Date: Fri, 13 Dec 2019 06:54:41 +0000 (UTC) From: Scott Long <scottl@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r355701 - stable/11/sys/x86/x86 Message-ID: <201912130654.xBD6sfLW016968@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: scottl Date: Fri Dec 13 06:54:41 2019 New Revision: 355701 URL: https://svnweb.freebsd.org/changeset/base/355701 Log: Merge r355134,355375,355589 Clean up and clarify meta commentary on TAA. Add a state to denote that TSX doesn't exist on the CPU. x86: Add missed break to TAA status sysctl Fix the TAA state machine to do the right thing when the TAA migitation is available in microcode and the operator has set the sysctl to automatic mode. Sponsored by: Intel Modified: stable/11/sys/x86/x86/cpu_machdep.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/x86/x86/cpu_machdep.c ============================================================================== --- stable/11/sys/x86/x86/cpu_machdep.c Fri Dec 13 05:54:38 2019 (r355700) +++ stable/11/sys/x86/x86/cpu_machdep.c Fri Dec 13 06:54:41 2019 (r355701) @@ -1192,11 +1192,15 @@ SYSCTL_PROC(_hw, OID_AUTO, mds_disable, CTLTYPE_INT | int x86_taa_enable; int x86_taa_state; enum { - TAA_NONE = 0, - TAA_TSX_DISABLE = 1, - TAA_VERW = 2, - TAA_AUTO = 3, - TAA_TAA_NO = 4 + TAA_NONE = 0, /* No mitigation enabled */ + TAA_TSX_DISABLE = 1, /* Disable TSX via MSR */ + TAA_VERW = 2, /* Use VERW mitigation */ + TAA_AUTO = 3, /* Automatically select the mitigation */ + + /* The states below are not selectable by the operator */ + + TAA_TAA_UC = 4, /* Mitigation present in microcode */ + TAA_NOT_PRESENT = 5 /* TSX is not present */ }; static void @@ -1220,15 +1224,14 @@ x86_taa_recalculate(void) if ((cpu_stdext_feature & CPUID_STDEXT_HLE) == 0 || (cpu_stdext_feature & CPUID_STDEXT_RTM) == 0) { /* TSX is not present */ - x86_taa_state = 0; + x86_taa_state = TAA_NOT_PRESENT; return; } /* Check to see what mitigation options the CPU gives us */ if (cpu_ia32_arch_caps & IA32_ARCH_CAP_TAA_NO) { /* CPU is not suseptible to TAA */ - taa_need = TAA_NONE; - taa_state = TAA_TAA_NO; + taa_need = TAA_TAA_UC; } else if (cpu_ia32_arch_caps & IA32_ARCH_CAP_TSX_CTRL) { /* * CPU can turn off TSX. This is the next best option @@ -1335,8 +1338,11 @@ sysctl_taa_state_handler(SYSCTL_HANDLER_ARGS) case TAA_VERW: state = "VERW"; break; - case TAA_TAA_NO: - state = "Not vulnerable"; + case TAA_TAA_UC: + state = "Mitigated in microcode"; + break; + case TAA_NOT_PRESENT: + state = "TSX not present"; break; default: state = "unknown";
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912130654.xBD6sfLW016968>