From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id ABD10C433EF for ; Wed, 13 Oct 2021 16:46:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 81CD26109E for ; Wed, 13 Oct 2021 16:46:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230204AbhJMQsg (ORCPT ); Wed, 13 Oct 2021 12:48:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:48746 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230118AbhJMQsf (ORCPT ); Wed, 13 Oct 2021 12:48:35 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id AA9E760E54; Wed, 13 Oct 2021 16:46:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1634143592; bh=gZxxSZNJVcGCly4XUFrQovq9UG2RxCIqbq1MKEQS/DU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=O8z+AEdyWQ6c+sX1kouv5fa84k9VD/agQAO02nF8IUy8VyqZP+619NH/GUhVr9GDQ w0/ECZ7foV62zyo40t7ZDAgGpP5JgaaC2KMP68dtGYFwLqMOFk/+/NG92Y64F9N29q nWBiqWDgNaxD3BR0vE7hT1+oDbMWWrlZrxljB8lQ= Date: Wed, 13 Oct 2021 18:46:29 +0200 From: Greg KH To: Jane Malalane Cc: LKML , x86@kernel.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Pu Wen , Paolo Bonzini , Sean Christopherson , Peter Zijlstra , Andrew Cooper , Yazen Ghannam , Brijesh Singh , Huang Rui , Andy Lutomirski , Kim Phillips , stable@vger.kernel.org Subject: Re: [PATCH v2] x86/cpu: Fix migration safety with X86_BUG_NULL_SEL Message-ID: References: <20211013142230.10129-1-jane.malalane@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211013142230.10129-1-jane.malalane@citrix.com> Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org On Wed, Oct 13, 2021 at 03:22:30PM +0100, Jane Malalane wrote: > Currently, Linux probes for X86_BUG_NULL_SEL unconditionally which > makes it unsafe to migrate in a virtualised environment as the > properties across the migration pool might differ. > > To be specific, the case which goes wrong is: > > 1. Zen1 (or earlier) and Zen2 (or later) in a migration pool > 2. Linux boots on Zen2, probes and finds the absence of X86_BUG_NULL_SEL > 3. Linux is then migrated to Zen1 > > Linux is now running on a X86_BUG_NULL_SEL-impacted CPU while believing > that the bug is fixed. > > The only way to address the problem is to fully trust the "no longer > affected" CPUID bit when virtualised, because in the above case it would > be clear deliberately to indicate the fact "you might migrate to > somewhere which has this behaviour". > > Zen3 adds the NullSelectorClearsBase bit to indicate that loading > a NULL segment selector zeroes the base and limit fields, as well as > just attributes. Zen2 also has this behaviour but doesn't have the > NSCB bit. > > Signed-off-by: Jane Malalane > --- > CC: > CC: Thomas Gleixner > CC: Ingo Molnar > CC: Borislav Petkov > CC: "H. Peter Anvin" > CC: Pu Wen > CC: Paolo Bonzini > CC: Sean Christopherson > CC: Peter Zijlstra > CC: Andrew Cooper > CC: Yazen Ghannam > CC: Brijesh Singh > CC: Huang Rui > CC: Andy Lutomirski > CC: Kim Phillips > CC: These need to go above the --- line, otherwise they are cut off when the patch is applied and you will loose the cc: stable@ tag. thanks, greg k-h