From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <Andrew.Cooper3@citrix.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 10 Oct
  2019 00:01:49 -0000
Received: from esa4.hc3370-68.iphmx.com ([216.71.155.144])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <Andrew.Cooper3@citrix.com>)
	id 1iILts-0005KC-5n
	for speck@linutronix.de; Thu, 10 Oct 2019 02:01:48 +0200
Subject: [MODERATED] Re: [PATCH v6 1/9] TAAv6 1
References: <cover.1570658888.git.pawan.kumar.gupta@linux.intel.com>
 <761bccc8-4880-a190-a32f-98a487f0329e@citrix.com>
 <39d7dc3c-242b-693f-c950-05ccea9dc3df@citrix.com>
 <20191009235314.GA4287@agluck-desk2.amr.corp.intel.com>
From: Andrew Cooper <andrew.cooper3@citrix.com>
Message-ID: <c6e22bfb-578a-07b7-231f-854e540e3ac7@citrix.com>
Date: Thu, 10 Oct 2019 01:01:38 +0100
MIME-Version: 1.0
In-Reply-To: <20191009235314.GA4287@agluck-desk2.amr.corp.intel.com>
Content-Type: multipart/mixed; boundary="SPkXLg4HxCL7WM8LoGyagaSRMwNuTr9jc";
 protected-headers="v1"
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

--SPkXLg4HxCL7WM8LoGyagaSRMwNuTr9jc
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-GB

On 10/10/2019 00:53, speck for Luck, Tony wrote:
> On Thu, Oct 10, 2019 at 12:40:45AM +0100, speck for Andrew Cooper wrote=
:
>>> I don't know what the enabled status of HLE is on the MDS_NO, TAA par=
ts,
>>> and whether it is statically disabled with the TSX_CTRL microcode, bu=
t
>>> if it isn't statically disabled then it needs to be dynamically disab=
led
>>> by bit 0, or a 'CLFLUSH; XBEGIN ...; MOV secret' can still be used to=

>>> exploit TAA.
>> Apologies.=C2=A0 That is the RTM sequence.
>>
>> For HLE, I meant 'CLFLUSH; XAQUIRE ...; MOV secret'.
> Did we send out a review copy of the white paper for TAA yet?

Not as far as I am aware.=C2=A0 Have I missed something?

I'm still working from the ppdf from June 26th, which I seem to recall
was from just after the adjustment of bit 0's behaviour away from
causing #UD's.

> HLE is kind of buried, but we do say:
>
>    On processors that enumerate IA32_ARCH_CAPABILITIES[TSX_CTRL]
>    (bit 7)=3D1, HLE prefix hints are always ignored.
>
> Which is to say that HLE is unconditionally disabled by the
> new microcode for TAA.

Great.=C2=A0 I look forward to a paper to review.

Is that a firm decision on Ronak's suggestion that HLE is going to be
sunset?

~Andrew


--SPkXLg4HxCL7WM8LoGyagaSRMwNuTr9jc--