historical-speck.lore.kernel.org archive mirror
 help / color / mirror / Atom feed
From: mark gross <mgross@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH 2/2] more sampling fun 2
Date: Thu, 20 Feb 2020 11:35:50 -0800	[thread overview]
Message-ID: <20200220193549.GF58564@mtg-dev.jf.intel.com> (raw)
In-Reply-To: <9ff51a370c09d7a1a32fe9b0748e91d72f0348ff.camel@decadent.org.uk>

On Thu, Feb 20, 2020 at 07:06:46PM +0000, speck for Ben Hutchings wrote:
> On Thu, 2020-01-16 at 14:16 -0800, speck for mark gross wrote:
> [...]
> > --- a/arch/x86/kernel/cpu/bugs.c
> > +++ b/arch/x86/kernel/cpu/bugs.c
> [...]
> > +void srbds_configure_mitigation(void)
> > +{
> > +	u64 mcu_ctrl;
> > +
> > +	if (!boot_cpu_has_bug(X86_BUG_SRBDS) && !boot_cpu_has_bug(X86_BUG_SRBDS_TSX))
> > +		return;
> > +
> > +	if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL))
> > +		return;
> > +
> > +	rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> > +	if (srbds_mitigation == SRBDS_MITIGATION_FULL)
> > +		mcu_ctrl &= ~SRBDS_MITG_DIS;
> > +	else if (srbds_mitigation == SRBDS_MITIGATION_OFF)
> > +		mcu_ctrl |= SRBDS_MITG_DIS;
> > +
> > +	if (boot_cpu_has_bug(X86_BUG_SRBDS_TSX) && !boot_cpu_has(X86_FEATURE_RTM))
> > +		mcu_ctrl |= SRBDS_MITG_DIS;
> 
> In this case we will incorrectly report "Mitigation: bus lock when
> using RDRAND or RDSEED" whereas the actual mitigation is that TSX is
> disabled.
I am not calling disabling TSX a mitigation in this case.  If TSX is disabled
then you are not vulnerable and the mitigation can be disabled..

> 
> > +	wrmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> > +}
> [...]
> > --- a/arch/x86/kernel/cpu/common.c
> > +++ b/arch/x86/kernel/cpu/common.c
> [...] 
> > @@ -1042,6 +1047,19 @@ static const struct x86_cpu_id_ext cpu_vuln_whitelist[] __initconst = {
> >  
> >  	VULNWL_INTEL(CORE_YONAH,		NO_SSB),
> >  
> > +	VULNWL_INTEL(IVYBRIDGE,		SRBDS), /*06_3A*/
> > +	VULNWL_INTEL(HASWELL,		SRBDS), /*06_3C*/
> > +	VULNWL_INTEL(HASWELL_L,		SRBDS), /*06_45*/
> > +	VULNWL_INTEL(HASWELL_G,		SRBDS), /*06_46*/
> > +	VULNWL_INTEL(BROADWELL_G,	SRBDS), /*06_47*/
> > +	VULNWL_INTEL(BROADWELL,		SRBDS), /*06_3D*/
> > +	VULNWL_INTEL(SKYLAKE_L,		SRBDS), /*06_4E*/
> > +	VULNWL_INTEL(SKYLAKE,		SRBDS), /*06_5E*/
> > +	VULNWL_INTEL_STEPPING(KABYLAKE_L, (BIT(0xA)-1),		SRBDS), /*06_8E steppings <=A*/
> 
> But this matches steppings 0-9.
well, with the bitmask its zero based indexing of the stepping.  I'll check
with others to double check my assumption.

> 
> > +	VULNWL_INTEL_STEPPING(KABYLAKE_L, BIT(0xB)|BIT(0xC),	SRBDS_TSX), /*06_8E stepping = 0xB if TSX enabled*/
> > +	VULNWL_INTEL_STEPPING(KABYLAKE, (BIT(0xB)-1),		SRBDS), /*06_9E steppings <=B*/
> 
> And this matches steppings 0-A.
> 
> > +	VULNWL_INTEL_STEPPING(KABYLAKE, BIT(0xC)|BIT(0xD),	SRBDS_TSX), /*06_9E stepping = 0xC if TSX enabled*/
> [...]
> 
> You should write the bit masks using GENMASK() instead of BIT().
Ok I'll swith to GENMASK on the next version.

--mark

  reply	other threads:[~2020-02-20 19:36 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <c5bae80efe4694c81d9cbbce633a2228086a330c.158215=?utf-8?q?2322?= .git.mgross@linux.intel.com>
2020-02-20 19:06 ` Ben Hutchings
2020-02-20 19:35   ` mark gross [this message]
2020-02-21 22:25     ` mark gross
2020-02-24 17:31 Konrad Rzeszutek Wilk
2020-02-24 18:17 ` [MODERATED] " Borislav Petkov
2020-02-24 21:39   ` mark gross
2020-02-24 23:10     ` [MODERATED] " Borislav Petkov
2020-02-25  1:26       ` Josh Poimboeuf
2020-02-25 10:46         ` Borislav Petkov
2020-02-25 14:18           ` Josh Poimboeuf
2020-02-25 14:23             ` Jiri Kosina
2020-02-25 14:44               ` Josh Poimboeuf
2020-02-25 14:59             ` Borislav Petkov
2020-02-26 20:20               ` Josh Poimboeuf
2020-02-26 21:16                 ` Thomas Gleixner
2020-02-26 22:19                   ` [MODERATED] " Konrad Rzeszutek Wilk

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200220193549.GF58564@mtg-dev.jf.intel.com \
    --to=mgross@linux.intel.com \
    --cc=speck@linutronix.de \
    --subject='[MODERATED] Re: [PATCH 2/2] more sampling fun 2' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).