lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 31 Jul 2018 17:42:27 +0000
From:   "Prakhya, Sai Praneeth" <sai.praneeth.prakhya@...el.com>
To:     Thomas Gleixner <tglx@...utronix.de>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "Chen, Tim C" <tim.c.chen@...el.com>,
        "Hansen, Dave" <dave.hansen@...el.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>,
        Ingo Molnar <mingo@...nel.org>
Subject: RE: [PATCH V2] x86/speculation: Support Enhanced IBRS on future CPUs

> The feature strings are automatically generated from the define. The comment
> can be used to supress them by an empty "" string or to modify them by a
> "override" string at the beginning of the comment.

I overlooked "override" part. Sorry! about that.
It's clear now. Thanks for the explanation.

> >
> > > > +	WARN_ON_ONCE(x86_spec_ctrl_base & SPEC_CTRL_IBRS);
> 
> Please remove the warnon as well.
>

Sure! I removed it but forgot to mention it.

> > > > +	/* Ensure SPEC_CTRL_IBRS is set after VMEXIT from a guest */
> > > > +	x86_spec_ctrl_base |= SPEC_CTRL_IBRS;
> > >
> > > And what exactly writes the MSR?
> > >
> >
> > While booting, x86_spec_ctrl_setup_ap() does that and after VMEXIT
> > x86_spec_ctrl_restore_host().
> >
> > As x86_spec_ctrl_setup_ap() does wrmsrl(MSR_IA32_SPEC_CTRL,
> > x86_spec_ctrl_base), I thought writing here would be redundant.
> 
> x86_spec_ctrl_setup_ap() is only called on the AP but not on the BP. So the boot
> processor will not have it set, unless something else writes the MSR. So you
> really want to have an explicit write there.

Yes, that makes sense.
But on the machine, I see IBRS bit set on all cores. As you said, someone else might 
be writing the MSR. I will try to find that out and will update the patch accordingly.

I initially suspected it to be __ssb_select_mitigation() as I have 
"spec_store_bypass_disable=on" in the kernel command line, but turns out it's not so.
I will update you more on this.

Regards,
Sai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ