Re: [PATCH v2 4/6] x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key

From: kernel test robot
Date: Wed Oct 25 2023 - 18:08:52 EST

Next message: Mario Limonciello: "Re:"
Previous message: Pawan Gupta: "Re: [PATCH v3 1/6] x86/bugs: Add asm helpers for executing VERW"
In reply to: Pawan Gupta: "[PATCH v2 4/6] x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key"
Next in thread: Pawan Gupta: "[PATCH v2 5/6] KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Pawan,

kernel test robot noticed the following build warnings:

[auto build test WARNING on 05d3ef8bba77c1b5f98d941d8b2d4aeab8118ef1]

url: https://github.com/intel-lab-lkp/linux/commits/Pawan-Gupta/x86-bugs-Add-asm-helpers-for-executing-VERW/20231024-161029
base: 05d3ef8bba77c1b5f98d941d8b2d4aeab8118ef1
patch link: https://lore.kernel.org/r/20231024-delay-verw-v2-4-f1881340c807%40linux.intel.com
patch subject: [PATCH v2 4/6] x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key
reproduce: (https://download.01.org/0day-ci/archive/20231026/202310260517.TrEGc1ZW-lkp@xxxxxxxxx/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-kbuild-all/202310260517.TrEGc1ZW-lkp@xxxxxxxxx/

All warnings (new ones prefixed by >>):

>> Documentation/arch/x86/mds.rst:153: WARNING: Unexpected section title.

vim +153 Documentation/arch/x86/mds.rst

141
142 When transitioning from kernel to user space the CPU buffers are flushed
143 on affected CPUs when the mitigation is not disabled on the kernel
144 command line. The mitigation is enabled through the feature flag
145 X86_FEATURE_CLEAR_CPU_BUF.
146
147 The mitigation is invoked just before transitioning to userspace after
148 user registers are restored. This is done to minimize the window in
149 which kernel data could be accessed after VERW e.g. via an NMI after
150 VERW.
151
152 Corner case not handled
> 153 ^^^^^^^^^^^^^^^^^^^^^^^
154 Interrupts returning to kernel don't clear CPUs buffers since the
155 exit-to-user path is expected to do that anyways. But, there could be
156 a case when an NMI is generated in kernel after the exit-to-user path
157 has cleared the buffers. This case is not handled and NMI returning to
158 kernel don't clear CPU buffers because:
159
160 1. It is rare to get an NMI after VERW, but before returning to userspace.
161 2. For an unprivileged user, there is no known way to make that NMI
162 less rare or target it.
163 3. It would take a large number of these precisely-timed NMIs to mount
164 an actual attack. There's presumably not enough bandwidth.
165 4. The NMI in question occurs after a VERW, i.e. when user state is
166 restored and most interesting data is already scrubbed. Whats left
167 is only the data that NMI touches, and that may or may not be of
168 any interest.
169
170

--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Next message: Mario Limonciello: "Re:"
Previous message: Pawan Gupta: "Re: [PATCH v3 1/6] x86/bugs: Add asm helpers for executing VERW"
In reply to: Pawan Gupta: "[PATCH v2 4/6] x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key"
Next in thread: Pawan Gupta: "[PATCH v2 5/6] KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]