From: Borislav Petkov <bp@suse.de>
To: Pavel Machek <pavel@ucw.cz>
Cc: Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org, r.marek@assembler.cz,
ricardo.neri-calderon@linux.intel.com, rkrcmar@redhat.com,
Janakarajan.Natarajan@amd.com, x86@kernel.org, hpa@zytor.com,
mingo@redhat.com, Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH] clarify how insecure CPU is
Date: Sun, 4 Mar 2018 15:27:36 +0100 [thread overview]
Message-ID: <20180304142736.GC1142@pd.tnic> (raw)
In-Reply-To: <20180304140147.GA7276@amd>
On Sun, Mar 04, 2018 at 03:01:48PM +0100, Pavel Machek wrote:
> > Not "might be needed" - "X86_BUG_AMD_APIC_C1E will be set if platform is
> > affected".
>
> That's not what Thomas was explaining to me.
It is in the comment he pasted:
* Check whether the machine is affected by erratum 400. This is
* used to select the proper idle routine and to enable the check
* whether the machine is affected in arch_post_acpi_init(), which
* sets the X86_BUG_AMD_APIC_C1E bug depending on the MSR check.
> So.. what's magical about it, why do we need two bits, and why is that
> not explained in the header file?
Lemme enable line numbers so that you can find it:
arch/x86/include/asm/cpufeatures.h:
19 /*
20 * Note: If the comment begins with a quoted string, that string is used
21 * in /proc/cpuinfo instead of the macro name. If the string is "",
22 * this feature bit is not displayed in /proc/cpuinfo at all.
> Please go through the email thread,
No, you read Thomas' mail again.
> I'm trying to understand what is going on here,
Nothing's going on, it works as designed.
X86_BUG_AMD_E400 marks all CPUs which could be affected by erratum 400
and X86_BUG_AMD_APIC_C1E is the bit we set when we detect that the CPU
is *actually* affected because we need to do the detection late, after
ACPI has been initialized.
A CPU might be affected by the erratum - bit X86_BUG_AMD_E400 - but if
the BIOS doesn't enter C1E, then the erratum doesn't come to manifest
itself, i.e., we don't set X86_BUG_AMD_APIC_C1E.
If it is still not clear, read the erratum 400 description in the
revision guide.
The code works perfectly fine.
Unless you're experiencing a problem with it. Then I'm all ears.
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--
prev parent reply other threads:[~2018-03-04 14:27 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-08 20:10 [PATCH] clarify how insecure CPU is Pavel Machek
2018-01-08 20:27 ` Thomas Gleixner
2018-01-08 23:03 ` Pavel Machek
2018-01-08 23:44 ` Thomas Gleixner
2018-03-03 21:06 ` Pavel Machek
2018-03-04 7:34 ` Thomas Gleixner
2018-03-04 8:51 ` Pavel Machek
2018-03-04 9:29 ` Borislav Petkov
2018-03-04 14:01 ` Pavel Machek
2018-03-04 14:27 ` Borislav Petkov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180304142736.GC1142@pd.tnic \
--to=bp@suse.de \
--cc=Janakarajan.Natarajan@amd.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pavel@ucw.cz \
--cc=r.marek@assembler.cz \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox