> On Feb 3, 2023, at 10:25 AM, Dave Hansen <dave.hansen@xxxxxxxxx> wrote: > > BTW, I'm basically moving forward assuming that we're going to apply > this patch in _some_ form. I'm going to make some changes, but I'll > discuss them in this thread to make sure we're all on the same page first. Just checking in on the changes mentioned here. > On 1/24/23 17:28, Eric Biggers wrote: >> +Affected CPUs >> +------------- >> + >> +This vulnerability affects Intel Core family processors based on the Ice Lake >> +and later microarchitectures, and Intel Atom family processors based on the >> +Gracemont and later microarchitectures. For more information, see Intel's >> +documentation [1]_. > > I had a hard time following the docs in this area. > > But I'm not sure this statement is correct. The docs actually say: > > For Intel® Core™ family processors based on microarchitectures > before Ice Lake and Intel Atom® family processors based on > microarchitectures before Gracemont that do not enumerate > IA32_UARCH_MISC_CTL, developers may assume that the instructions > listed here operate as if DOITM is enabled. Have we been able to clarify if this assumption is guaranteed? > > A processor needs to be before "Ice Lake" and friends *AND* not > enumerate IA32_UARCH_MISC_CTL to be unaffected. > > There's also another tweak that's needed because: > > Processors that do not enumerate IA32_ARCH_CAPABILITIES[DOITM] > when the latest microcode is applied do not need to set > IA32_UARCH_MISC_CTL [DOITM] in order to have the behavior > described in this document... > > First, we need to mention the "latest microcode" thing in the kernel > docs. I also _think_ the whole "microarchitectures before" stuff is > rather irrelevant and we can simplify this down to: > > This vulnerability affects all Intel processors that support > MSR_IA32_ARCH_CAPABILITIES and set MSR_IA32_ARCH_CAPABILITIES[DOITM] > when the latest microcode is applied. > Certainly a lot cleaner. Would be great if the Intel docs reflected this. — Regards, Roxana > Which reminds me. This: > >> +void update_doitm_msr(void) >> +{ >> + u64 msr; >> + >> + if (doitm_off) >> + return; >> + >> + rdmsrl(MSR_IA32_UARCH_MISC_CTL, msr); >> + wrmsrl(MSR_IA32_UARCH_MISC_CTL, msr | UARCH_MISC_DOITM); >> +} > > should probably be: > > void update_doitm_msr(void) > { > u64 msr; > > /* > * All processors that enumerate support for DOIT > * are affected *and* have the mitigation available. > */ > if (!boot_cpu_has_bug(X86_BUG_DODT)) > return; > > rdmsrl(MSR_IA32_UARCH_MISC_CTL, msr); > if (doitm_off) > msr &= ~UARCH_MISC_DOITM; > else > msr |= UARCH_MISC_DOITM; > wrmsrl(MSR_IA32_UARCH_MISC_CTL, msr); > } > > in case the CPU isn't actually coming out of reset, like if kexec() left > DOITM=1. >
Attachment:
signature.asc
Description: Message signed with OpenPGP