Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported

From: Pawan Gupta
Date: Tue Sep 07 2021 - 18:57:46 EST

Next message: abhinavk: "Re: [PATCH] drm/msm/dsi: Use division result from div_u64_rem in 7nm and 14nm PLL"
Previous message: Mark Brown: "Re: [PATCH] Revert "Enable '-Werror' by default for all kernel builds""
In reply to: Hao Peng: "Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07.09.2021 14:36, Hao Peng wrote:

On Tue, Sep 7, 2021 at 1:13 PM Pawan Gupta
<pawan.kumar.gupta@xxxxxxxxxxxxxxx> wrote:

On 06.09.2021 10:46, Hao Peng wrote:
>If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports
>RTM and HLE features, it will affect TAA mitigation.

Guests are on purpose not allowed to control TSX via MSR_IA32_TSX_CTRL,
otherwise a malicious guest can enable TSX and attack host or other
guests. The TAA mitigation within a guest is same as MDS i.e.
micro-architectural buffer clear using VERW instruction. Support for
VERW is added by the microcode update and enumerate by
MSR_ARCH_CAP[MD_CLEAR] bit.

>Signed-off-by: Peng Hao <flyingpeng@xxxxxxxxxxx>
>---
> arch/x86/kernel/cpu/tsx.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
>diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c
>index 9c7a5f049292..5e852c14fef2 100644
>--- a/arch/x86/kernel/cpu/tsx.c
>+++ b/arch/x86/kernel/cpu/tsx.c
>@@ -122,6 +122,13 @@ void __init tsx_init(void)
>
> if (!tsx_ctrl_is_supported()) {
> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED;
>+
>+ /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation,
>+ * but guest supports RTM and HLE features, it will affect TAA
>+ * （tsx_async_abort）mitigation.
>+ */
>+ setup_clear_cpu_cap(X86_FEATURE_RTM);
>+ setup_clear_cpu_cap(X86_FEATURE_HLE);

This is not correct. TSX feature can exist without TSX_CTRL MSR.
Moreover, clearing the cached bits with setup_clear_cpu_cap() doesn't
disable the TSX feature in CPU.

After applying this patch, the output of
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
becomes “Mitigation: TSX disabled”.Do you mean that tsx is still
enabled in this case in guest?

If the host has TSX enabled, guest can use TSX instructions irrespective
of what cpu capabilities in the guest says.

I made a mistake in the description before. This problem occurred
under the qemu -cpu Icelake-server .

So looks like the real problem is with qemu feature definitions for
cpu "Icelake-Server", it is probably not exporting "taa-no".

When I debug this problem to -cpu host, the guest can see taa-no.
Thanks.

Thats good.

Next message: abhinavk: "Re: [PATCH] drm/msm/dsi: Use division result from div_u64_rem in 7nm and 14nm PLL"
Previous message: Mark Brown: "Re: [PATCH] Revert "Enable '-Werror' by default for all kernel builds""
In reply to: Hao Peng: "Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not supported"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]