From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 15 Oct 2019 20:15:50 -0000 Received: from mx2.suse.de ([195.135.220.15] helo=mx1.suse.de) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1iKTES-0007j5-4o for speck@linutronix.de; Tue, 15 Oct 2019 22:15:49 +0200 Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 1133DAD05 for ; Tue, 15 Oct 2019 20:15:41 +0000 (UTC) Date: Tue, 15 Oct 2019 22:15:39 +0200 (CEST) From: Jiri Kosina Subject: [MODERATED] Re: ***UNCHECKED*** Re: [PATCH v5 08/11] TAAv5 8 In-Reply-To: <20191015200024.hxs4brxi7gbvmcdy@treble> Message-ID: References: <20191014210458.GF4957@zn.tnic> <20191015103454.GW317@dhcp22.suse.cz> <20191015130627.7jkhqy2zrtm35ool@treble> <20191015152649.yim4krwuttrh6xgi@treble> <20191015200024.hxs4brxi7gbvmcdy@treble> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Tue, 15 Oct 2019, speck for Josh Poimboeuf wrote: > Maybe I'm missing something. Isn't there going to be a ucode update for > MDS_NO parts, which does the verw buffer clearing? In that case there's > no need to disable TSX, and instead the verw mitigation could be used, > if desired. My understanding was that MDS_NO CPUs will only get ucode update that exposes TSX control MSR, and nothing else. > AFAICT, the patch allows to set the default to tsx=auto, which disables > TSX on *all* vulnerable parts, not just the MDS_NO ones. I don't see > how that would prevent user regressions. > > It sounds like maybe you're suggesting something else, that TSX should > only be disabled on vulnerable MDS_NO parts? OK, let me take a look at the code again. I definitely thought that's what 'auto' indeed does. -- Jiri Kosina SUSE Labs