Re: [PATCH] x86/speculation: Fix incorrect MDS/TAA mitigation status
From: Pawan Gupta
Date: Thu Nov 14 2019 - 15:19:50 EST
On Wed, Nov 13, 2019 at 02:33:50PM -0500, Waiman Long wrote:
> For MDS vulnerable processors with TSX support, enabling either MDS
> or TAA mitigations will enable the use of VERW to flush internal
> processor buffers at the right code path. IOW, they are either both
> mitigated or both not mitigated. However, if the command line options
> are inconsistent, the vulnerabilites sysfs files may not report the
> mitigation status correctly.
>
> For example, with only the "mds=off" option:
>
> vulnerabilities/mds:Vulnerable; SMT vulnerable
> vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT vulnerable
>
> The mds vulnerabilities file has wrong status in this case.
>
> Change taa_select_mitigation() to sync up the two mitigation status
> and have them turned off if both "mds=off" and "tsx_async_abort=off"
> are present.
>
> Signed-off-by: Waiman Long <longman@xxxxxxxxxx>
> ---
> arch/x86/kernel/cpu/bugs.c | 17 +++++++++++++++--
> 1 file changed, 15 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index 4c7b0fa15a19..418d41c1fd0d 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -304,8 +304,12 @@ static void __init taa_select_mitigation(void)
> return;
> }
>
> - /* TAA mitigation is turned off on the cmdline (tsx_async_abort=off) */
> - if (taa_mitigation == TAA_MITIGATION_OFF)
> + /*
> + * TAA mitigation via VERW is turned off if both
> + * tsx_async_abort=off and mds=off are specified.
> + */
> + if (taa_mitigation == TAA_MITIGATION_OFF &&
> + mds_mitigation == MDS_MITIGATION_OFF)
> goto out;
>
> if (boot_cpu_has(X86_FEATURE_MD_CLEAR))
> @@ -339,6 +343,15 @@ static void __init taa_select_mitigation(void)
> if (taa_nosmt || cpu_mitigations_auto_nosmt())
> cpu_smt_disable(false);
>
> + /*
> + * Update MDS mitigation, if necessary, as the mds_user_clear is
> + * now enabled for TAA mitigation.
> + */
> + if (mds_mitigation == MDS_MITIGATION_OFF &&
> + boot_cpu_has_bug(X86_BUG_MDS)) {
> + mds_mitigation = MDS_MITIGATION_FULL;
> + mds_select_mitigation();
This will cause a confusing print in dmesg from previous and this call
to mds_select_mitigation().
"MDS: Vulnerable"
"MDS: Mitigation: Clear CPU buffers"
Maybe delay MDS mitigation print till TAA is evaluated.
Thanks,
Pawan