From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 01 Mar 2019 14:04:26 -0000 Received: from mx1.redhat.com ([209.132.183.28]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gzim0-0004PK-N6 for speck@linutronix.de; Fri, 01 Mar 2019 15:04:25 +0100 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6522D3097131 for ; Fri, 1 Mar 2019 14:04:18 +0000 (UTC) Received: from treble (ovpn-122-204.rdu2.redhat.com [10.10.122.204]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0E3BD19C72 for ; Fri, 1 Mar 2019 14:04:17 +0000 (UTC) Date: Fri, 1 Mar 2019 08:04:15 -0600 From: Josh Poimboeuf Subject: [MODERATED] Re: [patch V5 09/14] MDS basics 9 Message-ID: <20190301140415.pjv7qjellvqrlbw5@treble> References: <20190227150939.605235753@linutronix.de> <20190227152037.818666801@linutronix.de> MIME-Version: 1.0 In-Reply-To: <20190227152037.818666801@linutronix.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Wed, Feb 27, 2019 at 04:09:48PM +0100, speck for Thomas Gleixner wrote: > Subject: [patch V5 09/14] x86/speculation/mds: Conditionally clear CPU buffers on idle entry > From: Thomas Gleixner > > Add a static key which controls the invocation of the CPU buffer clear > mechanism on idle entry. This is independent of other MDS mitigations > because the idle entry invocation to mitigate the potential leakage due to > store buffer repartitioning is only necessary on SMT systems. > > Add the actual invocations to the different halt/mwait variants which > covers all usage sites. mwaitx is not patched as it's not available on > Intel CPUs. > > The buffer clear is only invoked before entering the C-State to prevent > that stale data from the idling CPU is spilled to the Hyper-Thread sibling > after the Store buffer got repartitioned and all entries are available to > the non idle sibling. Andrea brought up a good question privately -- this patch mitigates MSBDS for HT, but HT will still be susceptible to the other two MDS issues. So what's the point? It seems this patch only protects people who don't care about MDS in the first place. -- Josh