> On Feb 3, 2023, at 10:25 AM, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>
> BTW, I'm basically moving forward assuming that we're going to apply
> this patch in _some_ form. I'm going to make some changes, but I'll
> discuss them in this thread to make sure we're all on the same page first.
Just checking in on the changes mentioned here.
> On 1/24/23 17:28, Eric Biggers wrote:
>> +Affected CPUs
>> +-------------
>> +
>> +This vulnerability affects Intel Core family processors based on the Ice Lake
>> +and later microarchitectures, and Intel Atom family processors based on the
>> +Gracemont and later microarchitectures. For more information, see Intel's
>> +documentation [1]_.
>
> I had a hard time following the docs in this area.
>
> But I'm not sure this statement is correct. The docs actually say:
>
> For Intel® Core™ family processors based on microarchitectures
> before Ice Lake and Intel Atom® family processors based on
> microarchitectures before Gracemont that do not enumerate
> IA32_UARCH_MISC_CTL, developers may assume that the instructions
> listed here operate as if DOITM is enabled.
Have we been able to clarify if this assumption is guaranteed?
>
> A processor needs to be before "Ice Lake" and friends *AND* not
> enumerate IA32_UARCH_MISC_CTL to be unaffected.
>
> There's also another tweak that's needed because:
>
> Processors that do not enumerate IA32_ARCH_CAPABILITIES[DOITM]
> when the latest microcode is applied do not need to set
> IA32_UARCH_MISC_CTL [DOITM] in order to have the behavior
> described in this document...
>
> First, we need to mention the "latest microcode" thing in the kernel
> docs. I also _think_ the whole "microarchitectures before" stuff is
> rather irrelevant and we can simplify this down to:
>
> This vulnerability affects all Intel processors that support
> MSR_IA32_ARCH_CAPABILITIES and set MSR_IA32_ARCH_CAPABILITIES[DOITM]
> when the latest microcode is applied.
>
Certainly a lot cleaner. Would be great if the Intel docs reflected this.
—
Regards, Roxana
> Which reminds me. This:
>
>> +void update_doitm_msr(void)
>> +{
>> + u64 msr;
>> +
>> + if (doitm_off)
>> + return;
>> +
>> + rdmsrl(MSR_IA32_UARCH_MISC_CTL, msr);
>> + wrmsrl(MSR_IA32_UARCH_MISC_CTL, msr | UARCH_MISC_DOITM);
>> +}
>
> should probably be:
>
> void update_doitm_msr(void)
> {
> u64 msr;
>
> /*
> * All processors that enumerate support for DOIT
> * are affected *and* have the mitigation available.
> */
> if (!boot_cpu_has_bug(X86_BUG_DODT))
> return;
>
> rdmsrl(MSR_IA32_UARCH_MISC_CTL, msr);
> if (doitm_off)
> msr &= ~UARCH_MISC_DOITM;
> else
> msr |= UARCH_MISC_DOITM;
> wrmsrl(MSR_IA32_UARCH_MISC_CTL, msr);
> }
>
> in case the CPU isn't actually coming out of reset, like if kexec() left
> DOITM=1.
>
Attachment:
signature.asc
Description: Message signed with OpenPGP
