From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <tglx@linutronix.de>
Received: from hsi-kbw-5-158-153-52.hsi19.kabel-badenwuerttemberg.de
 ([5.158.153.52] helo=nanos.tec.linutronix.de)	by Galois.linutronix.de with
 esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)	(Exim 4.80)	(envelope-from
 <tglx@linutronix.de>)	id 1fICrg-0003uP-K3	for speck@linutronix.de; Mon, 14
 May 2018 14:46:08 +0200
Date: Mon, 14 May 2018 14:46:05 +0200 (CEST)
From: Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [patch 06/15] Hidden 6
In-Reply-To: <20180514120902.GQ12217@hirez.programming.kicks-ass.net>
Message-ID: <alpine.DEB.2.21.1805141443330.1570@nanos.tec.linutronix.de>
References: <20180513140048.543641807@linutronix.de>
 <20180513140538.715249208@linutronix.de>
 <20180514120902.GQ12217@hirez.programming.kicks-ass.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Mon, 14 May 2018, speck for Peter Zijlstra wrote:
> On Sun, May 13, 2018 at 04:00:54PM +0200, speck for Thomas Gleixner wrote:
> > Subject: [patch 06/15] x86/speculation: Handle HT correctly on AMD
> > From: Thomas Gleixner <tglx@linutronix.de>
> > 
> > The AMD64_LS_CFG MSR is a per core MSR on Family 17H CPUs. That means when
> > hyperthreading is enabled the SSBD bit toggle needs to take both cores into
> > account. Otherwise the following situation can happen:
> > 
> > CPU0		CPU1
> > 
> > disable SSB
> > 		disable SSB
> > 		enable  SSB <- Enables it for the Core, i.e. for CPU0 as well
> > 
> > So after the SSB enable on CPU1 the task on CPU0 runs with SSB enabled
> > again.
> > 
> > On Intel the SSBD control is per core as well, but the synchronization
> > logic is implemented behind the per thread SPEC_CTRL MSR.
> > 
> > Add the necessary synchronization logic for AMD family 17H. Unfortunately
> > that requires a spinlock to serialize the access to the MSR, but the locks
> > are only shared between siblings.
> 
> So we don't need this from NMI context anymore?

Well, toggling that stuff from NMI is horrible anyway and I don't see how
that would ever work with the Zen sibling coordination.

The current goal is to focus on software mitigations in BPF and avoid the
toggle stuff from random contexts completely.  Alexei will show up on the
list soon...

Thanks,

	tglx