From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] [PATCH v5 03/11] TAAv5 3
Date: Fri, 4 Oct 2019 23:28:31 -0700 [thread overview]
Message-ID: <=?utf-8?q?=3Cded238ac9aaf598fd6ac1b448cb27d5f87d0e867=2E157025?= =?utf-8?q?5065=2Egit=2Epawan=2Ekumar=2Egupta=40linux=2Eintel=2Ecom=3E?=> (raw)
In-Reply-To: <cover.1570255065.git.pawan.kumar.gupta@linux.intel.com>
Disable TSX by default on bootup. If IA32_TSX_CTRL MSR is not present,
TSX state stays NOT_SUPPORTED which is the compile time default,
otherwise change TSX state to DISABLE. This is because on certain
processsors TSX may be used as a part of a speculative side channel
attack.
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Reviewed-by: Mark Gross <mgross@linux.intel.com>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
---
arch/x86/kernel/cpu/Makefile | 2 +-
arch/x86/kernel/cpu/cpu.h | 4 ++
arch/x86/kernel/cpu/intel.c | 2 +
arch/x86/kernel/cpu/tsx.c | 72 ++++++++++++++++++++++++++++++++++++
4 files changed, 79 insertions(+), 1 deletion(-)
create mode 100644 arch/x86/kernel/cpu/tsx.c
diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile
index d7a1e5a9331c..890f60083eca 100644
--- a/arch/x86/kernel/cpu/Makefile
+++ b/arch/x86/kernel/cpu/Makefile
@@ -30,7 +30,7 @@ obj-$(CONFIG_PROC_FS) += proc.o
obj-$(CONFIG_X86_FEATURE_NAMES) += capflags.o powerflags.o
ifdef CONFIG_CPU_SUP_INTEL
-obj-y += intel.o intel_pconfig.o
+obj-y += intel.o intel_pconfig.o tsx.o
obj-$(CONFIG_PM) += intel_epb.o
endif
obj-$(CONFIG_CPU_SUP_AMD) += amd.o
diff --git a/arch/x86/kernel/cpu/cpu.h b/arch/x86/kernel/cpu/cpu.h
index c0e2407abdd6..d864ec4180cc 100644
--- a/arch/x86/kernel/cpu/cpu.h
+++ b/arch/x86/kernel/cpu/cpu.h
@@ -62,4 +62,8 @@ unsigned int aperfmperf_get_khz(int cpu);
extern void x86_spec_ctrl_setup_ap(void);
+extern void tsx_init(struct cpuinfo_x86 *c);
+
+extern u64 read_ia32_arch_cap(void);
+
#endif /* ARCH_X86_CPU_H */
diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index 8d6d92ebeb54..b1d6c96f6b88 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -761,6 +761,8 @@ static void init_intel(struct cpuinfo_x86 *c)
detect_tme(c);
init_intel_misc_features(c);
+
+ tsx_init(c);
}
#ifdef CONFIG_X86_32
diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c
new file mode 100644
index 000000000000..c549750dd7c8
--- /dev/null
+++ b/arch/x86/kernel/cpu/tsx.c
@@ -0,0 +1,72 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Intel Transactional Synchronization Extensions (TSX) control.
+ *
+ * Copyright (C) 2019 Intel Corporation
+ *
+ * Author:
+ * Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
+ */
+
+#include <linux/processor.h>
+#include <linux/cpufeature.h>
+
+#include "cpu.h"
+
+static enum tsx_ctrl_states {
+ TSX_CTRL_ENABLE,
+ TSX_CTRL_DISABLE,
+ TSX_CTRL_NOT_SUPPORTED,
+} tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED;
+
+static void tsx_disable(void)
+{
+ u64 tsx;
+
+ rdmsrl(MSR_IA32_TSX_CTRL, tsx);
+
+ /* Force all transactions to immediately abort */
+ tsx |= TSX_CTRL_RTM_DISABLE;
+ /*
+ * Ensure TSX support is not enumerated in CPUID.
+ * This is visible to userspace and will ensure they
+ * do not waste resources trying TSX transactions that
+ * will always abort.
+ */
+ tsx |= TSX_CTRL_CPUID_CLEAR;
+
+ wrmsrl(MSR_IA32_TSX_CTRL, tsx);
+}
+
+static bool tsx_ctrl_is_supported(void)
+{
+ u64 ia32_cap = read_ia32_arch_cap();
+
+ /*
+ * TSX is controlled via MSR_IA32_TSX_CTRL. However,
+ * support for this MSR is enumerated by ARCH_CAP_TSX_MSR bit
+ * in MSR_IA32_ARCH_CAPABILITIES.
+ */
+ return !!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR);
+}
+
+void tsx_init(struct cpuinfo_x86 *c)
+{
+ if (!tsx_ctrl_is_supported())
+ return;
+
+ /*
+ * Default to TSX_CTRL_DISABLE. This is because on certain processors
+ * TSX may be used as part of a speculative side channel attack.
+ */
+ tsx_ctrl_state = TSX_CTRL_DISABLE;
+
+ tsx_disable();
+ /*
+ * tsx_disable() will change the state of the
+ * RTM CPUID bit. Clear it here since it is now
+ * expected to be not set.
+ */
+ clear_cpu_cap(c, X86_FEATURE_RTM);
+ setup_clear_cpu_cap(X86_FEATURE_RTM);
+}
--
2.20.1
next prev parent reply other threads:[~2019-10-05 6:34 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-05 6:17 [MODERATED] [PATCH v5 00/11] TAAv5 0 Pawan Gupta
2019-10-05 6:26 ` [MODERATED] [PATCH v5 01/11] TAAv5 1 Pawan Gupta
2019-10-05 6:27 ` [MODERATED] [PATCH v5 02/11] TAAv5 2 Pawan Gupta
2019-10-05 6:28 ` Pawan Gupta [this message]
2019-10-05 6:29 ` [MODERATED] [PATCH v5 04/11] TAAv5 4 Pawan Gupta
2019-10-05 6:30 ` [MODERATED] [PATCH v5 05/11] TAAv5 5 Pawan Gupta
2019-10-05 6:31 ` [MODERATED] [PATCH v5 06/11] TAAv5 6 Pawan Gupta
2019-10-05 6:32 ` [MODERATED] [PATCH v5 07/11] TAAv5 7 Pawan Gupta
2019-10-05 6:33 ` [MODERATED] [PATCH v5 08/11] TAAv5 8 Pawan Gupta
2019-10-05 6:34 ` [MODERATED] [PATCH v5 09/11] TAAv5 9 Pawan Gupta
2019-10-05 6:35 ` [MODERATED] [PATCH v5 10/11] TAAv5 10 Pawan Gupta
2019-10-05 6:36 ` [MODERATED] [PATCH v5 11/11] TAAv5 11 Pawan Gupta
2019-10-05 10:54 ` [MODERATED] Re: [PATCH v5 02/11] TAAv5 2 Borislav Petkov
2019-10-07 17:48 ` Pawan Gupta
[not found] ` <5d98396a.1c69fb81.6c7a8.23b1SMTPIN_ADDED_BROKEN@mx.google.com>
2019-10-05 21:43 ` [MODERATED] Re: [PATCH v5 03/11] TAAv5 3 Andy Lutomirski
2019-10-07 17:50 ` Pawan Gupta
[not found] ` <5d9839a4.1c69fb81.238e9.8312SMTPIN_ADDED_BROKEN@mx.google.com>
2019-10-05 21:45 ` [MODERATED] Re: [PATCH v5 04/11] TAAv5 4 Andy Lutomirski
[not found] ` <5d983ad2.1c69fb81.63edd.6575SMTPIN_ADDED_BROKEN@mx.google.com>
2019-10-05 21:49 ` [MODERATED] Re: [PATCH v5 09/11] TAAv5 9 Andy Lutomirski
2019-10-07 18:35 ` Pawan Gupta
[not found] ` <5d9838f1.1c69fb81.f1bab.d886SMTPIN_ADDED_BROKEN@mx.google.com>
2019-10-05 21:49 ` [MODERATED] Re: [PATCH v5 01/11] TAAv5 1 Andy Lutomirski
2019-10-06 17:40 ` Andrew Cooper
[not found] ` <5d983ad2.1c69fb81.e6640.8f51SMTPIN_ADDED_BROKEN@mx.google.com>
2019-10-06 17:06 ` [MODERATED] Re: [PATCH v5 09/11] TAAv5 9 Greg KH
2019-10-08 6:01 ` Pawan Gupta
2019-10-10 21:31 ` Pawan Gupta
2019-10-11 8:45 ` Greg KH
2019-10-21 8:00 ` Thomas Gleixner
2019-10-08 2:46 ` [MODERATED] Re: [PATCH v5 05/11] TAAv5 5 Josh Poimboeuf
2019-10-09 1:45 ` Pawan Gupta
2019-10-08 2:57 ` [MODERATED] Re: [PATCH v5 09/11] TAAv5 9 Josh Poimboeuf
2019-10-08 6:10 ` Pawan Gupta
2019-10-08 10:49 ` Jiri Kosina
2019-10-09 13:12 ` [MODERATED] Re: ***UNCHECKED*** [PATCH v5 08/11] TAAv5 8 Michal Hocko
2019-10-14 19:41 ` Thomas Gleixner
2019-10-14 19:51 ` [MODERATED] " Jiri Kosina
2019-10-14 21:04 ` [MODERATED] " Borislav Petkov
2019-10-14 21:31 ` Jiri Kosina
2019-10-15 8:01 ` Thomas Gleixner
2019-10-15 10:34 ` [MODERATED] Re: ***UNCHECKED*** " Michal Hocko
2019-10-15 13:06 ` Josh Poimboeuf
2019-10-15 13:10 ` Jiri Kosina
2019-10-15 15:26 ` Josh Poimboeuf
2019-10-15 15:32 ` Jiri Kosina
2019-10-15 19:34 ` Tyler Hicks
2019-10-15 20:00 ` Josh Poimboeuf
2019-10-15 20:15 ` Jiri Kosina
2019-10-15 20:35 ` Jiri Kosina
2019-10-15 20:54 ` Josh Poimboeuf
2019-10-15 20:56 ` [MODERATED] " Pawan Gupta
2019-10-15 21:14 ` Jiri Kosina
2019-10-15 23:12 ` Josh Poimboeuf
2019-10-15 23:13 ` [MODERATED] [AUTOREPLY] [MODERATED] [AUTOREPLY] Automatic reply: " James, Hengameh M
2019-10-16 4:52 ` [MODERATED] " Jiri Kosina
2019-10-16 5:05 ` Jiri Kosina
2019-10-21 21:15 ` Luck, Tony
2019-10-16 7:14 ` Josh Poimboeuf
2019-10-16 7:20 ` Jiri Kosina
2019-10-18 1:17 ` Ben Hutchings
2019-10-18 4:04 ` Pawan Gupta
2019-10-15 17:47 ` Borislav Petkov
2019-10-16 7:26 ` [MODERATED] Re: ***UNCHECKED*** " Jiri Kosina
2019-10-16 7:54 ` [MODERATED] Re: ***UNCHECKED*** " Michal Hocko
2019-10-16 9:23 ` [MODERATED] Re: ***UNCHECKED*** " Michal Hocko
2019-10-16 12:15 ` Thomas Gleixner
2019-10-16 18:34 ` [MODERATED] " Pawan Gupta
2019-10-18 0:14 ` Pawan Gupta
2019-10-21 8:09 ` Thomas Gleixner
2019-10-21 12:54 ` [MODERATED] Re: ***UNCHECKED*** " Michal Hocko
2019-10-21 20:01 ` [MODERATED] " Pawan Gupta
2019-10-21 20:33 ` Josh Poimboeuf
2019-10-21 20:34 ` Josh Poimboeuf
2019-10-21 20:33 ` Pawan Gupta
2019-10-21 23:01 ` Andrew Cooper
2019-10-21 23:37 ` Luck, Tony
2019-10-21 23:39 ` Andrew Cooper
2019-10-14 21:05 ` [MODERATED] Re: ***UNCHECKED*** " Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='=?utf-8?q?=3Cded238ac9aaf598fd6ac1b448cb27d5f87d0e867=2E157025?= =?utf-8?q?5065=2Egit=2Epawan=2Ekumar=2Egupta=40linux=2Eintel=2Ecom=3E?=' \
--to=pawan.kumar.gupta@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).