[Bug 215969] New: Guest deploying TAA mitigation on (not affected) ICX host

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.kernel.org/show_bug.cgi?id=215969

            Bug ID: 215969
           Summary: Guest deploying TAA mitigation on (not affected) ICX
                    host
           Product: Virtualization
           Version: unspecified
    Kernel Version: v5.18-rc3
          Hardware: Intel
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: high
          Priority: P1
         Component: kvm
          Assignee: virtualization_kvm@xxxxxxxxxxxxxxxxxxxx
          Reporter: pawan.kumar.gupta@xxxxxxxxxxxxxxx
        Regression: No

On a hardware that enumerates TAA_NO (i.e. not affected by TSX Async Abort
(TAA)), a certain guest/host configuration can result in guest enumerating TAA
vulnerability and unnecessarily deploying MD_CLEAR(CPU buffer clear)
mitigation. 

Icelake Server has TAA_NO and supports MSR TSX_CTRL, and by default linux
disables TSX feature, resetting CPUID.RTM at host bootup.

Currently KVM hides TAA_NO from guests when host has CPUID.RTM=0. Because KVM
also exports MSR TSX_CTRL to guests, a guest with "tsx=on" cmdline parameter
would enable TSX feature, setting X86_FEATURE_RTM.

taa_select_mitigation() with X86_FEATURE_RTM=1 and TAA_NO=0, deploys Clear CPU
buffers mitigation.

A probable fix is to export TAA_NO to guests. Alternately, KVM can choose not
to export MSR TSX_CTRL.

Guests anyways can't use MSR TSX_CTRL to enable TSX, but I think it was
exported to guest to support some migration scenarios:

  https://lore.kernel.org/lkml/20210129101912.1857809-1-pbonzini@xxxxxxxxxx/

---
Setup info:

ICX HOST configuration:

Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           106
Model name:                      Intel(R) Xeon(R) Platinum 8360Y CPU @ 2.40GHz
Stepping:                        6

Vulnerability Mds:               Not affected
Vulnerability Tsx async abort:   Not affected

//TSX feature flag not present on host
$ grep rtm /proc/cpuinfo
$


GUEST info:

Launch kvm/qemu guest with "-cpu host" and guest kernel parameter "tsx=on"

"rtm" shows up in /proc/cpuinfo

# rdmsr -a 0x122
0
0
0
0

// Guest sysfs shows mitigation being deployed.
[root@vm-fedora-35 ~]# grep .
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
Mitigation: Clear CPU buffers; SMT Host state unknown

Thanks,
Pawan

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are watching the assignee of the bug.



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux