* [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status @ 2019-11-15 16:14 Waiman Long 2019-11-15 16:14 ` [PATCH v2 1/2] " Waiman Long ` (2 more replies) 0 siblings, 3 replies; 13+ messages in thread From: Waiman Long @ 2019-11-15 16:14 UTC (permalink / raw) To: Thomas Gleixner, Ingo Molnar, Borislav Petkov, H. Peter Anvin, x86 Cc: linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck, Waiman Long v2: - Update the documentation files accordingly - Add an optional second patch to defer printing of MDS mitigation. As MDS and TAA mitigations can be inter-related, setting command line option for one without a matching other may cause one of their vulnerabilities files to report their status incorrectly. This patch makes sure that both vulnerabilities files will report consistent status correctly. Waiman Long (2): x86/speculation: Fix incorrect MDS/TAA mitigation status x86/speculation: Fix redundant MDS mitigation message Documentation/admin-guide/hw-vuln/mds.rst | 6 ++++- .../admin-guide/hw-vuln/tsx_async_abort.rst | 5 +++- arch/x86/kernel/cpu/bugs.c | 27 +++++++++++++++++-- 3 files changed, 34 insertions(+), 4 deletions(-) -- 2.18.1 ^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v2 1/2] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 16:14 [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long @ 2019-11-15 16:14 ` Waiman Long 2019-11-15 17:09 ` Boris Petkov 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long 2019-11-15 16:14 ` [PATCH v2 2/2] x86/speculation: Fix redundant MDS mitigation message Waiman Long 2019-11-15 16:17 ` [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long 2 siblings, 2 replies; 13+ messages in thread From: Waiman Long @ 2019-11-15 16:14 UTC (permalink / raw) To: Thomas Gleixner, Ingo Molnar, Borislav Petkov, H. Peter Anvin, x86 Cc: linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck, Waiman Long For MDS vulnerable processors with TSX support, enabling either MDS or TAA mitigations will enable the use of VERW to flush internal processor buffers at the right code path. IOW, they are either both mitigated or both not. However, if the command line options are inconsistent, the vulnerabilites sysfs files may not report the mitigation status correctly. For example, with only the "mds=off" option: vulnerabilities/mds:Vulnerable; SMT vulnerable vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT vulnerable The mds vulnerabilities file has wrong status in this case. Similarly, the taa vulnerability file will be wrong with mds mitigation on, but taa off. Change taa_select_mitigation() to sync up the two mitigation status and have them turned off if both "mds=off" and "tsx_async_abort=off" are present. Both hw-vuln/mds.rst and hw-vuln/tsx_async_abort.rst are updated to emphasize the fact that both "mds=off" and "tsx_async_abort=off" have to be specified together for processors that are affected by both TAA and MDS to be effective. As kernel-parameter.txt references both documents above, it is not necessary to update it. Signed-off-by: Waiman Long <longman@redhat.com> --- Documentation/admin-guide/hw-vuln/mds.rst | 6 +++++- .../admin-guide/hw-vuln/tsx_async_abort.rst | 5 ++++- arch/x86/kernel/cpu/bugs.c | 17 +++++++++++++++-- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/Documentation/admin-guide/hw-vuln/mds.rst b/Documentation/admin-guide/hw-vuln/mds.rst index e3a796c0d3a2..8e5212fedac3 100644 --- a/Documentation/admin-guide/hw-vuln/mds.rst +++ b/Documentation/admin-guide/hw-vuln/mds.rst @@ -265,7 +265,11 @@ time with the option "mds=". The valid arguments for this option are: ============ ============================================================= -Not specifying this option is equivalent to "mds=full". +Not specifying this option is equivalent to "mds=full". For +processors that are affected by both TAA (TSX Asynchronous Abort) +and MDS, specifying just "mds=off" without an accompanying +"tsx_async_abort=off" will have no effect as the same mitigation is +used for both vulnerabilities. Mitigation selection guide diff --git a/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst b/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst index fddbd7579c53..af6865b822d2 100644 --- a/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst +++ b/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst @@ -174,7 +174,10 @@ the option "tsx_async_abort=". The valid arguments for this option are: CPU is not vulnerable to cross-thread TAA attacks. ============ ============================================================= -Not specifying this option is equivalent to "tsx_async_abort=full". +Not specifying this option is equivalent to "tsx_async_abort=full". For +processors that are affected by both TAA and MDS, specifying just +"tsx_async_abort=off" without an accompanying "mds=off" will have no +effect as the same mitigation is used for both vulnerabilities. The kernel command line also allows to control the TSX feature using the parameter "tsx=" on CPUs which support TSX control. MSR_IA32_TSX_CTRL is used diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 4c7b0fa15a19..cb513eaa0df1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -304,8 +304,12 @@ static void __init taa_select_mitigation(void) return; } - /* TAA mitigation is turned off on the cmdline (tsx_async_abort=off) */ - if (taa_mitigation == TAA_MITIGATION_OFF) + /* + * TAA mitigation via VERW is turned off if both + * tsx_async_abort=off and mds=off are specified. + */ + if (taa_mitigation == TAA_MITIGATION_OFF && + mds_mitigation == MDS_MITIGATION_OFF) goto out; if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) @@ -339,6 +343,15 @@ static void __init taa_select_mitigation(void) if (taa_nosmt || cpu_mitigations_auto_nosmt()) cpu_smt_disable(false); + /* + * Update MDS mitigation, if necessary, as the mds_user_clear is + * now enabled for TAA mitigation. + */ + if (mds_mitigation == MDS_MITIGATION_OFF && + boot_cpu_has_bug(X86_BUG_MDS)) { + mds_mitigation = MDS_MITIGATION_FULL; + mds_select_mitigation(); + } out: pr_info("%s\n", taa_strings[taa_mitigation]); } -- 2.18.1 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH v2 1/2] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 16:14 ` [PATCH v2 1/2] " Waiman Long @ 2019-11-15 17:09 ` Boris Petkov 2019-11-15 19:35 ` Thomas Gleixner 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long 1 sibling, 1 reply; 13+ messages in thread From: Boris Petkov @ 2019-11-15 17:09 UTC (permalink / raw) To: Waiman Long, Thomas Gleixner, Ingo Molnar, H. Peter Anvin, x86 Cc: linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck On November 15, 2019 5:14:44 PM GMT+01:00, Waiman Long <longman@redhat.com> wrote: >For MDS vulnerable processors with TSX support, enabling either MDS or >TAA mitigations will enable the use of VERW to flush internal processor >buffers at the right code path. IOW, they are either both mitigated >or both not. However, if the command line options are inconsistent, >the vulnerabilites sysfs files may not report the mitigation status >correctly. > >For example, with only the "mds=off" option: > > vulnerabilities/mds:Vulnerable; SMT vulnerable >vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT >vulnerable > >The mds vulnerabilities file has wrong status in this case. Similarly, >the taa vulnerability file will be wrong with mds mitigation on, but >taa off. > >Change taa_select_mitigation() to sync up the two mitigation status >and have them turned off if both "mds=off" and "tsx_async_abort=off" >are present. > >Both hw-vuln/mds.rst and hw-vuln/tsx_async_abort.rst are updated >to emphasize the fact that both "mds=off" and "tsx_async_abort=off" >have to be specified together for processors that are affected by both >TAA and MDS to be effective. As kernel-parameter.txt references both >documents above, it is not necessary to update it. What about kernel-parameters.txt? -- Sent from a small device: formatting sux and brevity is inevitable. ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH v2 1/2] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 17:09 ` Boris Petkov @ 2019-11-15 19:35 ` Thomas Gleixner 2019-11-15 20:21 ` Boris Petkov 0 siblings, 1 reply; 13+ messages in thread From: Thomas Gleixner @ 2019-11-15 19:35 UTC (permalink / raw) To: Boris Petkov Cc: Waiman Long, Ingo Molnar, H. Peter Anvin, x86, linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck On Fri, 15 Nov 2019, Boris Petkov wrote: > On November 15, 2019 5:14:44 PM GMT+01:00, Waiman Long <longman@redhat.com> wrote: > >For MDS vulnerable processors with TSX support, enabling either MDS or > >TAA mitigations will enable the use of VERW to flush internal processor > >buffers at the right code path. IOW, they are either both mitigated > >or both not. However, if the command line options are inconsistent, > >the vulnerabilites sysfs files may not report the mitigation status > >correctly. > > > >For example, with only the "mds=off" option: > > > > vulnerabilities/mds:Vulnerable; SMT vulnerable > >vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT > >vulnerable > > > >The mds vulnerabilities file has wrong status in this case. Similarly, > >the taa vulnerability file will be wrong with mds mitigation on, but > >taa off. > > > >Change taa_select_mitigation() to sync up the two mitigation status > >and have them turned off if both "mds=off" and "tsx_async_abort=off" > >are present. > > > >Both hw-vuln/mds.rst and hw-vuln/tsx_async_abort.rst are updated > >to emphasize the fact that both "mds=off" and "tsx_async_abort=off" > >have to be specified together for processors that are affected by both > >TAA and MDS to be effective. As kernel-parameter.txt references both > >documents above, it is not necessary to update it. > > What about kernel-parameters.txt? See the last sentence of the paragraph you replied to :) But serioulsy, yes we should mention the interaction in kernel-parameters.txt as well. Something like: off - Unconditionally disable MDS mitigation. + On TAA affected machines, mds=off can be prevented + by an active TAA mitigation as both vulnerabilities + are mitigated with the same mechanism. and the other way round for TAA. Thanks, tglx ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH v2 1/2] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 19:35 ` Thomas Gleixner @ 2019-11-15 20:21 ` Boris Petkov 2019-11-18 1:17 ` Waiman Long 0 siblings, 1 reply; 13+ messages in thread From: Boris Petkov @ 2019-11-15 20:21 UTC (permalink / raw) To: Thomas Gleixner Cc: Waiman Long, Ingo Molnar, H. Peter Anvin, x86, linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck On November 15, 2019 8:35:54 PM GMT+01:00, Thomas Gleixner <tglx@linutronix.de> wrote: >See the last sentence of the paragraph you replied to :) Proves even more that this should be documented in *all* places that talk about TAA cmdline options and we should not rely on references but write stuff out everywhere so that people can see it directly. >But serioulsy, yes we should mention the interaction in >kernel-parameters.txt as well. Something like: > > off - Unconditionally disable MDS mitigation. >+ On TAA affected machines, mds=off can be prevented >+ by an active TAA mitigation as both vulnerabilities >+ are mitigated with the same mechanism. > >and the other way round for TAA. Ack. Thx. -- Sent from a small device: formatting sux and brevity is inevitable. ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH v2 1/2] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 20:21 ` Boris Petkov @ 2019-11-18 1:17 ` Waiman Long 0 siblings, 0 replies; 13+ messages in thread From: Waiman Long @ 2019-11-18 1:17 UTC (permalink / raw) To: Boris Petkov, Thomas Gleixner Cc: Ingo Molnar, H. Peter Anvin, x86, linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck On 11/15/19 3:21 PM, Boris Petkov wrote: > On November 15, 2019 8:35:54 PM GMT+01:00, Thomas Gleixner <tglx@linutronix.de> wrote: >> See the last sentence of the paragraph you replied to :) > Proves even more that this should be documented in *all* places that talk about TAA cmdline options and we should not rely on references but write stuff out everywhere so that people can see it directly. > >> But serioulsy, yes we should mention the interaction in >> kernel-parameters.txt as well. Something like: >> >> off - Unconditionally disable MDS mitigation. >> + On TAA affected machines, mds=off can be prevented >> + by an active TAA mitigation as both vulnerabilities >> + are mitigated with the same mechanism. >> >> and the other way round for TAA. > Ack. > Sorry for late reply as I am out on Friday afternoon. On hindsight, I should have added relevant description to kernel-parameters.txt as it is the mostly read kernel document. Acked-by: Waiman Long <longman@redhat.com> Thanks, Longman ^ permalink raw reply [flat|nested] 13+ messages in thread
* [tip: x86/pti] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 16:14 ` [PATCH v2 1/2] " Waiman Long 2019-11-15 17:09 ` Boris Petkov @ 2019-11-16 12:25 ` tip-bot2 for Waiman Long 1 sibling, 0 replies; 13+ messages in thread From: tip-bot2 for Waiman Long @ 2019-11-16 12:25 UTC (permalink / raw) To: linux-tip-commits Cc: Waiman Long, Borislav Petkov, Greg Kroah-Hartman, H. Peter Anvin, Ingo Molnar, Jiri Kosina, Jonathan Corbet, Josh Poimboeuf, linux-doc, Mark Gross, stable, Pawan Gupta, Peter Zijlstra, Thomas Gleixner, Tim Chen, Tony Luck, Tyler Hicks, x86-ml, Ingo Molnar, Borislav Petkov, linux-kernel The following commit has been merged into the x86/pti branch of tip: Commit-ID: 64870ed1b12e235cfca3f6c6da75b542c973ff78 Gitweb: https://git.kernel.org/tip/64870ed1b12e235cfca3f6c6da75b542c973ff78 Author: Waiman Long <longman@redhat.com> AuthorDate: Fri, 15 Nov 2019 11:14:44 -05:00 Committer: Borislav Petkov <bp@suse.de> CommitterDate: Sat, 16 Nov 2019 13:17:49 +01:00 x86/speculation: Fix incorrect MDS/TAA mitigation status For MDS vulnerable processors with TSX support, enabling either MDS or TAA mitigations will enable the use of VERW to flush internal processor buffers at the right code path. IOW, they are either both mitigated or both not. However, if the command line options are inconsistent, the vulnerabilites sysfs files may not report the mitigation status correctly. For example, with only the "mds=off" option: vulnerabilities/mds:Vulnerable; SMT vulnerable vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT vulnerable The mds vulnerabilities file has wrong status in this case. Similarly, the taa vulnerability file will be wrong with mds mitigation on, but taa off. Change taa_select_mitigation() to sync up the two mitigation status and have them turned off if both "mds=off" and "tsx_async_abort=off" are present. Update documentation to emphasize the fact that both "mds=off" and "tsx_async_abort=off" have to be specified together for processors that are affected by both TAA and MDS to be effective. [ bp: Massage and add kernel-parameters.txt change too. ] Fixes: 1b42f017415b ("x86/speculation/taa: Add mitigation for TSX Async Abort") Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Jiri Kosina <jkosina@suse.cz> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: linux-doc@vger.kernel.org Cc: Mark Gross <mgross@linux.intel.com> Cc: <stable@vger.kernel.org> Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Tim Chen <tim.c.chen@linux.intel.com> Cc: Tony Luck <tony.luck@intel.com> Cc: Tyler Hicks <tyhicks@canonical.com> Cc: x86-ml <x86@kernel.org> Link: https://lkml.kernel.org/r/20191115161445.30809-2-longman@redhat.com --- Documentation/admin-guide/hw-vuln/mds.rst | 7 ++-- Documentation/admin-guide/hw-vuln/tsx_async_abort.rst | 5 ++- Documentation/admin-guide/kernel-parameters.txt | 11 ++++++- arch/x86/kernel/cpu/bugs.c | 17 ++++++++-- 4 files changed, 35 insertions(+), 5 deletions(-) diff --git a/Documentation/admin-guide/hw-vuln/mds.rst b/Documentation/admin-guide/hw-vuln/mds.rst index e3a796c..2d19c9f 100644 --- a/Documentation/admin-guide/hw-vuln/mds.rst +++ b/Documentation/admin-guide/hw-vuln/mds.rst @@ -265,8 +265,11 @@ time with the option "mds=". The valid arguments for this option are: ============ ============================================================= -Not specifying this option is equivalent to "mds=full". - +Not specifying this option is equivalent to "mds=full". For processors +that are affected by both TAA (TSX Asynchronous Abort) and MDS, +specifying just "mds=off" without an accompanying "tsx_async_abort=off" +will have no effect as the same mitigation is used for both +vulnerabilities. Mitigation selection guide -------------------------- diff --git a/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst b/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst index fddbd75..af6865b 100644 --- a/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst +++ b/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst @@ -174,7 +174,10 @@ the option "tsx_async_abort=". The valid arguments for this option are: CPU is not vulnerable to cross-thread TAA attacks. ============ ============================================================= -Not specifying this option is equivalent to "tsx_async_abort=full". +Not specifying this option is equivalent to "tsx_async_abort=full". For +processors that are affected by both TAA and MDS, specifying just +"tsx_async_abort=off" without an accompanying "mds=off" will have no +effect as the same mitigation is used for both vulnerabilities. The kernel command line also allows to control the TSX feature using the parameter "tsx=" on CPUs which support TSX control. MSR_IA32_TSX_CTRL is used diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 8dee8f6..9983ac7 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2473,6 +2473,12 @@ SMT on vulnerable CPUs off - Unconditionally disable MDS mitigation + On TAA-affected machines, mds=off can be prevented by + an active TAA mitigation as both vulnerabilities are + mitigated with the same mechanism so in order to disable + this mitigation, you need to specify tsx_async_abort=off + too. + Not specifying this option is equivalent to mds=full. @@ -4931,6 +4937,11 @@ vulnerable to cross-thread TAA attacks. off - Unconditionally disable TAA mitigation + On MDS-affected machines, tsx_async_abort=off can be + prevented by an active MDS mitigation as both vulnerabilities + are mitigated with the same mechanism so in order to disable + this mitigation, you need to specify mds=off too. + Not specifying this option is equivalent to tsx_async_abort=full. On CPUs which are MDS affected and deploy MDS mitigation, TAA mitigation is not diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 4c7b0fa..cb513ea 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -304,8 +304,12 @@ static void __init taa_select_mitigation(void) return; } - /* TAA mitigation is turned off on the cmdline (tsx_async_abort=off) */ - if (taa_mitigation == TAA_MITIGATION_OFF) + /* + * TAA mitigation via VERW is turned off if both + * tsx_async_abort=off and mds=off are specified. + */ + if (taa_mitigation == TAA_MITIGATION_OFF && + mds_mitigation == MDS_MITIGATION_OFF) goto out; if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) @@ -339,6 +343,15 @@ static void __init taa_select_mitigation(void) if (taa_nosmt || cpu_mitigations_auto_nosmt()) cpu_smt_disable(false); + /* + * Update MDS mitigation, if necessary, as the mds_user_clear is + * now enabled for TAA mitigation. + */ + if (mds_mitigation == MDS_MITIGATION_OFF && + boot_cpu_has_bug(X86_BUG_MDS)) { + mds_mitigation = MDS_MITIGATION_FULL; + mds_select_mitigation(); + } out: pr_info("%s\n", taa_strings[taa_mitigation]); } ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 2/2] x86/speculation: Fix redundant MDS mitigation message 2019-11-15 16:14 [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long 2019-11-15 16:14 ` [PATCH v2 1/2] " Waiman Long @ 2019-11-15 16:14 ` Waiman Long 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long 2019-11-16 14:38 ` tip-bot2 for Waiman Long 2019-11-15 16:17 ` [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long 2 siblings, 2 replies; 13+ messages in thread From: Waiman Long @ 2019-11-15 16:14 UTC (permalink / raw) To: Thomas Gleixner, Ingo Molnar, Borislav Petkov, H. Peter Anvin, x86 Cc: linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck, Waiman Long Since MDS and TAA mitigations are inter-related for processors that are affected by both vulnerabilities, the followiing confusing messages can be printed in the kernel log: MDS: Vulnerable MDS: Mitigation: Clear CPU buffers To avoid the first incorrect message, the printing of MDS mitigation is now deferred after the TAA mitigation selection has been done. However, that has the side effect of printing TAA mitigation first before MDS mitigation. Suggested-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Waiman Long <longman@redhat.com> --- arch/x86/kernel/cpu/bugs.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index cb513eaa0df1..5966a52b359f 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -39,6 +39,7 @@ static void __init spectre_v2_select_mitigation(void); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); +static void __init mds_print_mitigation(void); static void __init taa_select_mitigation(void); /* The base value of the SPEC_CTRL MSR that always has to be preserved. */ @@ -108,6 +109,12 @@ void __init check_bugs(void) mds_select_mitigation(); taa_select_mitigation(); + /* + * As MDS and TAA mitigations are inter-related, defer printing MDS + * mitigation until after TAA mitigation selection is done. + */ + mds_print_mitigation(); + arch_smt_update(); #ifdef CONFIG_X86_32 @@ -245,7 +252,10 @@ static void __init mds_select_mitigation(void) (mds_nosmt || cpu_mitigations_auto_nosmt())) cpu_smt_disable(false); } +} +static void __init mds_print_mitigation(void) +{ pr_info("%s\n", mds_strings[mds_mitigation]); } -- 2.18.1 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [tip: x86/pti] x86/speculation: Fix redundant MDS mitigation message 2019-11-15 16:14 ` [PATCH v2 2/2] x86/speculation: Fix redundant MDS mitigation message Waiman Long @ 2019-11-16 12:25 ` tip-bot2 for Waiman Long 2019-11-16 14:24 ` Borislav Petkov 2019-11-16 14:38 ` tip-bot2 for Waiman Long 1 sibling, 1 reply; 13+ messages in thread From: tip-bot2 for Waiman Long @ 2019-11-16 12:25 UTC (permalink / raw) To: linux-tip-commits Cc: Pawan Gupta, Waiman Long, Borislav Petkov, Greg Kroah-Hartman, H. Peter Anvin, Ingo Molnar, Josh Poimboeuf, Mark Gross, Peter Zijlstra, Thomas Gleixner, Tim Chen, Tony Luck, Tyler Hicks, x86-ml, Ingo Molnar, Borislav Petkov, linux-kernel The following commit has been merged into the x86/pti branch of tip: Commit-ID: 4bef279da30f0766615e680d519909da735758ca Gitweb: https://git.kernel.org/tip/4bef279da30f0766615e680d519909da735758ca Author: Waiman Long <longman@redhat.com> AuthorDate: Fri, 15 Nov 2019 11:14:45 -05:00 Committer: Borislav Petkov <bp@suse.de> CommitterDate: Sat, 16 Nov 2019 13:19:58 +01:00 x86/speculation: Fix redundant MDS mitigation message Since MDS and TAA mitigations are inter-related for processors that are affected by both vulnerabilities, the followiing confusing messages can be printed in the kernel log: MDS: Vulnerable MDS: Mitigation: Clear CPU buffers To avoid the first incorrect message, defer the printing of MDS mitigation after the TAA mitigation selection has been done. However, that has the side effect of printing TAA mitigation first before MDS mitigation. [ bp: Massage. ] Suggested-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Mark Gross <mgross@linux.intel.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Tim Chen <tim.c.chen@linux.intel.com> Cc: Tony Luck <tony.luck@intel.com> Cc: Tyler Hicks <tyhicks@canonical.com> Cc: x86-ml <x86@kernel.org> Link: https://lkml.kernel.org/r/20191115161445.30809-3-longman@redhat.com --- arch/x86/kernel/cpu/bugs.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index cb513ea..cb2fbd9 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -39,6 +39,7 @@ static void __init spectre_v2_select_mitigation(void); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); +static void __init mds_print_mitigation(void); static void __init taa_select_mitigation(void); /* The base value of the SPEC_CTRL MSR that always has to be preserved. */ @@ -108,6 +109,12 @@ void __init check_bugs(void) mds_select_mitigation(); taa_select_mitigation(); + /* + * As MDS and TAA mitigations are inter-related, print MDS + * mitigation until after TAA mitigation selection is done. + */ + mds_print_mitigation(); + arch_smt_update(); #ifdef CONFIG_X86_32 @@ -245,7 +252,10 @@ static void __init mds_select_mitigation(void) (mds_nosmt || cpu_mitigations_auto_nosmt())) cpu_smt_disable(false); } +} +static void __init mds_print_mitigation(void) +{ pr_info("%s\n", mds_strings[mds_mitigation]); } ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [tip: x86/pti] x86/speculation: Fix redundant MDS mitigation message 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long @ 2019-11-16 14:24 ` Borislav Petkov 2019-11-18 1:22 ` Waiman Long 0 siblings, 1 reply; 13+ messages in thread From: Borislav Petkov @ 2019-11-16 14:24 UTC (permalink / raw) To: Waiman Long Cc: linux-tip-commits, Pawan Gupta, Waiman Long, Borislav Petkov, Greg Kroah-Hartman, H. Peter Anvin, Ingo Molnar, Josh Poimboeuf, Mark Gross, Peter Zijlstra, Thomas Gleixner, Tim Chen, Tony Luck, Tyler Hicks, x86-ml, Ingo Molnar, linux-kernel On Sat, Nov 16, 2019 at 12:25:19PM -0000, tip-bot2 for Waiman Long wrote: > +static void __init mds_print_mitigation(void) > +{ > pr_info("%s\n", mds_strings[mds_mitigation]); > } Almost. This causes MDS: Vulnerable to be printed on an in-order 32-bit Atom here, which is wrong. I've fixed it up to: --- diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index cb2fbd93ef4d..8bf64899f56a 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -256,6 +256,9 @@ static void __init mds_select_mitigation(void) static void __init mds_print_mitigation(void) { + if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) + return; + pr_info("%s\n", mds_strings[mds_mitigation]); } -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [tip: x86/pti] x86/speculation: Fix redundant MDS mitigation message 2019-11-16 14:24 ` Borislav Petkov @ 2019-11-18 1:22 ` Waiman Long 0 siblings, 0 replies; 13+ messages in thread From: Waiman Long @ 2019-11-18 1:22 UTC (permalink / raw) To: Borislav Petkov Cc: linux-tip-commits, Pawan Gupta, Borislav Petkov, Greg Kroah-Hartman, H. Peter Anvin, Ingo Molnar, Josh Poimboeuf, Mark Gross, Peter Zijlstra, Thomas Gleixner, Tim Chen, Tony Luck, Tyler Hicks, x86-ml, Ingo Molnar, linux-kernel On 11/16/19 9:24 AM, Borislav Petkov wrote: > On Sat, Nov 16, 2019 at 12:25:19PM -0000, tip-bot2 for Waiman Long wrote: >> +static void __init mds_print_mitigation(void) >> +{ >> pr_info("%s\n", mds_strings[mds_mitigation]); >> } > Almost. This causes > > MDS: Vulnerable > > to be printed on an in-order 32-bit Atom here, which is wrong. I've > fixed it up to: > > --- > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index cb2fbd93ef4d..8bf64899f56a 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -256,6 +256,9 @@ static void __init mds_select_mitigation(void) > > static void __init mds_print_mitigation(void) > { > + if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) > + return; > + > pr_info("%s\n", mds_strings[mds_mitigation]); > } > > You are right. I missed that. Thanks for fixing it. Cheers, Longman ^ permalink raw reply [flat|nested] 13+ messages in thread
* [tip: x86/pti] x86/speculation: Fix redundant MDS mitigation message 2019-11-15 16:14 ` [PATCH v2 2/2] x86/speculation: Fix redundant MDS mitigation message Waiman Long 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long @ 2019-11-16 14:38 ` tip-bot2 for Waiman Long 1 sibling, 0 replies; 13+ messages in thread From: tip-bot2 for Waiman Long @ 2019-11-16 14:38 UTC (permalink / raw) To: linux-tip-commits Cc: Pawan Gupta, Waiman Long, Borislav Petkov, Greg Kroah-Hartman, H. Peter Anvin, Ingo Molnar, Josh Poimboeuf, Mark Gross, Peter Zijlstra, Thomas Gleixner, Tim Chen, Tony Luck, Tyler Hicks, x86-ml, Ingo Molnar, Borislav Petkov, linux-kernel The following commit has been merged into the x86/pti branch of tip: Commit-ID: cd5a2aa89e847bdda7b62029d94e95488d73f6b2 Gitweb: https://git.kernel.org/tip/cd5a2aa89e847bdda7b62029d94e95488d73f6b2 Author: Waiman Long <longman@redhat.com> AuthorDate: Fri, 15 Nov 2019 11:14:45 -05:00 Committer: Borislav Petkov <bp@suse.de> CommitterDate: Sat, 16 Nov 2019 15:24:56 +01:00 x86/speculation: Fix redundant MDS mitigation message Since MDS and TAA mitigations are inter-related for processors that are affected by both vulnerabilities, the followiing confusing messages can be printed in the kernel log: MDS: Vulnerable MDS: Mitigation: Clear CPU buffers To avoid the first incorrect message, defer the printing of MDS mitigation after the TAA mitigation selection has been done. However, that has the side effect of printing TAA mitigation first before MDS mitigation. [ bp: Check box is affected/mitigations are disabled first before printing and massage. ] Suggested-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Mark Gross <mgross@linux.intel.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Tim Chen <tim.c.chen@linux.intel.com> Cc: Tony Luck <tony.luck@intel.com> Cc: Tyler Hicks <tyhicks@canonical.com> Cc: x86-ml <x86@kernel.org> Link: https://lkml.kernel.org/r/20191115161445.30809-3-longman@redhat.com --- arch/x86/kernel/cpu/bugs.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index cb513ea..8bf6489 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -39,6 +39,7 @@ static void __init spectre_v2_select_mitigation(void); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); +static void __init mds_print_mitigation(void); static void __init taa_select_mitigation(void); /* The base value of the SPEC_CTRL MSR that always has to be preserved. */ @@ -108,6 +109,12 @@ void __init check_bugs(void) mds_select_mitigation(); taa_select_mitigation(); + /* + * As MDS and TAA mitigations are inter-related, print MDS + * mitigation until after TAA mitigation selection is done. + */ + mds_print_mitigation(); + arch_smt_update(); #ifdef CONFIG_X86_32 @@ -245,6 +252,12 @@ static void __init mds_select_mitigation(void) (mds_nosmt || cpu_mitigations_auto_nosmt())) cpu_smt_disable(false); } +} + +static void __init mds_print_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) + return; pr_info("%s\n", mds_strings[mds_mitigation]); } ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status 2019-11-15 16:14 [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long 2019-11-15 16:14 ` [PATCH v2 1/2] " Waiman Long 2019-11-15 16:14 ` [PATCH v2 2/2] x86/speculation: Fix redundant MDS mitigation message Waiman Long @ 2019-11-15 16:17 ` Waiman Long 2 siblings, 0 replies; 13+ messages in thread From: Waiman Long @ 2019-11-15 16:17 UTC (permalink / raw) To: Thomas Gleixner, Ingo Molnar, Borislav Petkov, H. Peter Anvin, x86 Cc: linux-kernel, Josh Poimboeuf, Greg Kroah-Hartman, Pawan Gupta, Mark Gross, Tony Luck On 11/15/19 11:14 AM, Waiman Long wrote: > v2: > - Update the documentation files accordingly > - Add an optional second patch to defer printing of MDS mitigation. Note that I consider the 2nd patch as optional. What is important is the first one. Cheers, Longman ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2019-11-18 1:23 UTC | newest] Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-11-15 16:14 [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long 2019-11-15 16:14 ` [PATCH v2 1/2] " Waiman Long 2019-11-15 17:09 ` Boris Petkov 2019-11-15 19:35 ` Thomas Gleixner 2019-11-15 20:21 ` Boris Petkov 2019-11-18 1:17 ` Waiman Long 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long 2019-11-15 16:14 ` [PATCH v2 2/2] x86/speculation: Fix redundant MDS mitigation message Waiman Long 2019-11-16 12:25 ` [tip: x86/pti] " tip-bot2 for Waiman Long 2019-11-16 14:24 ` Borislav Petkov 2019-11-18 1:22 ` Waiman Long 2019-11-16 14:38 ` tip-bot2 for Waiman Long 2019-11-15 16:17 ` [PATCH v2 0/2] x86/speculation: Fix incorrect MDS/TAA mitigation status Waiman Long
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.