• Waiman Long's avatar
    x86/speculation: Fix incorrect MDS/TAA mitigation status · 0af5ae26
    Waiman Long authored
    commit 64870ed1 upstream.
    
    For MDS vulnerable processors with TSX support, enabling either MDS or
    TAA mitigations will enable the use of VERW to flush internal processor
    buffers at the right code path. IOW, they are either both mitigated
    or both not. However, if the command line options are inconsistent,
    the vulnerabilites sysfs files may not report the mitigation status
    correctly.
    
    For example, with only the "mds=off" option:
    
      vulnerabilities/mds:Vulnerable; SMT vulnerable
      vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT vulnerable
    
    The mds vulnerabilities file has wrong status in this case. Similarly,
    the taa vulnerability file will be wrong with mds mitigation on, but
    taa off.
    
    Change taa_select_mitigation() to sync up the two mitigation status
    and have them turned off if both "mds=off" and "tsx_async_abort=off"
    are present.
    
    Update documentation to emphasize the fact that both "mds=off" and
    "tsx_async_abort=off" have to be specified together for processors that
    are affected by both TAA and MDS to be effective.
    
     [ bp: Massage and add kernel-parameters.txt change too. ]
    
    Fixes: 1b42f017 ("x86/speculation/taa: Add mitigation for TSX Async Abort")
    Signed-off-by: default avatarWaiman Long <longman@redhat.com>
    Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
    Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
    Cc: "H. Peter Anvin" <hpa@zytor.com>
    Cc: Ingo Molnar <mingo@redhat.com>
    Cc: Jiri Kosina <jkosina@suse.cz>
    Cc: Jonathan Corbet <corbet@lwn.net>
    Cc: Josh Poimboeuf <jpoimboe@redhat.com>
    Cc: linux-doc@vger.kernel.org
    Cc: Mark Gross <mgross@linux.intel.com>
    Cc: <stable@vger.kernel.org>
    Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: Tim Chen <tim.c.chen@linux.intel.com>
    Cc: Tony Luck <tony.luck@intel.com>
    Cc: Tyler Hicks <tyhicks@canonical.com>
    Cc: x86-ml <x86@kernel.org>
    Link: https://lkml.kernel.org/r/20191115161445.30809-2-longman@redhat.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    0af5ae26
bugs.c 43.7 KB