On Wed, Oct 13, 2021 at 03:22:30PM +0100, Jane Malalane wrote:
Currently, Linux probes for X86_BUG_NULL_SEL unconditionally which makes it unsafe to migrate in a virtualised environment as the properties across the migration pool might differ.
To be specific, the case which goes wrong is:
- Zen1 (or earlier) and Zen2 (or later) in a migration pool
- Linux boots on Zen2, probes and finds the absence of X86_BUG_NULL_SEL
- Linux is then migrated to Zen1
Linux is now running on a X86_BUG_NULL_SEL-impacted CPU while believing that the bug is fixed.
The only way to address the problem is to fully trust the "no longer affected" CPUID bit when virtualised, because in the above case it would be clear deliberately to indicate the fact "you might migrate to somewhere which has this behaviour".
Zen3 adds the NullSelectorClearsBase bit to indicate that loading a NULL segment selector zeroes the base and limit fields, as well as just attributes. Zen2 also has this behaviour but doesn't have the NSCB bit.
Signed-off-by: Jane Malalane jane.malalane@citrix.com
CC: x86@kernel.org CC: Thomas Gleixner tglx@linutronix.de CC: Ingo Molnar mingo@redhat.com CC: Borislav Petkov bp@alien8.de CC: "H. Peter Anvin" hpa@zytor.com CC: Pu Wen puwen@hygon.cn CC: Paolo Bonzini pbonzini@redhat.com CC: Sean Christopherson seanjc@google.com CC: Peter Zijlstra peterz@infradead.org CC: Andrew Cooper andrew.cooper3@citrix.com CC: Yazen Ghannam Yazen.Ghannam@amd.com CC: Brijesh Singh brijesh.singh@amd.com CC: Huang Rui ray.huang@amd.com CC: Andy Lutomirski luto@kernel.org CC: Kim Phillips kim.phillips@amd.com CC: stable@vger.kernel.org
These need to go above the --- line, otherwise they are cut off when the patch is applied and you will loose the cc: stable@ tag.
thanks,
greg k-h