From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pawan.kumar.gupta@linux.intel.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 15 Oct
  2019 21:02:33 -0000
Received: from mga17.intel.com ([192.55.52.151])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <pawan.kumar.gupta@linux.intel.com>)
	id 1iKTxg-0008RM-DJ
	for speck@linutronix.de; Tue, 15 Oct 2019 23:02:32 +0200
Date: Tue, 15 Oct 2019 13:56:31 -0700
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Subject: [MODERATED] Re: [PATCH v5 08/11] TAAv5 8
Message-ID: <20191015205631.GF30412@guptapadev.amr>
References: <nycvar.YFH.7.76.1910142327350.13160@cbobk.fhfr.pm>
 <alpine.DEB.2.21.1910151000480.1880@nanos.tec.linutronix.de>
 <20191015103454.GW317@dhcp22.suse.cz>
 <20191015130627.7jkhqy2zrtm35ool@treble>
 <nycvar.YFH.7.76.1910151509040.13160@cbobk.fhfr.pm>
 <20191015152649.yim4krwuttrh6xgi@treble>
 <nycvar.YFH.7.76.1910151728110.13160@cbobk.fhfr.pm>
 <20191015200024.hxs4brxi7gbvmcdy@treble>
 <nycvar.YFH.7.76.1910152204070.13160@cbobk.fhfr.pm>
 <nycvar.YFH.7.76.1910152228520.13160@cbobk.fhfr.pm>
MIME-Version: 1.0
In-Reply-To: <nycvar.YFH.7.76.1910152228520.13160@cbobk.fhfr.pm>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Tue, Oct 15, 2019 at 10:35:04PM +0200, speck for Jiri Kosina wrote:
> On Tue, 15 Oct 2019, speck for Jiri Kosina wrote:
> 
> > > Maybe I'm missing something.  Isn't there going to be a ucode update for
> > > MDS_NO parts, which does the verw buffer clearing?  In that case there's
> > > no need to disable TSX, and instead the verw mitigation could be used,
> > > if desired.
> > 
> > My understanding was that MDS_NO CPUs will only get ucode update that 
> > exposes TSX control MSR, and nothing else.
> > 
> > > AFAICT, the patch allows to set the default to tsx=auto, which disables 
> > > TSX on *all* vulnerable parts, not just the MDS_NO ones.  I don't see 
> > > how that would prevent user regressions.
> > > 
> > > It sounds like maybe you're suggesting something else, that TSX should
> > > only be disabled on vulnerable MDS_NO parts?
> > 
> > OK, let me take a look at the code again. I definitely thought that's what 
> > 'auto' indeed does.
> 
> OK, so you are right and I misunderstood the logic in the code, sorry. 
> 
> Then the only purpose of 'auto' really is getting TSX enabled on future 
> CPUs which would eventually have ARCH_CAP_TAA_NO=1; so pretty useless for 
> preventing regressions.
> 
> So yeah, I agree, 'auto' is actually useless to prevent regressions, and I 
> believe we want some other 'auto' (*), which would actually disable TSX 
> only if (X86_BUG_TAA && !MD_CLEAR), agreed?
> 
> (*) I'd actually prefer to convert the current 'auto' to this new 
>     semantics; it'll keep TSX enabled on future CPUs without X86_BUG_TAA,
>     and it'll prevent regressions in unnecessary cases.

tsx_ctrl_is_supported() checks for the TSX_CTRL MSR support and then
only attempts at disabling TSX. MDS_NO=0 CPUs will not get the ucode
update for TSX control, therefore tsx=auto wont cause regression on
older CPUs. 

Thanks,
Pawan