On Wed, Oct 13, 2021 at 03:22:30PM +0100, Jane Malalane wrote: > Currently, Linux probes for X86_BUG_NULL_SEL unconditionally which > makes it unsafe to migrate in a virtualised environment as the > properties across the migration pool might differ. > > To be specific, the case which goes wrong is: > > 1. Zen1 (or earlier) and Zen2 (or later) in a migration pool > 2. Linux boots on Zen2, probes and finds the absence of X86_BUG_NULL_SEL > 3. Linux is then migrated to Zen1 > > Linux is now running on a X86_BUG_NULL_SEL-impacted CPU while believing > that the bug is fixed. > > The only way to address the problem is to fully trust the "no longer > affected" CPUID bit when virtualised, because in the above case it would > be clear deliberately to indicate the fact "you might migrate to > somewhere which has this behaviour". > > Zen3 adds the NullSelectorClearsBase bit to indicate that loading > a NULL segment selector zeroes the base and limit fields, as well as > just attributes. Zen2 also has this behaviour but doesn't have the > NSCB bit. > > Signed-off-by: Jane Malalane <jane.malalane@xxxxxxxxxx> > --- > CC: <x86@xxxxxxxxxx> > CC: Thomas Gleixner <tglx@xxxxxxxxxxxxx> > CC: Ingo Molnar <mingo@xxxxxxxxxx> > CC: Borislav Petkov <bp@xxxxxxxxx> > CC: "H. Peter Anvin" <hpa@xxxxxxxxx> > CC: Pu Wen <puwen@xxxxxxxx> > CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> > CC: Sean Christopherson <seanjc@xxxxxxxxxx> > CC: Peter Zijlstra <peterz@xxxxxxxxxxxxx> > CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > CC: Yazen Ghannam <Yazen.Ghannam@xxxxxxx> > CC: Brijesh Singh <brijesh.singh@xxxxxxx> > CC: Huang Rui <ray.huang@xxxxxxx> > CC: Andy Lutomirski <luto@xxxxxxxxxx> > CC: Kim Phillips <kim.phillips@xxxxxxx> > CC: <stable@xxxxxxxxxxxxxxx> These need to go above the --- line, otherwise they are cut off when the patch is applied and you will loose the cc: stable@ tag. thanks, greg k-h
