// SPDX-License-Identifier: GPL-2.01/*2* Intel Transactional Synchronization Extensions (TSX) control.3*4* Copyright (C) 2019-2021 Intel Corporation5*6* Author:7* Pawan Gupta <[email protected]>8*/910#include <linux/cpufeature.h>1112#include <asm/cmdline.h>13#include <asm/cpu.h>14#include <asm/msr.h>1516#include "cpu.h"1718#undef pr_fmt19#define pr_fmt(fmt) "tsx: " fmt2021enum tsx_ctrl_states tsx_ctrl_state __ro_after_init = TSX_CTRL_NOT_SUPPORTED;2223static void tsx_disable(void)24{25u64 tsx;2627rdmsrq(MSR_IA32_TSX_CTRL, tsx);2829/* Force all transactions to immediately abort */30tsx |= TSX_CTRL_RTM_DISABLE;3132/*33* Ensure TSX support is not enumerated in CPUID.34* This is visible to userspace and will ensure they35* do not waste resources trying TSX transactions that36* will always abort.37*/38tsx |= TSX_CTRL_CPUID_CLEAR;3940wrmsrq(MSR_IA32_TSX_CTRL, tsx);41}4243static void tsx_enable(void)44{45u64 tsx;4647rdmsrq(MSR_IA32_TSX_CTRL, tsx);4849/* Enable the RTM feature in the cpu */50tsx &= ~TSX_CTRL_RTM_DISABLE;5152/*53* Ensure TSX support is enumerated in CPUID.54* This is visible to userspace and will ensure they55* can enumerate and use the TSX feature.56*/57tsx &= ~TSX_CTRL_CPUID_CLEAR;5859wrmsrq(MSR_IA32_TSX_CTRL, tsx);60}6162static enum tsx_ctrl_states x86_get_tsx_auto_mode(void)63{64if (boot_cpu_has_bug(X86_BUG_TAA))65return TSX_CTRL_DISABLE;6667return TSX_CTRL_ENABLE;68}6970/*71* Disabling TSX is not a trivial business.72*73* First of all, there's a CPUID bit: X86_FEATURE_RTM_ALWAYS_ABORT74* which says that TSX is practically disabled (all transactions are75* aborted by default). When that bit is set, the kernel unconditionally76* disables TSX.77*78* In order to do that, however, it needs to dance a bit:79*80* 1. The first method to disable it is through MSR_TSX_FORCE_ABORT and81* the MSR is present only when *two* CPUID bits are set:82*83* - X86_FEATURE_RTM_ALWAYS_ABORT84* - X86_FEATURE_TSX_FORCE_ABORT85*86* 2. The second method is for CPUs which do not have the above-mentioned87* MSR: those use a different MSR - MSR_IA32_TSX_CTRL and disable TSX88* through that one. Those CPUs can also have the initially mentioned89* CPUID bit X86_FEATURE_RTM_ALWAYS_ABORT set and for those the same strategy90* applies: TSX gets disabled unconditionally.91*92* When either of the two methods are present, the kernel disables TSX and93* clears the respective RTM and HLE feature flags.94*95* An additional twist in the whole thing presents late microcode loading96* which, when done, may cause for the X86_FEATURE_RTM_ALWAYS_ABORT CPUID97* bit to be set after the update.98*99* A subsequent hotplug operation on any logical CPU except the BSP will100* cause for the supported CPUID feature bits to get re-detected and, if101* RTM and HLE get cleared all of a sudden, but, userspace did consult102* them before the update, then funny explosions will happen. Long story103* short: the kernel doesn't modify CPUID feature bits after booting.104*105* That's why, this function's call in init_intel() doesn't clear the106* feature flags.107*/108static void tsx_clear_cpuid(void)109{110u64 msr;111112/*113* MSR_TFA_TSX_CPUID_CLEAR bit is only present when both CPUID114* bits RTM_ALWAYS_ABORT and TSX_FORCE_ABORT are present.115*/116if (boot_cpu_has(X86_FEATURE_RTM_ALWAYS_ABORT) &&117boot_cpu_has(X86_FEATURE_TSX_FORCE_ABORT)) {118rdmsrq(MSR_TSX_FORCE_ABORT, msr);119msr |= MSR_TFA_TSX_CPUID_CLEAR;120wrmsrq(MSR_TSX_FORCE_ABORT, msr);121} else if (cpu_feature_enabled(X86_FEATURE_MSR_TSX_CTRL)) {122rdmsrq(MSR_IA32_TSX_CTRL, msr);123msr |= TSX_CTRL_CPUID_CLEAR;124wrmsrq(MSR_IA32_TSX_CTRL, msr);125}126}127128/*129* Disable TSX development mode130*131* When the microcode released in Feb 2022 is applied, TSX will be disabled by132* default on some processors. MSR 0x122 (TSX_CTRL) and MSR 0x123133* (IA32_MCU_OPT_CTRL) can be used to re-enable TSX for development, doing so is134* not recommended for production deployments. In particular, applying MD_CLEAR135* flows for mitigation of the Intel TSX Asynchronous Abort (TAA) transient136* execution attack may not be effective on these processors when Intel TSX is137* enabled with updated microcode.138*/139static void tsx_dev_mode_disable(void)140{141u64 mcu_opt_ctrl;142143/* Check if RTM_ALLOW exists */144if (!boot_cpu_has_bug(X86_BUG_TAA) ||145!cpu_feature_enabled(X86_FEATURE_MSR_TSX_CTRL) ||146!cpu_feature_enabled(X86_FEATURE_SRBDS_CTRL))147return;148149rdmsrq(MSR_IA32_MCU_OPT_CTRL, mcu_opt_ctrl);150151if (mcu_opt_ctrl & RTM_ALLOW) {152mcu_opt_ctrl &= ~RTM_ALLOW;153wrmsrq(MSR_IA32_MCU_OPT_CTRL, mcu_opt_ctrl);154setup_force_cpu_cap(X86_FEATURE_RTM_ALWAYS_ABORT);155}156}157158void __init tsx_init(void)159{160char arg[5] = {};161int ret;162163tsx_dev_mode_disable();164165/*166* Hardware will always abort a TSX transaction when the CPUID bit167* RTM_ALWAYS_ABORT is set. In this case, it is better not to enumerate168* CPUID.RTM and CPUID.HLE bits. Clear them here.169*/170if (boot_cpu_has(X86_FEATURE_RTM_ALWAYS_ABORT)) {171tsx_ctrl_state = TSX_CTRL_RTM_ALWAYS_ABORT;172tsx_clear_cpuid();173setup_clear_cpu_cap(X86_FEATURE_RTM);174setup_clear_cpu_cap(X86_FEATURE_HLE);175return;176}177178/*179* TSX is controlled via MSR_IA32_TSX_CTRL. However, support for this180* MSR is enumerated by ARCH_CAP_TSX_MSR bit in MSR_IA32_ARCH_CAPABILITIES.181*182* TSX control (aka MSR_IA32_TSX_CTRL) is only available after a183* microcode update on CPUs that have their MSR_IA32_ARCH_CAPABILITIES184* bit MDS_NO=1. CPUs with MDS_NO=0 are not planned to get185* MSR_IA32_TSX_CTRL support even after a microcode update. Thus,186* tsx= cmdline requests will do nothing on CPUs without187* MSR_IA32_TSX_CTRL support.188*/189if (x86_read_arch_cap_msr() & ARCH_CAP_TSX_CTRL_MSR) {190setup_force_cpu_cap(X86_FEATURE_MSR_TSX_CTRL);191} else {192tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED;193return;194}195196ret = cmdline_find_option(boot_command_line, "tsx", arg, sizeof(arg));197if (ret >= 0) {198if (!strcmp(arg, "on")) {199tsx_ctrl_state = TSX_CTRL_ENABLE;200} else if (!strcmp(arg, "off")) {201tsx_ctrl_state = TSX_CTRL_DISABLE;202} else if (!strcmp(arg, "auto")) {203tsx_ctrl_state = x86_get_tsx_auto_mode();204} else {205tsx_ctrl_state = TSX_CTRL_DISABLE;206pr_err("invalid option, defaulting to off\n");207}208} else {209/* tsx= not provided */210if (IS_ENABLED(CONFIG_X86_INTEL_TSX_MODE_AUTO))211tsx_ctrl_state = x86_get_tsx_auto_mode();212else if (IS_ENABLED(CONFIG_X86_INTEL_TSX_MODE_OFF))213tsx_ctrl_state = TSX_CTRL_DISABLE;214else215tsx_ctrl_state = TSX_CTRL_ENABLE;216}217218if (tsx_ctrl_state == TSX_CTRL_DISABLE) {219tsx_disable();220221/*222* tsx_disable() will change the state of the RTM and HLE CPUID223* bits. Clear them here since they are now expected to be not224* set.225*/226setup_clear_cpu_cap(X86_FEATURE_RTM);227setup_clear_cpu_cap(X86_FEATURE_HLE);228} else if (tsx_ctrl_state == TSX_CTRL_ENABLE) {229230/*231* HW defaults TSX to be enabled at bootup.232* We may still need the TSX enable support233* during init for special cases like234* kexec after TSX is disabled.235*/236tsx_enable();237238/*239* tsx_enable() will change the state of the RTM and HLE CPUID240* bits. Force them here since they are now expected to be set.241*/242setup_force_cpu_cap(X86_FEATURE_RTM);243setup_force_cpu_cap(X86_FEATURE_HLE);244}245}246247void tsx_ap_init(void)248{249tsx_dev_mode_disable();250251if (tsx_ctrl_state == TSX_CTRL_ENABLE)252tsx_enable();253else if (tsx_ctrl_state == TSX_CTRL_DISABLE)254tsx_disable();255else if (tsx_ctrl_state == TSX_CTRL_RTM_ALWAYS_ABORT)256/* See comment over that function for more details. */257tsx_clear_cpuid();258}259260261