? If the host has TSX enabled, guest can use TSX instructions irrespective of what cpu capabilities in the guest says. >I made a mistake in the description before. This problem occurred >under the qemu -cpu Icelake-server . So looks like the real problem is with qemu feature definitions for cpu "Icelake-Server", it is probably not exporting "taa-no". >When I debug this problem to -cpu host, the guest can see taa-no. >Thanks. Thats good. ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-07 22:59 ` Pawan Gupta @ 2021-09-08 5:06 ` Hao Peng 2021-09-08 16:02 ` Pawan Gupta 0 siblings, 1 reply; 18+ messages in thread From: Hao Peng @ 2021-09-08 5:06 UTC (permalink / raw) To: Pawan Gupta; +Cc: tglx, mingo, Borislav Petkov, x86, linux-kernel On Wed, Sep 8, 2021 at 6:57 AM Pawan Gupta <pawan.kumar.gupta@linux.intel.com> wrote: > > On 07.09.2021 14:36, Hao Peng wrote: > >On Tue, Sep 7, 2021 at 1:13 PM Pawan Gupta > ><pawan.kumar.gupta@linux.intel.com> wrote: > >> > >> On 06.09.2021 10:46, Hao Peng wrote: > >> >If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports > >> >RTM and HLE features, it will affect TAA mitigation. > >> > >> Guests are on purpose not allowed to control TSX via MSR_IA32_TSX_CTRL, > >> otherwise a malicious guest can enable TSX and attack host or other > >> guests. The TAA mitigation within a guest is same as MDS i.e. > >> micro-architectural buffer clear using VERW instruction. Support for > >> VERW is added by the microcode update and enumerate by > >> MSR_ARCH_CAP[MD_CLEAR] bit. > >> > >> >Signed-off-by: Peng Hao <flyingpeng@tencent.com> > >> >--- > >> > arch/x86/kernel/cpu/tsx.c | 7 +++++++ > >> > 1 file changed, 7 insertions(+) > >> > > >> >diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c > >> >index 9c7a5f049292..5e852c14fef2 100644 > >> >--- a/arch/x86/kernel/cpu/tsx.c > >> >+++ b/arch/x86/kernel/cpu/tsx.c > >> >@@ -122,6 +122,13 @@ void __init tsx_init(void) > >> > > >> > if (!tsx_ctrl_is_supported()) { > >> > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; > >> >+ > >> >+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, > >> >+ * but guest supports RTM and HLE features, it will affect TAA > >> >+ * (tsx_async_abort)mitigation. > >> >+ */ > >> >+ setup_clear_cpu_cap(X86_FEATURE_RTM); > >> >+ setup_clear_cpu_cap(X86_FEATURE_HLE); > >> > >> This is not correct. TSX feature can exist without TSX_CTRL MSR. > >> Moreover, clearing the cached bits with setup_clear_cpu_cap() doesn't > >> disable the TSX feature in CPU. > >> > >After applying this patch, the output of > >/sys/devices/system/cpu/vulnerabilities/tsx_async_abort > >becomes “Mitigation: TSX disabled”.Do you mean that tsx is still > >enabled in this case in guest? > > If the host has TSX enabled, guest can use TSX instructions irrespective > of what cpu capabilities in the guest says. > I understand that guest cannot produce any actual effects on the hardware, so if the host has resolved the TAA bug on the hardware, does the guest actually have no vulnerability no matter what TAA status is displayed? > >I made a mistake in the description before. This problem occurred > >under the qemu -cpu Icelake-server . > > So looks like the real problem is with qemu feature definitions for > cpu "Icelake-Server", it is probably not exporting "taa-no". > Yes, I already know the reason, but because it is inconvenient to update the version of the host component, consider the guest compatibility method. > >When I debug this problem to -cpu host, the guest can see taa-no. > >Thanks. > > Thats good. ^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported 2021-09-08 5:06 ` Hao Peng @ 2021-09-08 16:02 ` Pawan Gupta 0 siblings, 0 replies; 18+ messages in thread From: Pawan Gupta @ 2021-09-08 16:02 UTC (permalink / raw) To: Hao Peng; +Cc: tglx, mingo, Borislav Petkov, x86, linux-kernel On 08.09.2021 13:06, Hao Peng wrote: >On Wed, Sep 8, 2021 at 6:57 AM Pawan Gupta ><pawan.kumar.gupta@linux.intel.com> wrote: >> >> On 07.09.2021 14:36, Hao Peng wrote: >> >On Tue, Sep 7, 2021 at 1:13 PM Pawan Gupta >> ><pawan.kumar.gupta@linux.intel.com> wrote: >> >> >> >> On 06.09.2021 10:46, Hao Peng wrote: >> >> >If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports >> >> >RTM and HLE features, it will affect TAA mitigation. >> >> >> >> Guests are on purpose not allowed to control TSX via MSR_IA32_TSX_CTRL, >> >> otherwise a malicious guest can enable TSX and attack host or other >> >> guests. The TAA mitigation within a guest is same as MDS i.e. >> >> micro-architectural buffer clear using VERW instruction. Support for >> >> VERW is added by the microcode update and enumerate by >> >> MSR_ARCH_CAP[MD_CLEAR] bit. >> >> >> >> >Signed-off-by: Peng Hao <flyingpeng@tencent.com> >> >> >--- >> >> > arch/x86/kernel/cpu/tsx.c | 7 +++++++ >> >> > 1 file changed, 7 insertions(+) >> >> > >> >> >diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c >> >> >index 9c7a5f049292..5e852c14fef2 100644 >> >> >--- a/arch/x86/kernel/cpu/tsx.c >> >> >+++ b/arch/x86/kernel/cpu/tsx.c >> >> >@@ -122,6 +122,13 @@ void __init tsx_init(void) >> >> > >> >> > if (!tsx_ctrl_is_supported()) { >> >> > tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; >> >> >+ >> >> >+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation, >> >> >+ * but guest supports RTM and HLE features, it will affect TAA >> >> >+ * (tsx_async_abort)mitigation. >> >> >+ */ >> >> >+ setup_clear_cpu_cap(X86_FEATURE_RTM); >> >> >+ setup_clear_cpu_cap(X86_FEATURE_HLE); >> >> >> >> This is not correct. TSX feature can exist without TSX_CTRL MSR. >> >> Moreover, clearing the cached bits with setup_clear_cpu_cap() doesn't >> >> disable the TSX feature in CPU. >> >> >> >After applying this patch, the output of >> >/sys/devices/system/cpu/vulnerabilities/tsx_async_abort >> >becomes “Mitigation: TSX disabled”.Do you mean that tsx is still >> >enabled in this case in guest? >> >> If the host has TSX enabled, guest can use TSX instructions irrespective >> of what cpu capabilities in the guest says. >> >I understand that guest cannot produce any actual effects on the hardware, >so if the host has resolved the TAA bug on the hardware, does the guest actually >have no vulnerability no matter what TAA status is displayed? Yes, if the host does not have TAA bug, guest also does not have it. ^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2021-09-08 16:00 UTC | newest] Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-09-06 2:46 [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported Hao Peng 2021-09-06 9:30 ` Borislav Petkov 2021-09-07 1:47 ` Hao Peng 2021-09-07 2:08 ` Xiaoyao Li 2021-09-07 2:35 ` Hao Peng 2021-09-07 2:56 ` Xiaoyao Li 2021-09-07 3:40 ` Hao Peng 2021-09-07 4:26 ` Xiaoyao Li 2021-09-07 4:39 ` Hao Peng 2021-09-07 5:38 ` Pawan Gupta 2021-09-07 6:56 ` Hao Peng 2021-09-07 23:07 ` Pawan Gupta 2021-09-07 5:28 ` Pawan Gupta 2021-09-07 5:14 ` Pawan Gupta 2021-09-07 6:36 ` Hao Peng 2021-09-07 22:59 ` Pawan Gupta 2021-09-08 5:06 ` Hao Peng 2021-09-08 16:02 ` Pawan Gupta
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.