| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Sep 2021 22:38:16 -0700
From: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>
To: Hao Peng <flyingpenghao@...il.com>
Cc: Xiaoyao Li <xiaoyao.li@...el.com>, Borislav Petkov <bp@...en8.de>,
tglx@...utronix.de, mingo@...hat.com, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/tsx: clear RTM and HLE when MSR_IA32_TSX_CTRL is not
supported
On 07.09.2021 12:39, Hao Peng wrote:
>On Tue, Sep 7, 2021 at 12:26 PM Xiaoyao Li <xiaoyao.li@...el.com> wrote:
>>
>> On 9/7/2021 11:40 AM, Hao Peng wrote:
>> > On Tue, Sep 7, 2021 at 10:56 AM Xiaoyao Li <xiaoyao.li@...el.com> wrote:
>> >>
>> >> On 9/7/2021 10:35 AM, Hao Peng wrote:
>> >>> On Tue, Sep 7, 2021 at 10:08 AM Xiaoyao Li <xiaoyao.li@...el.com> wrote:
>> >>>>
>> >>>> On 9/7/2021 9:47 AM, Hao Peng wrote:
>> >>>>> On Mon, Sep 6, 2021 at 5:30 PM Borislav Petkov <bp@...en8.de> wrote:
>> >>>>>>
>> >>>>>> On Mon, Sep 06, 2021 at 10:46:05AM +0800, Hao Peng wrote:
>> >>>>>>> If hypervisor does not support MSR_IA32_TSX_CTRL, but guest supports
>> >>>>>>> RTM and HLE features, it will affect TAA mitigation.
>> >>>>>>>
>> >>>>>>> Signed-off-by: Peng Hao <flyingpeng@...cent.com>
>> >>>>>>> ---
>> >>>>>>> arch/x86/kernel/cpu/tsx.c | 7 +++++++
>> >>>>>>> 1 file changed, 7 insertions(+)
>> >>>>>>>
>> >>>>>>> diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c
>> >>>>>>> index 9c7a5f049292..5e852c14fef2 100644
>> >>>>>>> --- a/arch/x86/kernel/cpu/tsx.c
>> >>>>>>> +++ b/arch/x86/kernel/cpu/tsx.c
>> >>>>>>> @@ -122,6 +122,13 @@ void __init tsx_init(void)
>> >>>>>>>
>> >>>>>>> if (!tsx_ctrl_is_supported()) {
>> >>>>>>> tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED;
>> >>>>>>> +
>> >>>>>>> + /* If hypervisor does not support MSR_IA32_TSX_CTRL emulation,
>> >>>>>>> + * but guest supports RTM and HLE features, it will affect TAA
>> >>>>>>> + * (tsx_async_abort)mitigation.
>> >>>>>>> + */
>> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_RTM);
>> >>>>>>> + setup_clear_cpu_cap(X86_FEATURE_HLE);
>> >>>>
>> >>>> anyway, IMHO, we shouldn't do anything here for TAA. It should be in
>> >>>> taa_select_mitigation()
>> >>>>
>> >>>>>>> return;
>> >>>>>>> }
>> >>>>>>
>> >>>>>> How does that even happen - the hypervisor does not support the MSR but
>> >>>>>> "guest supports" TSX features?!
>> >>>>>>
>> >>>>>> I guess the guest is detecting it wrong.
>> >>>>>>
>> >>>>>> What hypervisor, what guest, how do I reproduce?
>> >>>>>>
>> >>>>> hypervisor is kvm, guest is linux too.
>> >>>>>> Please give full details.
>> >>>>>>
>> >>>>> The host I used is kernel-5.4, and guest is kernel-5.13.
>> >>>>> MSR_IA32_TSX_CTRL is exposed
>> >>>>> to guest and guest to support RTM and HLE features, no direct
>> >>>>> dependence. at the qemu I
>> >>>>> started guest with -cpu host-model.
>> >>>>> I have viewed the code of kernel-5.4, and MSR_IA32_TSX_CTRL is not
>> >>>>> exposed to guest.
>> >>>>
>> >>>> Does guest see TAA_NO bit?
>> >>>>
>> >>> Guest can't see taa_no, which requires updating qemu to solve. But I think
>> >>> there is a compatibility process here.
>> >>
>> >> Anyway, there should be some existing code in kernel already to handle
>> >> the case that CPUID reports TRM while MSR_IA32_CORE_CAPABILITIES doesn't
>> >> report MSR_TSX_CTRL nor TAA_NO.
>> >>
>> > Can you point out which patches ? At present, guest is kernel-5.13
>> > still has this problem.
>>
>> What's the output of 'cat
>> /sys/devices/system/cpu/vulnerabilities/tsx_async_abort' on your guest?
>>
>Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown.
This suggests that the microcode is old. Can you please share the output
of below cmds on host and guest:
$ grep . /sys/devices/system/cpu/vulnerabilities/*
$ lscpu
$ grep microcode /proc/cpuinfo | uniq
$ cat /proc/cmdline
Thanks,
Pawan
Powered by blists - more mailing lists