From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jpoimboe@redhat.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 24 Oct
  2019 18:56:49 -0000
Received: from us-smtp-2.mimecast.com ([205.139.110.61]
 helo=us-smtp-delivery-1.mimecast.com)	by Galois.linutronix.de with esmtps
 (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)	(Exim 4.80)	(envelope-from
 <jpoimboe@redhat.com>)	id 1iNiHw-0006tH-E0	for speck@linutronix.de; Thu, 24
 Oct 2019 20:56:48 +0200
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No
 client certificate requested)	by mimecast-mx01.redhat.com (Postfix) with
 ESMTPS id 9DF56107AD31	for <speck@linutronix.de>; Thu, 24 Oct 2019 18:56:43
 +0000 (UTC)
Received: from treble (ovpn-121-225.rdu2.redhat.com [10.10.121.225])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 4B863100EBD2
	for <speck@linutronix.de>; Thu, 24 Oct 2019 18:56:43 +0000 (UTC)
Date: Thu, 24 Oct 2019 13:56:41 -0500
From: Josh Poimboeuf <jpoimboe@redhat.com>
Subject: [MODERATED] Re: [PATCH 4/9] TAA 4
Message-ID: <20191024185641.scwdwudazlqtmhpg@treble>
References: <cover.1571905227.git.bp@suse.de>
 <04f1ef8158e54eca18fc3951d75a00c5d398c429.1571905227.git.bp@suse.de>
 <20191024153240.26zdyr33r2o632ej@treble>
 <20191024164329.GE14115@zn.tnic>
 <f06a83ee-843b-714d-a61b-264f30f206b1@citrix.com>
MIME-Version: 1.0
In-Reply-To: <f06a83ee-843b-714d-a61b-264f30f206b1@citrix.com>
Content-Type: text/plain; charset="utf-8"
To: speck@linutronix.de
List-ID: <speck.linutronix.de>
Content-Transfer-Encoding: 8bit

On Thu, Oct 24, 2019 at 07:23:57PM +0100, speck for Andrew Cooper wrote:
> On 24/10/2019 17:43, speck for Borislav Petkov wrote:
> > On Thu, Oct 24, 2019 at 10:32:40AM -0500, speck for Josh Poimboeuf wrote:
> >> As I said before this would be a lot nicer if we could just add NO_TAA
> >> to the cpu_vuln_whitelist.
> > We're waiting for a list of CPUs from Intel here, right?
> >
> 
> There is no model list required.  Vulnerability to TAA is calculable
> directly from existing architectural sources.

Can you elaborate?  Earlier I suggested relying on NO_MDS in
cpu_vuln_whitelist, but I believe you said that's not sufficient,
because some of the non-MDS models don't have TSX, in which case we
shouldn't set TAA_BUG.

Which models are those?

Here's the current struct:

static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
	VULNWL(ANY,	4, X86_MODEL_ANY,	NO_SPECULATION),
	VULNWL(CENTAUR,	5, X86_MODEL_ANY,	NO_SPECULATION),
	VULNWL(INTEL,	5, X86_MODEL_ANY,	NO_SPECULATION),
	VULNWL(NSC,	5, X86_MODEL_ANY,	NO_SPECULATION),

	/* Intel Family 6 */
	VULNWL_INTEL(ATOM_SALTWELL,		NO_SPECULATION),
	VULNWL_INTEL(ATOM_SALTWELL_TABLET,	NO_SPECULATION),
	VULNWL_INTEL(ATOM_SALTWELL_MID,		NO_SPECULATION),
	VULNWL_INTEL(ATOM_BONNELL,		NO_SPECULATION),
	VULNWL_INTEL(ATOM_BONNELL_MID,		NO_SPECULATION),

	VULNWL_INTEL(ATOM_SILVERMONT,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS),
	VULNWL_INTEL(ATOM_SILVERMONT_D,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS),
	VULNWL_INTEL(ATOM_SILVERMONT_MID,	NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS),
	VULNWL_INTEL(ATOM_AIRMONT,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS),
	VULNWL_INTEL(XEON_PHI_KNL,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS),
	VULNWL_INTEL(XEON_PHI_KNM,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS),

	VULNWL_INTEL(CORE_YONAH,		NO_SSB),

	VULNWL_INTEL(ATOM_AIRMONT_MID,		NO_L1TF | MSBDS_ONLY | NO_SWAPGS),
	VULNWL_INTEL(ATOM_AIRMONT_NP,		NO_L1TF | NO_SWAPGS),

	VULNWL_INTEL(ATOM_GOLDMONT,		NO_TAA | NO_MDS | NO_L1TF | NO_SWAPGS),
	VULNWL_INTEL(ATOM_GOLDMONT_D,		NO_TAA | NO_MDS | NO_L1TF | NO_SWAPGS),
	VULNWL_INTEL(ATOM_GOLDMONT_PLUS,	NO_TAA | NO_MDS | NO_L1TF | NO_SWAPGS),

	/*
	 * Technically, swapgs isn't serializing on AMD (despite it previously
	 * being documented as such in the APM).  But according to AMD, %gs is
	 * updated non-speculatively, and the issuing of %gs-relative memory
	 * operands will be blocked until the %gs update completes, which is
	 * good enough for our purposes.
	 */

	/* AMD Family 0xf - 0x12 */
	VULNWL_AMD(0x0f,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS),
	VULNWL_AMD(0x10,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS),
	VULNWL_AMD(0x11,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS),
	VULNWL_AMD(0x12,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS),

	/* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */
	VULNWL_AMD(X86_FAMILY_ANY,	NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS),
	VULNWL_HYGON(X86_FAMILY_ANY,	NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS),
	{}
};

-- 
Josh