From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 24 Oct 2019 19:01:51 -0000 Received: from mga18.intel.com ([134.134.136.126]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1iNiMm-0007A5-Jo for speck@linutronix.de; Thu, 24 Oct 2019 21:01:50 +0200 Date: Thu, 24 Oct 2019 11:55:32 -0700 From: Pawan Gupta Subject: [MODERATED] Re: [PATCH 8/9] TAA 8 Message-ID: <20191024185532.GA20569@guptapadev.amr> References: <5b426d6ab55e7aa9efc33f0e3eefe84419a18c56.1571905227.git.bp@suse.de> <20191024160312.auyqdk5geednwmdt@treble> <20191024173538.GG14115@zn.tnic> <20191024181120.4fzn6vifnhjtssiz@treble> MIME-Version: 1.0 In-Reply-To: <20191024181120.4fzn6vifnhjtssiz@treble> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: > > > > +For the affected platforms below table indicates the mitigation status for the > > > > +combinations of CPUID bit MD_CLEAR and IA32_ARCH_CAPABILITIES MSR bits MDS_NO > > > > +and TSX_CTRL_MSR. > > > > + > > > > + ======= ========= ============= ======================================== > > > > + MDS_NO MD_CLEAR TSX_CTRL_MSR Status > > > > + ======= ========= ============= ======================================== > > > > + 0 0 0 Vulnerable (needs ucode) > > > > + 0 1 0 MDS and TAA mitigated via VERW > > > > + 1 1 0 MDS fixed, TAA vulnerable if TSX enabled > > > > + because MD_CLEAR has no meaning and > > > > + VERW is not guaranteed to clear buffers > > > > > > (needs ucode) ? > > > > Will there even be microcode for those to beef up VERW? > > This might be a question for Intel, but I assumed this is the case where > the new microcode on the MDS_NO parts would enable the VERW buffer > clearing. That is correct. > > > > +If the microcode is available and the TSX is disabled on the host, attacks > > > > +are prevented in a virtualized environment as well, even if the VMs do not > > > > +explicitly enable the mitigation. > > > > > > What's the effect on VM security if TSX is enabled and the host TAA > > > mitigation is also enabled? > > > > Same as in the !VM case, I'd assume. tsx_async_abort=full,nosmt should > > give you full mitigation. > > Right, the effects of the host mitigation options on the guest would be > useful here. When TSX is enabled on host part 6/9 exports MDS_NO=0 to VMs, so that VMs deploy MDS mitigation which also mitigates TAA. > > > > +Mitigation strategy > > > > +------------------- > > > > + > > > > +a) TSX disable - one of the mitigations is to disable TSX. A new MSR > > > > +IA32_TSX_CTRL will be available in future and current processors after > > > > > > which processors? > > > > The MDS_NO=1 and future parts, I guess. > > Right, that should be clarified. This is correct, list of MDS_NO=1 parts shared earlier, and the future parts. Thanks, Pawan