From: "Li,Rongqing" <lirongqing@baidu.com>
To: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Cc: "tglx@linutronix.de" <tglx@linutronix.de>,
"bp@alien8.de" <bp@alien8.de>,
"peterz@infradead.org" <peterz@infradead.org>,
"jpoimboe@kernel.org" <jpoimboe@kernel.org>,
"mingo@redhat.com" <mingo@redhat.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"x86@kernel.org" <x86@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"david.kaplan@amd.com" <david.kaplan@amd.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: RE: [????] Re: [PATCH] x86/bugs: Fix GDS mitigation check for CPUs without ARCH_CAP_GDS_CTRL
Date: Fri, 15 Aug 2025 05:28:18 +0000 [thread overview]
Message-ID: <8caaa7fabf2446ffbac922dafaed3dc9@baidu.com> (raw)
In-Reply-To: <20250815050811.gm7nxcd7wn47lshy@desk>
> -----Original Message-----
> From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> Sent: 2025年8月15日 13:09
> To: Li,Rongqing <lirongqing@baidu.com>
> Cc: tglx@linutronix.de; bp@alien8.de; peterz@infradead.org;
> jpoimboe@kernel.org; mingo@redhat.com; dave.hansen@linux.intel.com;
> x86@kernel.org; hpa@zytor.com; david.kaplan@amd.com;
> linux-kernel@vger.kernel.org
> Subject: [????] Re: [PATCH] x86/bugs: Fix GDS mitigation check for CPUs without
> ARCH_CAP_GDS_CTRL
>
> On Fri, Aug 15, 2025 at 11:53:34AM +0800, lirongqing wrote:
> > From: Li RongQing <lirongqing@baidu.com>
> >
> > The commit 8c7261abcb7ad("x86/bugs: Add attack vector controls for
> > GDS") caused call traces during secondary CPU initialization because
> > it didn't properly handle CPUs that lack the ARCH_CAP_GDS_CTRL capability.
> >
> > For CPUs without ARCH_CAP_GDS_CTRL support, we should set the
> > mitigation to GDS_MITIGATION_UCODE_NEEDED rather than
> > GDS_MITIGATION_OFF, as these CPUs may still be vulnerable but cannot
> disable mitigation.
> >
> > Add the missing check for ARCH_CAP_GDS_CTRL to properly determine the
> > mitigation state for affected CPUs.
> >
> > [ 2.809147] unchecked MSR access error: RDMSR from 0x123 at rIP:
> 0xffffffffb3452807 (update_gds_msr+0x87/0xe0)
> > (update_gds_msr+0x87/0xe0)
> > [ 2.809147] Call Trace:
> > [ 2.809147] <TASK>
> > [ 2.809147] identify_secondary_cpu+0x72/0x90
> > [ 2.809147] start_secondary+0x7a/0x140
> > [ 2.809147] common_startup_64+0x13e/0x141
> > [ 2.809147] </TASK>
> > [ 2.809147] unchecked MSR access error: WRMSR to 0x123 (tried to write
> 0x0000000000000010) at rIP: 0xffffffffb34527b8
> > (update_gds_msr+0x38/0xe0)
> > [ 2.809147] Call Trace:
> > [ 2.809147] <TASK>
> > [ 2.809147] identify_secondary_cpu+0x72/0x90
> > [ 2.809147] start_secondary+0x7a/0x140
> > [ 2.809147] common_startup_64+0x13e/0x141
> > [ 2.809147] </TASK>
> > [ 2.809147] ------------[ cut here ]------------
> > [ 2.809147] WARNING: CPU: 1 PID: 0 at arch/x86/kernel/cpu/bugs.c:1053
> update_gds_msr+0x9b/0xe0
> >
> > Fixes: 8c7261abcb7ad ("x86/bugs: Add attack vector controls for GDS")
> > Signed-off-by: Li RongQing <lirongqing@baidu.com>
> > ---
> > arch/x86/kernel/cpu/bugs.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> > index b74bf93..3af911c 100644
> > --- a/arch/x86/kernel/cpu/bugs.c
> > +++ b/arch/x86/kernel/cpu/bugs.c
> > @@ -1071,6 +1071,8 @@ static void __init gds_select_mitigation(void)
> > gds_mitigation = GDS_MITIGATION_FULL;
> > else {
> > gds_mitigation = GDS_MITIGATION_OFF;
> > + if (!(x86_arch_cap_msr & ARCH_CAP_GDS_CTRL))
>
> This check is already present few lines below.
>
> > + gds_mitigation = GDS_MITIGATION_UCODE_NEEDED;
> > return;
>
> To avoid duplicating, a better fix could be to not return here, and let the next
> block DTRT:
But if cpu has ARCH_CAP_GDS_CTRL, the next block will be skipped, and the codes after checking ARCH_CAP_GDS_CTRL block will be run, this is not expected
So I add a duplicating check
Br
-Li
>
> /* No microcode */
> if (!(x86_arch_cap_msr & ARCH_CAP_GDS_CTRL)) {
> if (gds_mitigation != GDS_MITIGATION_FORCE)
> gds_mitigation =
> GDS_MITIGATION_UCODE_NEEDED;
> return;
> }
next prev parent reply other threads:[~2025-08-15 5:29 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-15 3:53 [PATCH] x86/bugs: Fix GDS mitigation check for CPUs without ARCH_CAP_GDS_CTRL lirongqing
2025-08-15 5:08 ` Pawan Gupta
2025-08-15 5:28 ` Li,Rongqing [this message]
2025-08-15 17:18 ` [????] " Pawan Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8caaa7fabf2446ffbac922dafaed3dc9@baidu.com \
--to=lirongqing@baidu.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=david.kaplan@amd.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.