[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] qemu-cpu-models: Document -noTSX, mds-no, taa-no, and tsx
From: |
Paolo Bonzini |
Subject: |
Re: [PATCH v2] qemu-cpu-models: Document -noTSX, mds-no, taa-no, and tsx-ctrl |
Date: |
Wed, 22 Jan 2020 18:20:51 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.1 |
On 21/01/20 19:49, Kashyap Chamarthy wrote:
> Question: How can a user validate that TSX is indeed disabled for the
> guest?
Look for rtm in /proc/cpuinfo, or look at the TAA entry in the sysfs
vulnerabilities directory.
> +@item @code{mds-no}
> +
> +Recommended to inform the guest OS that the host is @i{not} vulnerable
> +to any of the MDS variants ([MFBDS] CVE-2018-12130, [MLPDS]
> +CVE-2018-12127, [MSBDS] CVE-2018-12126).
> +
> +This is an MSR (Model-Specific Register) feature rather than a CPUID
> +feature, so it will not appear in the Linux @code{/proc/cpuinfo} in the
> +host or guest. Instead, the host kernel uses it to populate the MDS
> +vulnerability file in @code{sysfs}.
> +
> +So it should only be enabled for VMs if the host reports @code{Not
> +affected} in the @code{/sys/devices/system/cpu/vulnerabilities/mds}
> +file.
> +
> +@item @code{taa-no}
> +
> +Recommended to inform that the guest that the host is @i{not} vulnerable
> +to CVE-2019-11135, TSX Asyncrnous Abort (TAA).
Asynchronous
> +
> +This too is an MSR feature, so it does not show up in the Linux
> +@code{/proc/cpuinfo} in the host or guest.
> +
> +It should only be enabled for VMs if the host reports @code{Not
> +affected} in the
> +@code{/sys/devices/system/cpu/vulnerabilities/tsx_async_abort} file.
> +
> +@item @code{tsx-ctrl}
> +
> +Recommended to inform the guest to @i{disable} the Intel TSX
> +(Transactional Synchronization Extensions) feature.
Not "to disable" but rather:
Recommended to inform the guest that it can disable the Intel TSX
feature or (if vulnerable) use the VERW instruction as a mitigation for
the TAA vulnerability.
Paolo
> Expose this to the
> +guest OS if and only if: (a) the host has TSX enabled; and (b) the guest
> +has @code{rtm} CPU flag enabled.
> +
> +By disabling TSX, KVM-based guests can avoid paying the price of
> +mitigting TSX-based attacks.
> +
> +Note that too is an MSR feature, so it does not show up in the Linux
> +@code{/proc/cpuinfo} in the host or guest.
> +
> @end table
>
> -
> @node preferred_cpu_models_amd_x86
> @subsubsection Preferred CPU models for AMD x86 hosts
>
>