[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] x86: Add MMIO Stale Data arch_caps to hardware domain
- To: Jason Andryuk <jandryuk@xxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>
- From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
- Date: Mon, 18 Jul 2022 17:11:40 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bpEeEnMoazSH37zmBTpeDyfR94GPgA7oxIZzCUgfafM=; b=LnMN5HNjdRcl50njd9wNTQGaHZUGXrB2OJUMBQQO+ugErDowzAyggiEWC98P65sZZ1FcEd6nna0T0m5mn8SSDTS0ebuYrZDg+pcwkWTJPfTedJ/rvHReaGr43OQAhw6B9QpMqw4kUjCUPf/rj73GuqNCVJmzZlOB8Et3N8bgQEnb1lqlr/9MaZlJMrlq8iC5MnM1volgv8TkoM5yvzQCFRe3q8ZV5PJ+YDfUMDxJsFEEslY5ltG4mlYLyB7L32HS2Gbj/iGzBkKn/ko3Up03ZtyFT0y7IB47RT0zCwMwNpXvdF+zC6/D6q1iSRdPGvvI2fGMMX0tT2umgb81NrTLwg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ANnFqDytOVrpsd726MqAeRdkc+Nwox9cNhlS7ppaSca1HncMw+boW4ye7OVYqICivsJJe49Do554EXxKtiZ3pk2A47EpHwi4kgIJv+2dYCqGcDkB8PqNTViFAzUtegDkCDPPVdJG2vf4+4Xixck/IM+2T/d8sBAiw7Kbo90K4h1vk0VSk9hW8uQ6cNZEqpCt0wOxwkP2PoOjI2Rkz/lLpoN17OdkSQ+yIVn9aHjCEIDZy3xOWyiC8UiPI9mG+xktZVzW1kF2bjB0wV3NO5csQ46w439SQ/UjGiL39dxJ3jnKorDN2nqqxvMi3bHJxa+PjK9UaKEvDkZVkABJd4Jyjw==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Mon, 18 Jul 2022 17:12:08 +0000
- Ironport-data: A9a23:hDZPVqiMDRiIVtqTs3JBfucDX161VREKZh0ujC45NGQN5FlHY01je htvXjyPaP+ONjP2eNkkb9ji9xwF6sCGyodjQQo+rylhFnwb9cadCdqndUqhZCn6wu8v7a5EA 2fyTvGacajYm1eF/k/F3oDJ9CU6j+fQLlbFILasEjhrQgN5QzsWhxtmmuoo6qZlmtH8CA6W0 T/Ii5S31GSNhnglaAr414rZ8Ek15Kur6GtB1rADTasjUGH2xiF94K03fcldH1OgKqFIE+izQ fr0zb3R1gs1KD90V7tJOp6iGqE7aua60Tqm0xK6aID76vR2nQQg075TCRYpQRw/ZwNlPTxG4 I4lWZSYEW/FN0BX8QgXe0Ew/ypWZcWq9FJbSJQWXAP6I0DuKhPRL/tS4E4eY85C9MhFPD51r NcGcCIvXhemqevs6efuIgVsrpxLwMjDGqo64i0l6A6DSPEsTNbEXrnA4sJe0HEonMdSEP3CZ s0fLz1ycBDHZB4JMVASYH48tL7w2j+jLHsH8xTM+vZfD2v7lWSd1JDENtbPd8PMbsJShkuC/ UrN/njjAwFcP9uaodaA2i3y3rGXxXukMG4UPJ6Ey9dJkkLC/TEaWEYXX1mxi8mzuHfrDrqzL GRRoELCt5Ma9kWtQsPsQh6Qr3uNvxpaUN1Ve8U44gyQzqvf4y6CG3MJCDVGbbQOq8seVTEsk FiTkLvBFTFp9bGYV3+Z3rOVti+pfzgYK3cYYi0JRhdD5MPsyLzflTrKR9dnVauq1Nv8HGmsx yjQ9XdiwbIOkcQMyqO3u0jdhC6hrYTISQhz4RjLWmWi7UVyY4vNi5GU1GU3JM1odO6xJmRtd lBf8yRCxIji1a2wqRE=
- Ironport-hdrordr: A9a23:xcDFs6+DnJebvU7pRxZuk+F7db1zdoMgy1knxilNoENuH/Bwxv rFoB1E73TJYW4qKQodcdDpAtjifZtFnaQFrLX5To3SJjUO31HYYL2KjLGSiQEIfheTygcz79 YGT0ETMrzN5B1B/L7HCWqDYpkdKbu8gcaVbI7lph8DIz2CKZsQljuRYTzrcHGeMTM2YabRY6 Dsg/avyQDBRV0nKuCAQlUVVenKoNPG0Lj8ZwQdOhIh4A6SyRu19b/TCXGjr1YjegIK5Y1n3X nOkgT/6Knmmeq80AXg22ja6IkTsMf9y+FEGNeHhqEuW3XRY0eTFcdcso+5zXUISdKUmRIXeR 730lAd1vFImjHsl6eO0F3QMkfboW8TAjTZuCKlaDPY0LDErXQBeoR8bMtiA2XkAwBLhqAC7I tbm22erJZZFhXGgWD04MXJTQhjkg6urWMlivN7tQ0XbWIyUs4nkWUkxjIiLL4QWCbhrIw3Gu hnC8/RoP5QbFOBdnjc+m1i2salUHg/FgqPBhFqgL3f7xFG2HRii0cIzs0WmXkNsJo7Vplf/u zBdqBljqtHQMMaZb90QO0BXcy0AGrQRg+kChPbHX33UKUcf37doZ/+57s4oOmsZZwT1ZM33I /MVVtJ3FRCD34Gyff+qaGj3iq9MFlVBw6du/22z6IJyYHUVf7sLTCJTkwono+pv+gfa/erKc qOBA==
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHYmq9yYQzuH8tiwky2K0QD3c10L62ELQqAgAAEr4CAACvLgA==
- Thread-topic: [PATCH] x86: Add MMIO Stale Data arch_caps to hardware domain
On 18/07/2022 15:34, Jason Andryuk wrote:
> On Mon, Jul 18, 2022 at 10:18 AM Jan Beulich <jbeulich@xxxxxxxx> wrote:
>> On 18.07.2022 16:05, Jason Andryuk wrote:
>>> Let the hardware domain know about the hardware it is running on. This
>>> allows a linux Dom0 to know that it has the appropriate microcode via
>>> FB_CLEAR. /sys/devices/system/cpu/vulnerabilities/mmio_stale_data
>>> changes from:
>>> "Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state
>>> unknown"
>>> to:
>>> "Mitigation: Clear CPU buffers; SMT Host state unknown"
>>>
>>> Signed-off-by: Jason Andryuk <jandryuk@xxxxxxxxx>
>>> ---
>>> Should calculate_host_policy()'s arch_caps mask also be updated? They
>>> are not identical today, but I'm don't know this code to understand why
>>> they differ.
>> I think this wants updating too, yes. I'm afraid I have to leave it to
>> Andrew to provide the reasons for the differences between the two.
>>
>> I would further suggest to also consider adding RRSBA and BHI_NO, even
>> if then the title would want adjusting. And finally I'd like to ask to
>> add a proper Fixes: tag (or more), as it looks like the updating here
>> was simply forgotten when the bits were introduced. Ideally we'd have
>> a way for the compiler to remind us of updates being needed (or at
>> least be considered) here.
> That all sounds good.
This is all one giant hack because of the fact we don't virtualise
MSR_ARCH_CAPS properly for guests yet.
Furthermore, Linux's sysfs files are largely nonsense in a PV guest.
"SMT=unknown" is a good example, but others need help too.
The calculate_host_policy() list does want updating. That's my fault
for forgetting; it's the first MSR "feature leaf" and none of this is
calculated automatically.
The raw and host values are exactly as per CPUID. raw = real CPU
values, host = subset that Xen understands.
In reality, there's a lot of hardware where model checks should cause us
to synthesize bits in the host policy which are missing in raw, but
doing that nicely still depends on untangling microcode loading from
xmalloc() so we can sort things out much earlier.
I agree with Jan that dom0 should see RRSBA and BHI_NO. The former
should be enumerated from ADL/SPR whereas I have no idea when BHI_NO
might land.
~Andrew
|
