* [Bug 215969] New: Guest deploying TAA mitigation on (not affected) ICX host
@ 2022-05-12 5:07 bugzilla-daemon
0 siblings, 0 replies; only message in thread
From: bugzilla-daemon @ 2022-05-12 5:07 UTC (permalink / raw)
To: kvm
https://bugzilla.kernel.org/show_bug.cgi?id=215969
Bug ID: 215969
Summary: Guest deploying TAA mitigation on (not affected) ICX
host
Product: Virtualization
Version: unspecified
Kernel Version: v5.18-rc3
Hardware: Intel
OS: Linux
Tree: Mainline
Status: NEW
Severity: high
Priority: P1
Component: kvm
Assignee: virtualization_kvm@kernel-bugs.osdl.org
Reporter: pawan.kumar.gupta@linux.intel.com
Regression: No
On a hardware that enumerates TAA_NO (i.e. not affected by TSX Async Abort
(TAA)), a certain guest/host configuration can result in guest enumerating TAA
vulnerability and unnecessarily deploying MD_CLEAR(CPU buffer clear)
mitigation.
Icelake Server has TAA_NO and supports MSR TSX_CTRL, and by default linux
disables TSX feature, resetting CPUID.RTM at host bootup.
Currently KVM hides TAA_NO from guests when host has CPUID.RTM=0. Because KVM
also exports MSR TSX_CTRL to guests, a guest with "tsx=on" cmdline parameter
would enable TSX feature, setting X86_FEATURE_RTM.
taa_select_mitigation() with X86_FEATURE_RTM=1 and TAA_NO=0, deploys Clear CPU
buffers mitigation.
A probable fix is to export TAA_NO to guests. Alternately, KVM can choose not
to export MSR TSX_CTRL.
Guests anyways can't use MSR TSX_CTRL to enable TSX, but I think it was
exported to guest to support some migration scenarios:
https://lore.kernel.org/lkml/20210129101912.1857809-1-pbonzini@redhat.com/
---
Setup info:
ICX HOST configuration:
Vendor ID: GenuineIntel
CPU family: 6
Model: 106
Model name: Intel(R) Xeon(R) Platinum 8360Y CPU @ 2.40GHz
Stepping: 6
Vulnerability Mds: Not affected
Vulnerability Tsx async abort: Not affected
//TSX feature flag not present on host
$ grep rtm /proc/cpuinfo
$
GUEST info:
Launch kvm/qemu guest with "-cpu host" and guest kernel parameter "tsx=on"
"rtm" shows up in /proc/cpuinfo
# rdmsr -a 0x122
0
0
0
0
// Guest sysfs shows mitigation being deployed.
[root@vm-fedora-35 ~]# grep .
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
Mitigation: Clear CPU buffers; SMT Host state unknown
Thanks,
Pawan
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-05-12 5:07 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-12 5:07 [Bug 215969] New: Guest deploying TAA mitigation on (not affected) ICX host bugzilla-daemon
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.