From: mark gross <mgross@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH 2/2] more sampling fun 2
Date: Thu, 20 Feb 2020 11:35:50 -0800 [thread overview]
Message-ID: <20200220193549.GF58564@mtg-dev.jf.intel.com> (raw)
In-Reply-To: <9ff51a370c09d7a1a32fe9b0748e91d72f0348ff.camel@decadent.org.uk>
On Thu, Feb 20, 2020 at 07:06:46PM +0000, speck for Ben Hutchings wrote:
> On Thu, 2020-01-16 at 14:16 -0800, speck for mark gross wrote:
> [...]
> > --- a/arch/x86/kernel/cpu/bugs.c
> > +++ b/arch/x86/kernel/cpu/bugs.c
> [...]
> > +void srbds_configure_mitigation(void)
> > +{
> > + u64 mcu_ctrl;
> > +
> > + if (!boot_cpu_has_bug(X86_BUG_SRBDS) && !boot_cpu_has_bug(X86_BUG_SRBDS_TSX))
> > + return;
> > +
> > + if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL))
> > + return;
> > +
> > + rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> > + if (srbds_mitigation == SRBDS_MITIGATION_FULL)
> > + mcu_ctrl &= ~SRBDS_MITG_DIS;
> > + else if (srbds_mitigation == SRBDS_MITIGATION_OFF)
> > + mcu_ctrl |= SRBDS_MITG_DIS;
> > +
> > + if (boot_cpu_has_bug(X86_BUG_SRBDS_TSX) && !boot_cpu_has(X86_FEATURE_RTM))
> > + mcu_ctrl |= SRBDS_MITG_DIS;
>
> In this case we will incorrectly report "Mitigation: bus lock when
> using RDRAND or RDSEED" whereas the actual mitigation is that TSX is
> disabled.
I am not calling disabling TSX a mitigation in this case. If TSX is disabled
then you are not vulnerable and the mitigation can be disabled..
>
> > + wrmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> > +}
> [...]
> > --- a/arch/x86/kernel/cpu/common.c
> > +++ b/arch/x86/kernel/cpu/common.c
> [...]
> > @@ -1042,6 +1047,19 @@ static const struct x86_cpu_id_ext cpu_vuln_whitelist[] __initconst = {
> >
> > VULNWL_INTEL(CORE_YONAH, NO_SSB),
> >
> > + VULNWL_INTEL(IVYBRIDGE, SRBDS), /*06_3A*/
> > + VULNWL_INTEL(HASWELL, SRBDS), /*06_3C*/
> > + VULNWL_INTEL(HASWELL_L, SRBDS), /*06_45*/
> > + VULNWL_INTEL(HASWELL_G, SRBDS), /*06_46*/
> > + VULNWL_INTEL(BROADWELL_G, SRBDS), /*06_47*/
> > + VULNWL_INTEL(BROADWELL, SRBDS), /*06_3D*/
> > + VULNWL_INTEL(SKYLAKE_L, SRBDS), /*06_4E*/
> > + VULNWL_INTEL(SKYLAKE, SRBDS), /*06_5E*/
> > + VULNWL_INTEL_STEPPING(KABYLAKE_L, (BIT(0xA)-1), SRBDS), /*06_8E steppings <=A*/
>
> But this matches steppings 0-9.
well, with the bitmask its zero based indexing of the stepping. I'll check
with others to double check my assumption.
>
> > + VULNWL_INTEL_STEPPING(KABYLAKE_L, BIT(0xB)|BIT(0xC), SRBDS_TSX), /*06_8E stepping = 0xB if TSX enabled*/
> > + VULNWL_INTEL_STEPPING(KABYLAKE, (BIT(0xB)-1), SRBDS), /*06_9E steppings <=B*/
>
> And this matches steppings 0-A.
>
> > + VULNWL_INTEL_STEPPING(KABYLAKE, BIT(0xC)|BIT(0xD), SRBDS_TSX), /*06_9E stepping = 0xC if TSX enabled*/
> [...]
>
> You should write the bit masks using GENMASK() instead of BIT().
Ok I'll swith to GENMASK on the next version.
--mark
next prev parent reply other threads:[~2020-02-20 19:36 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <c5bae80efe4694c81d9cbbce633a2228086a330c.158215=?utf-8?q?2322?= .git.mgross@linux.intel.com>
2020-02-20 19:06 ` [MODERATED] Re: [PATCH 2/2] more sampling fun 2 Ben Hutchings
2020-02-20 19:35 ` mark gross [this message]
2020-02-21 22:25 ` mark gross
2020-02-24 17:31 Konrad Rzeszutek Wilk
2020-02-24 18:17 ` [MODERATED] " Borislav Petkov
2020-02-24 21:39 ` mark gross
2020-02-24 23:10 ` [MODERATED] " Borislav Petkov
2020-02-25 1:26 ` Josh Poimboeuf
2020-02-25 10:46 ` Borislav Petkov
2020-02-25 14:18 ` Josh Poimboeuf
2020-02-25 14:23 ` Jiri Kosina
2020-02-25 14:44 ` Josh Poimboeuf
2020-02-25 14:59 ` Borislav Petkov
2020-02-26 20:20 ` Josh Poimboeuf
2020-02-26 21:16 ` Thomas Gleixner
2020-02-26 22:19 ` [MODERATED] " Konrad Rzeszutek Wilk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200220193549.GF58564@mtg-dev.jf.intel.com \
--to=mgross@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).