From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tglx@linutronix.de>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 27 Feb
  2019 17:49:54 -0000
Received: from p5492e5b8.dip0.t-ipconnect.de ([84.146.229.184] helo=nanos)
	by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <tglx@linutronix.de>)
	id 1gz3L7-0007lv-FM
	for speck@linutronix.de; Wed, 27 Feb 2019 18:49:53 +0100
Date: Wed, 27 Feb 2019 18:49:47 +0100 (CET)
From: Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [patch V5 14/14] MDS basics 14
In-Reply-To: <20190227152038.298511806@linutronix.de>
Message-ID: <alpine.DEB.2.21.1902271846090.1644@nanos.tec.linutronix.de>
References: <20190227150939.605235753@linutronix.de>
 <20190227152038.298511806@linutronix.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Wed, 27 Feb 2019, speck for Thomas Gleixner wrote:
> +Virtualization mitigation
> +^^^^^^^^^^^^^^^^^^^^^^^^^
> +
> +  The protection for host to guest transition depends on the L1TF
> +  vulnerability of the CPU:
> +
> +  - CPU is affected by L1TF:
> +
> +    If the L1D flush mitigation is enabled and up to date microcode is
> +    available, the L1D flush mitigation is automatically protecting the
> +    guest transition. If the L1D flush mitigation is disabled the MDS
> +    mitigation is disabled as well.

Not true. Dammit. Write patch, write documentation, hate it, change patch,
get dragged into a meeting, forget about documentation. I so hate my life.

> +    For details on L1TF and virtualization see:
> +    :ref:`Documentation/admin-guide/hw-vuln//l1tf.rst <mitigation_control_kvm>`.
> +
> +  - CPU is not affected by L1TF:
> +
> +    CPU buffers are flushed before entering the guest when the host MDS
> +    protection is enabled.
> +
> +  The resulting MDS protection matrix for the host to guest transition:
> +
> +  ============ ===== ============= ============ =================
> +   L1TF         MDS   VMX-L1FLUSH   Host MDS     State
> +
> +   Don't care   No    Don't care    N/A          Not affected
> +
> +   Yes          Yes   Disabled      Don't care   Vulnerable

This has to be:

 +   Yes          Yes   Disabled      Off   Vulnerable
 +   Yes          Yes   Disabled      Full  Mitigated

Bah. I changed this because the L1TF mitigation is off when EPT is
disabled, but in that case the MDS mitigation should not hang off the L1TF
state.

Thanks,

	tglx