From nobody Sat Feb 7 04:57:02 2026 Received: from mail-ej1-f42.google.com (mail-ej1-f42.google.com [209.85.218.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2582615A4B5 for ; Mon, 29 Jul 2024 16:41:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271280; cv=none; b=uVWxb8XQy5z6hAOHiq2HQXq/Ts+6Ea1561jCSg+XIcfEXyQ1GifCJg1N301T6Ew/ENvvJTPxTJlJEuYBTJoCIf505rBDk5YZU3w/XWwIGBrtMgZJ3PirCJxs/ArksRd1bZ6cBlNOGi7BCnc4uUOAxrvYU9MpOklq8atxiokBprA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271280; c=relaxed/simple; bh=6rcMagJ7mWbCEq35zb7pMeRMD5LXdRD0AysXQUEy7Xo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dOsCw5S3dyqlfWF2REUGUDMfoOGzG9M1eCvzgTtbR9bYSYvxZnx1LkIkYdx4+CtOmxcFYHDKLmyLZYqO4KDSogBfGepsScHlzvg9IT1JidouGB+qRDSzsn+5diPwk7LSfnXj4BnPu+hNVJMym7D2sHABzFSYyOFFW00wXItwwvU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.218.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ej1-f42.google.com with SMTP id a640c23a62f3a-a7a9cf7d3f3so426406666b.1 for ; Mon, 29 Jul 2024 09:41:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271277; x=1722876077; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=s2j5jkjNn2B0/XVzt+Dt9KYJOFlfA2VHs6r7IWJt9nQ=; b=DY2bw7wXIihnLyN8vnfnaV6C0Kpx/WmH0OQMrZpQGm6teYpRRPFxYmLgbN303U8zSZ 9eNYXD4K3QL9giaHw7YJACMib5bfAsP2s0p3qt0DdWDtCxwLPGytdP4eYaskDaP+lQS5 2fHxGkkTLL6iCF2+nZ9O+xOgvjohZX+A88UB+3WeNEbc/98pBwMCRQH+o5OqLzVnTzbW NGg8HqgsJIHw33g6lqDxRK0+qN42o6dcVaR5rpCiKES+j/tj7eHUSJnJYy5jaJwAZEoN 8EPcnfjT8hGGF3VOKqAtt/5a32nmDprKimJI3+p1UWMZ357gABTQUdzw+niRECvl+ke1 IHsQ== X-Gm-Message-State: AOJu0Yxp11/01Yu4BSmOmHut8lOmJQV3wzsxT3niaRLycj3zU9ECnD7k 4XxJaMlo7dCRaxm8MzPcS+quEs1DhYyGPO6YQmxf7qXwsXzA7g5M X-Google-Smtp-Source: AGHT+IF+MZIu/xl68Na6XzN3+Qbkw27J7pAi6f3W23QeGMj/hVOZB7S9FCINqfXtuEAcE/t3I45O1w== X-Received: by 2002:a17:907:7202:b0:a77:e48d:bc3 with SMTP id a640c23a62f3a-a7d3ffa1f5cmr699463066b.19.1722271277239; Mon, 29 Jul 2024 09:41:17 -0700 (PDT) Received: from localhost (fwdproxy-lla-008.fbsv.net. [2a03:2880:30ff:8::face:b00c]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7acab4de47sm531016266b.67.2024.07.29.09.41.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:16 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 01/11] x86/bugs: Add a separate config for MDS Date: Mon, 29 Jul 2024 09:40:49 -0700 Message-ID: <20240729164105.554296-2-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the MDS CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 9 +++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 007bab9f2a0e..36e871ab1ef9 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2650,6 +2650,15 @@ config MITIGATION_SPECTRE_BHI indirect branches. See =20 +config MITIGATION_MDS + bool "Mitigate Microarchitectural Data Sampling (MDS) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Microarchitectural Data Sampling (MDS). MDS is + a hardware vulnerability which allows unprivileged speculative access + to data which is available in various CPU internal buffers. + See also endif =20 config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 45675da354f3..dbfc7d5c5f48 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -233,7 +233,8 @@ static void x86_amd_ssb_disable(void) #define pr_fmt(fmt) "MDS: " fmt =20 /* Default mitigation for MDS-affected CPUs */ -static enum mds_mitigations mds_mitigation __ro_after_init =3D MDS_MITIGAT= ION_FULL; +static enum mds_mitigations mds_mitigation __ro_after_init =3D + IS_ENABLED(CONFIG_MITIGATION_MDS) ? MDS_MITIGATION_FULL : MDS_MITIGATION_= OFF; static bool mds_nosmt __ro_after_init =3D false; =20 static const char * const mds_strings[] =3D { --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com [209.85.208.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 59FDA181339 for ; Mon, 29 Jul 2024 16:41:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271283; cv=none; b=jVSbSATKSacA+BBBzjSHRkUdDuASVe85foc22ogYy3ZT4uhXB3g1Lcww42/ng00iVrZGMu+7lCJEiQ2VFVLP+wbx2q25qOABizmzgLC9cLSZUVAhXMsyFalipoyK54IR389K6/g0Y0CSM7Wnek2nQZNVVWuztbbnJH0UZ5SWZAg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271283; c=relaxed/simple; bh=Vetwzj4+BAGwDqtXnQb61Ek8qLkJQ4cLw/LDmoJs5sU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=O64dq5cFNjzrps4jLcRI8Ne3IASCDpqexjqzzD4r6vJXCiNnF2SMmbg86R4BgfI1jnTkTjU29a7UHDdeCnoJu4xOWUFMcy1oNHQSeV5HUM9O9j9pEQxiZnCBBWZXLNlFgageExCvqRWVfFNCOf2RC+dZ/Za9H45sBRO8bxe+rn4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f176.google.com with SMTP id 38308e7fff4ca-2f040733086so41543421fa.1 for ; Mon, 29 Jul 2024 09:41:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271279; x=1722876079; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aUCVAJzM03hSmUp8rx6/+vyvfot9/woi+dBlewNF6vQ=; b=jCS5MDDYsXUebW9jARqy7+DCgzOz4lMVw/ltXDV0KIe68E55YETLS6myRdaY825eLV BWqRz3ND4wJN37T1s7CXitL2qus+U6WcRMFmOalCcDJyT777zSlwyEKAdpTVcAY+VnJD LBGdhGS7mz56ueL0Eml9+CPAikMxQ7MbLNJT7obye2baaATPaMRpGSVAi+4sOZZDsU0+ UIKIG/ZsXxM/WAEEcoBdLyfXZzLQJa7XOljfw2q7IAO+nc3XyUXQS38dTPVkkj5bnsrV 7EpnmMJX/oG8HXQ23Czl98Dr7bRBPxARMJwI5SK7GX377pLbM78Y9UuxSyh3WtOGBxI/ Y2bg== X-Gm-Message-State: AOJu0YyYKAfKECPjB0ahBwmV0bpoBPGKm+zppyUmYdbta7mZj9PjiLxE qlHeeWWdLHVBZCgim+aD16rvcXoAlvTyA/IeHljAfEj9rdHcK/Y4 X-Google-Smtp-Source: AGHT+IEB3bkjoKK/5TlCN3OfXywkHCB59aNi1wGGX8uLLlYEEpAG+93FtAuoUkUlzkgrTBjPDwZLUw== X-Received: by 2002:a2e:924c:0:b0:2f0:1a19:f3f3 with SMTP id 38308e7fff4ca-2f12ee4229fmr57966541fa.33.1722271279133; Mon, 29 Jul 2024 09:41:19 -0700 (PDT) Received: from localhost (fwdproxy-lla-115.fbsv.net. [2a03:2880:30ff:73::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5ac64eb3591sm5984356a12.67.2024.07.29.09.41.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:18 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 02/11] x86/bugs: Add a separate config for TAA Date: Mon, 29 Jul 2024 09:40:50 -0700 Message-ID: <20240729164105.554296-3-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the TAA CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 11 +++++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 36e871ab1ef9..712a4f8cb7dd 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2659,6 +2659,17 @@ config MITIGATION_MDS a hardware vulnerability which allows unprivileged speculative access to data which is available in various CPU internal buffers. See also + +config MITIGATION_TAA + bool "Mitigate TSX Asynchronous Abort (TAA) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for TSX Asynchronous Abort (TAA). TAA is a hardware + vulnerability that allows unprivileged speculative access to data + which is available in various CPU internal buffers by using + asynchronous aborts within an Intel TSX transactional region. + See also endif =20 config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index dbfc7d5c5f48..ab306986762d 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -294,7 +294,8 @@ enum taa_mitigations { }; =20 /* Default mitigation for TAA-affected CPUs */ -static enum taa_mitigations taa_mitigation __ro_after_init =3D TAA_MITIGAT= ION_VERW; +static enum taa_mitigations taa_mitigation __ro_after_init =3D + IS_ENABLED(CONFIG_MITIGATION_TAA) ? TAA_MITIGATION_VERW : TAA_MITIGATION_= OFF; static bool taa_nosmt __ro_after_init; =20 static const char * const taa_strings[] =3D { --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com [209.85.208.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF22D1862B3 for ; Mon, 29 Jul 2024 16:41:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271284; cv=none; b=T89AAj44aklUAwnifq5PpzINK3GzL8YnBBPnKXNCkimvXU3RSIcTCJmIo45PB24ya4Q+Qt+9A3lKzvwsw7MsClumq3qXEErA0c2zUt3cLnsDcJocew1jkX+2MdkIP25zHk+HCX06kgkcczPizlFfI9LHC4x9DiegPFAah8P94t8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271284; c=relaxed/simple; bh=5SzGz/KTwDj0a/VZvVkQDlZRxnVxfpjkb94/P0J+SL8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DqMyr+DC8z6x/fA3X8fE2bA+sGz5nWer5c/ihXTl4wXRz0ah2V/GdF3+rOqe/p9oFRmLOtTeTwjFSFoy+OXlxjDy8yPdftGznKJuyvchKaNZvP4zwf5AcH8RA2aQ4lXJzORo8qQT/86gT3DqdK6v+SJ+GMGMhkqD1MKvHmDnz4A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ed1-f53.google.com with SMTP id 4fb4d7f45d1cf-595856e2336so7618044a12.1 for ; Mon, 29 Jul 2024 09:41:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271281; x=1722876081; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iJn9p6h0NKu9+lrIgQgiVHObU+GnWBQY2H1+Gtbp0fo=; b=dxhPcqFnWMn/JtT/cI4GpMgqcd/yp77rw6NU1PhNIwjgTuOi78FZBDK9/y2VWmpmbl +8Hqf5KY+jon2y0obO0zwip2NZ0AOvx8Q8JgC0HQLtcX/f4li9VaAewD4V1eBxIu7tLr NzVB2Uz5j6S1aaNcpB9+OfLyVqsn42rRMPEOnhDnPtCPFOWKNztc41zHPqAvXEv2hz6A ZcdY6Xhmm6Id6L1DHWl3rLVQeLJrbmtytQ3u5iAVPYRp4PMiyRhm7TiQO3tQWRMKDR97 9/udaVZETnf+aLTRZBMZfzV9G5nCYs5Ezn/VXheETrfmd+9M1qEyeeBqKgH79rgHYzwC zC6g== X-Gm-Message-State: AOJu0YxrVqtw49kaHS0W75E5El8Ty0t4nd4R+KoOYYd2nPCEuNhTXLi1 QytY+tAi2+xdqSXbbspb+zQCTAJix+zq6V+a4eHtoW1Az66Mw+O6 X-Google-Smtp-Source: AGHT+IFYkTkuWHAZt3u6ogSqWJdeWbMestmbm4cf4JYr9t4CTdhgofnbhtBOAzLjMJWe3JoApxtJfw== X-Received: by 2002:a50:bb49:0:b0:585:5697:b882 with SMTP id 4fb4d7f45d1cf-5b016cdb714mr8371822a12.3.1722271280987; Mon, 29 Jul 2024 09:41:20 -0700 (PDT) Received: from localhost (fwdproxy-lla-006.fbsv.net. [2a03:2880:30ff:6::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5b017787967sm3967228a12.9.2024.07.29.09.41.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:20 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 03/11] x86/bugs: Add a separate config for MMIO Stable Data Date: Mon, 29 Jul 2024 09:40:51 -0700 Message-ID: <20240729164105.554296-4-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the MMIO Stale data CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 12 ++++++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 712a4f8cb7dd..b169677ec4ac 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2670,6 +2670,18 @@ config MITIGATION_TAA which is available in various CPU internal buffers by using asynchronous aborts within an Intel TSX transactional region. See also + +config MITIGATION_MMIO_STALE_DATA + bool "Mitigate MMIO Stale Data hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for MMIO Stale Data hardware bugs. Processor MMIO + Stale Data Vulnerabilities are a class of memory-mapped I/O (MMIO) + vulnerabilities that can expose data. The vulnerabilities require the + attacker to have access to MMIO. + See also + endif =20 config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index ab306986762d..9b0d058f3fe8 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -393,7 +393,8 @@ enum mmio_mitigations { }; =20 /* Default mitigation for Processor MMIO Stale Data vulnerabilities */ -static enum mmio_mitigations mmio_mitigation __ro_after_init =3D MMIO_MITI= GATION_VERW; +static enum mmio_mitigations mmio_mitigation __ro_after_init =3D + IS_ENABLED(CONFIG_MITIGATION_MMIO_STALE_DATA) ? MMIO_MITIGATION_VERW : MM= IO_MITIGATION_OFF; static bool mmio_nosmt __ro_after_init =3D false; =20 static const char * const mmio_strings[] =3D { --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com [209.85.208.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 68AE5186E5B for ; Mon, 29 Jul 2024 16:41:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271287; cv=none; b=lCBKai9F7p6EmDHL6O/BGqiFDdQ3d9RHmp1KHE8kehpYp/rVTRzAvSuCqkRErB/xbq1CoHIuOdKuKc++r2LmXlrkZKwCFprVqBMqnxhYlKyNsyOGOqk3YiuXZDLa+pwCiJksNGCwlNJZf5sKQ1Dsk4BdwTLL3ga+26p4Gaqq47Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271287; c=relaxed/simple; bh=wPDhtggHa5RZ9bALckqonh9BQxteNVANpeptDfKGJhg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=kiCMyGALa2v4pcq1aL7QASUE9PQjOb+uDjCfTEWntJ4OJesC/8F0c62iMA15RiHIoOHOlMusp9EUzGcLQOwe9BDVAcsKX/mV2J1cd1PjNsdyTlwPjtvTxq/02Few0HRrHanI5s/34EWTAPWpNmyaAKI7QESeT15MjrGBJa/CvGY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f176.google.com with SMTP id 38308e7fff4ca-2ef2c56d9dcso47967071fa.2 for ; Mon, 29 Jul 2024 09:41:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271283; x=1722876083; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vHxK0Ou5TQH/BbrUfl9Z40UrNMuwE5GPHlJfR0iMhfI=; b=WrCcRc+DUNp0vF0cB2PwAQFk/8hDWl9txvJHXbpmr74k4HMrRKd/QuNjt6f1nQIkYV oGIzUG514dnGXUgtJh5BEo+XIj/Hp8PbB9SxHTQ7LlKqQJmZ/BLzIj0/wwrTQ9qH2XoJ nE00nwyYwn2mnSZ7Xny2+i2tHbKpm24AwDfouDptNqu83GjUBJNRpjAoquO4cVG5Ds06 HgG0jKD4cbwKaVlaTicoxO5T34U09IXEsPECwk+jJ0/ILS0L7Phf93u+4yS1zf9jxUzS sPVpxtG7Si9KMCxJvtYeZov8MDn6fT+L1J7Cuq1Rptbxsp6nicQt+Df0wCMw8qR7Mw2N TNqA== X-Gm-Message-State: AOJu0Yz8OK+In5629OTL1J4Ix7XivmzKniJDHYkBjyeNoqadhJpn58rg wSIb/DeWfLqx/zQ75CMTQjn2b2XdUazLDabnpXwxQlnn6Co5f+tU X-Google-Smtp-Source: AGHT+IFUPQmXyXb6LjHmXpoDsyaMiL5pdhrnXDWicvlX3SlcZ+UE9F56bG//e1dDixNsu7f2y7ybEg== X-Received: by 2002:a2e:8057:0:b0:2ee:d8dc:490c with SMTP id 38308e7fff4ca-2f12ee2f366mr62563601fa.41.1722271282887; Mon, 29 Jul 2024 09:41:22 -0700 (PDT) Received: from localhost (fwdproxy-lla-113.fbsv.net. [2a03:2880:30ff:71::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5ac631b046fsm6032399a12.18.2024.07.29.09.41.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:22 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 04/11] x86/bugs: Add a separate config for L1TF Date: Mon, 29 Jul 2024 09:40:52 -0700 Message-ID: <20240729164105.554296-5-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the L1TF CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 10 ++++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index b169677ec4ac..290f0865fd85 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2682,6 +2682,16 @@ config MITIGATION_MMIO_STALE_DATA attacker to have access to MMIO. See also + +config MITIGATION_L1TF + bool "Mitigate L1 Terminal Fault (L1TF) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Mitigate L1 Terminal Fault (L1TF) hardware bug. L1 Terminal Fault is a + hardware vulnerability which allows unprivileged speculative access to = data + available in the Level 1 Data Cache. + See ; Mon, 29 Jul 2024 16:41:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271288; cv=none; b=qm/sQurAHrmbkdD8CtOprqKMAmDiWemhQZfddNDpNjZe7I1qZZEMENfY40axP6wfPoTjiZJNkWSs8My8mKe07s/sL4Ygq8k4NmXKHSJqGE5/6htGN7D+a9d0Xo8Id1WcfWqhNx/dF+tDYMwaoo2TRq1Ap4WBrfh/1iWbQO0IOZk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271288; c=relaxed/simple; bh=XbR8jmCs4ktXvaPvv2uYOvHMysGYo4bQvZkuLh3bzD4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YYVCZ0sWes8QK+Wfimgg60itV42ez+bCFoPKCp4ffljwT/KvpL+9H1EI/2dpqXV/g0Sh9pXNVArAG8D2sv2ACwKhKensztBa8ycjYRI9CafzeoITZtLQewTImkqEnXSNFlQtEZ5GDceD27gDcsiEouScp86H2gIPOUFUQpe1DkE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f169.google.com with SMTP id 38308e7fff4ca-2ef2d7d8854so47087441fa.0 for ; Mon, 29 Jul 2024 09:41:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271285; x=1722876085; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TCGNGK9v8x84LZh3vmq2mF+hk1eTsG9/kdKLRSerISA=; b=rPv09hbJkfyLVY3eJV+RDarJrKKegT0Drc+0/zCZoXEk2Wu5Mpg0Vhayy+0DeaUW1P z4tRsnD+RijAV79q1ap3J9AITtvldRt+pHNAjoeKGxD2fDOOBK50rMr3jeja36d0fJHM oJA4bQvBQjqcFHCT3An2OH1pHanRu5Do3gPrS30hkB4iJNSFHFVeUNNTdSUDGVNUNuIi PJPtMXJIHjagTb6y0Y0DXs7M2FzxIytQUo/V2zKpCvkY8A9jDb7LVPioiosqNQTn76Q2 rLgYJLIDXjZ9ecxu1WvIM610fsTkZ1ffc0WdPaYM2KQHwJ7PdmDWtC/X44MbPpW9JyVC 1jCw== X-Gm-Message-State: AOJu0YzrGL8FSvSjgOcqLjUKLI4Snbw/i6sjepN0e5UX46dximO7tTIS aAyb1rVOXGy1J9CqWj3ncl6KkzYuFucjRWYF9KTf1st1YEBTzIzQ X-Google-Smtp-Source: AGHT+IHCdOe07iRzzdii2qqz8YoHW5St7jbEz6XT5JunDRMtfdqFnsTEqPNvVeZehZSckiRnERI3UQ== X-Received: by 2002:a2e:a595:0:b0:2ec:3d74:88ca with SMTP id 38308e7fff4ca-2f12edd6041mr55722721fa.25.1722271284810; Mon, 29 Jul 2024 09:41:24 -0700 (PDT) Received: from localhost (fwdproxy-lla-009.fbsv.net. [2a03:2880:30ff:9::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5afb9422c41sm4366138a12.82.2024.07.29.09.41.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:24 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 05/11] x86/bugs: Add a separate config for RETBLEED Date: Mon, 29 Jul 2024 09:40:53 -0700 Message-ID: <20240729164105.554296-6-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the RETBLEED CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 13 +++++++++++++ arch/x86/kernel/cpu/bugs.c | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 290f0865fd85..c9a9f928dddf 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2692,6 +2692,19 @@ config MITIGATION_L1TF hardware vulnerability which allows unprivileged speculative access to = data available in the Level 1 Data Cache. See ; Mon, 29 Jul 2024 16:41:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271290; cv=none; b=RzqvUY28mkyV98A/4ywas4FiPdgw/QMzIEBWK/sc0smuNAHmU9bw8YUUi80C+e6vKK0jRO7B6oD+B4WeVFAL/AF6iWxyQOZ7ocEQRS3hMIheY/g823RPEI1Knn4P6MZLJCQV8O10rdk8cNo0hr0LrZ06DlNlyRDH4E/LihUeuNI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271290; c=relaxed/simple; bh=Job6OKzCnpFBediwqDjRXYhKC3SbDE3v0vIuBGbDQO4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=B9Bfkq8zSHXEn97aAJyJAfuLFy4PoR6rBvA/6gwUvzMVDDVFx0m69A/uV8ZUb/z8ceodc5Nce0b1PkTUuQEHpJO+xDoahbTcMEgzZ+zK4hB6Jp/I3w79ynqOl5LpXqaEqlR61gVI1gqa8ZP+4mS23WoqTRDCbp+cRt46THssY34= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-5a3b866ebc9so5267605a12.3 for ; Mon, 29 Jul 2024 09:41:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271287; x=1722876087; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=X1I9YcxLwdbovBSBFPPY1hIYg3L+7CpHT2lLdwcx23I=; b=KkbL33IokpWiJNQpgvwp6llyZqt0p7gQRvpPy3gFsPt+6kuPO88UfbQY8P9iGp8vQp pyWrhIyonB90q6SkrOkBBo8n8wTVSSSoxdowP4wZ07XRxTnQCfeTlKYhnEHWFV7ePyJ+ xjgQxxd9Kv+VHpGxC6XkXrrl9usIrMT7tRiv23VQPuQaIXoFBjyOU0TBSJxRGVcxsI9r /2wTNmXwW4r9qCKEJXJsJ+eGZd12jDH0FgmVzL6vzW4AylDOGLYpvrcw8BH7DL3z5JbK WJVTMWPTofPpVgqDtw80nMHW9uDpNH9y3AJymd/jVRHH/Uv5ayTUOTFdKoEMDREtPR6p Nq9w== X-Gm-Message-State: AOJu0YxeQ7rn61W588vvY+sUhSBWuqIgANtBpDgN5m7UPDtYAokFp6Vg iUlUFG00zpzUT2FPehliQpHdov5VDkLKyrwbt2oNJKY0YrgdFnUi X-Google-Smtp-Source: AGHT+IG5cXYxi+r6Tcs6hIdQ1Y35lkJmARcSPMWT8rBEiyuqhdWnQkMBBu2xKxkJfEKzqDbCI8815Q== X-Received: by 2002:a17:907:2cc2:b0:a7a:97a9:ba28 with SMTP id a640c23a62f3a-a7d3fff01efmr444400366b.26.1722271286703; Mon, 29 Jul 2024 09:41:26 -0700 (PDT) Received: from localhost (fwdproxy-lla-116.fbsv.net. [2a03:2880:30ff:74::face:b00c]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7acad4acbfsm526154666b.100.2024.07.29.09.41.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:26 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 06/11] x86/bugs: Add a separate config for Spectre v1 Date: Mon, 29 Jul 2024 09:40:54 -0700 Message-ID: <20240729164105.554296-7-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the Spectre v1 CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 10 ++++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index c9a9f928dddf..e3c63e5208ab 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2705,6 +2705,16 @@ config MITIGATION_RETBLEED unprivileged attacker can use these flaws to bypass conventional memory security restrictions to gain read access to privileged memory that would otherwise be inaccessible. + +config MITIGATION_SPECTRE_V1 + bool "Mitigate SPECTRE V1 hardware bug" + default y + help + Enable mitigation for Spectre V1 (Bounds Check Bypass). Spectre V1 is a + class of side channel attacks that takes advantage of speculative + execution that bypasses conditional branch instructions used for + memory access bounds check. + See also endif =20 config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 08edca8c2c1f..ebb6a2f578d1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -874,7 +874,8 @@ enum spectre_v1_mitigation { }; =20 static enum spectre_v1_mitigation spectre_v1_mitigation __ro_after_init = =3D - SPECTRE_V1_MITIGATION_AUTO; + IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V1) ? + SPECTRE_V1_MITIGATION_AUTO : SPECTRE_V1_MITIGATION_NONE; =20 static const char * const spectre_v1_strings[] =3D { [SPECTRE_V1_MITIGATION_NONE] =3D "Vulnerable: __user pointer sanitization= and usercopy barriers only; no swapgs barriers", --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-lj1-f182.google.com (mail-lj1-f182.google.com [209.85.208.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D03B618784F for ; Mon, 29 Jul 2024 16:41:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271294; cv=none; b=UCMOkd/BGuG8RDj92beyr11NlPhcUh41Sk4gFwr5Rha2hPCO/RIgtfvgxuEtKYYoP7ugKep7HUNODj6SpfJ/nNqDzCsPQc9BG4NrnhaPg3NQZ0GRfHvC/uFRhr0mhl9UKBwusDY356PgSdGeDxGp252wEdYLmMwtGMvDpl/4I84= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271294; c=relaxed/simple; bh=EOBwKhK0bGUvkVIxZY8IDJmuNV0cUFXlkWBSib1K8q4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GGMCo9zMETNaPvnBchxdeQDXdyLJS3ltqzsCo8AHCj7eOrjTdWrd2U9I+TpWFSiziDSZT1Lcz7aw2BD1H8Tw20ZCR2lP6yl5lw0fohEWsbU3ZKoG3fk91B/pM0Kc9Mo3l2N+pXOQOtFl9XMRlXRG9G09gkaQRmwZA07QUNAO8KY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f182.google.com with SMTP id 38308e7fff4ca-2ee920b0781so41028321fa.1 for ; Mon, 29 Jul 2024 09:41:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271291; x=1722876091; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1+wAm72oVKTI2dZM5Qd7Xnr6v/AeXlyV4Shdu2M4ZPg=; b=Ui8lVk3b5b7wqCwH6XzgT/LHnrRn37EXpNbDFbo4+W1xn9CBZbuhP9/BcphfJvLoit WsZbkG9tBovurlesE9WmDmAahbBrI+IKop7g8dI56FhdbVUA/3e3D17CkKaz6Fuzvk/a E+SvvWZFaxM0qzGZWm6WDICbRbVZeKyOhCm7waI+76jCdS1Adf0Zx+yLZxgPULUBKNGY EMoHSmAkrKgRgunPVQM9oxzGGiNBuPJkbOb/nWv7Lf+OSPac3wDxXnBgqDtOIZjdCSb4 JV5IuMQvTAceQ2VfWTDE13DikMTQRxQ0P2ZST7SB0MV2OxJRFz9KTmGhLr6uTxlA4Dxn N7BQ== X-Gm-Message-State: AOJu0YzedYb9fIA6CYlU+S2NFgW3vBEnzh5YwNp2B2aUku/zCOrrFMnF tVg+8C5RlIC4bpCsWvo9TFPw5w/IKFq8Cjwy7FVk4Kk2AIeMnnfT4V+YQw== X-Google-Smtp-Source: AGHT+IFxX/cu2HH1Wi4XQ2xfxFAcfgU28hKOybywhXh+OYmGQeiFFH7XYWZuXYjiF9KIlT5K/ncc3A== X-Received: by 2002:a2e:98c5:0:b0:2ef:2ce0:5089 with SMTP id 38308e7fff4ca-2f12ee07266mr53725431fa.12.1722271288472; Mon, 29 Jul 2024 09:41:28 -0700 (PDT) Received: from localhost (fwdproxy-lla-115.fbsv.net. [2a03:2880:30ff:73::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5afb9422c41sm4366191a12.82.2024.07.29.09.41.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:28 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 07/11] x86/bugs: Add a separate config for SRBDS Date: Mon, 29 Jul 2024 09:40:55 -0700 Message-ID: <20240729164105.554296-8-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the SRBDS CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 14 ++++++++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index e3c63e5208ab..22d324581a60 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2715,6 +2715,20 @@ config MITIGATION_SPECTRE_V1 execution that bypasses conditional branch instructions used for memory access bounds check. See also + +config MITIGATION_SRBDS + bool "Mitigate Special Register Buffer Data Sampling (SRBDS) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Special Register Buffer Data Sampling (SRBDS). + SRBDS is a hardware vulnerability that allows Microarchitectural Data + Sampling (MDS) techniques to infer values returned from special + register accesses. An unprivileged user can extract values returned + from RDRAND and RDSEED executed on another core or sibling thread + using MDS techniques. + See also + endif =20 config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index ebb6a2f578d1..8292a96d376c 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -608,7 +608,8 @@ enum srbds_mitigations { SRBDS_MITIGATION_HYPERVISOR, }; =20 -static enum srbds_mitigations srbds_mitigation __ro_after_init =3D SRBDS_M= ITIGATION_FULL; +static enum srbds_mitigations srbds_mitigation __ro_after_init =3D + IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_FULL : SRBDS_MITIG= ATION_OFF; =20 static const char * const srbds_strings[] =3D { [SRBDS_MITIGATION_OFF] =3D "Vulnerable", --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-ed1-f48.google.com (mail-ed1-f48.google.com [209.85.208.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5CA43187560 for ; Mon, 29 Jul 2024 16:41:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271296; cv=none; b=DvSdQxAr7J3s0T6q7zHlyHAi8MWKRe4cr/dOnHeCJ97u1lEEPQNxbhJJWZDmXSOXEwYstMmvcXLQGjttleFJ8cYcT2Sx6Zl7IF1IRRqmLAQfdyE/Zh+jYg01f6fDTtEm1rMdnrRdXRtiBJCrVtU4kMHaY4apVHKlK8hnQWQCCQc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271296; c=relaxed/simple; bh=FTre/e3fn3hyD3jRCA2ZvzDYgi4xwsifr7Qe5cJtE2s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=u2Aoxswj2x7IQ3RcrDYn0tOi+qe72eTgkVHdP5l2IRQrBUZgzwCtkpVf/wwgYUGMAqtxq8AuT4i5aKuxkNgK8JpqVr0CzbQLov2j0mzdVYeOuhEjlG1ZjNkwdE9XC2ZkIAe+J/k7/LY9gxqvNSZP1X+asO2kxrUuGcyQW7mObn0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ed1-f48.google.com with SMTP id 4fb4d7f45d1cf-595856e2336so7618527a12.1 for ; Mon, 29 Jul 2024 09:41:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271293; x=1722876093; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=evLP27LRDak9xTMM+NeoFegFwyLuyGvYckpr0RLlsRk=; b=d4cM7bwjtonMJUyPWdu04Oddmbb7QQ/XnHC49sArlaXw2gI1NV8zI1UbimTL23eNDV EOswGrOlITERNCDx7ZJjkfgvHddGrc572zf/MHbSNTRtKgMMGdqsUBexv/iUq5KfXkbW 6E1VETf1CWaM478qlDyANvl33xGLs+Ns8DH2tIUtA7sf4vYDFX64ZXcMWS5dCKD2zwvn QRmBw5ap/fZ7bfj4NVs9VztyXUTB/WiUDlLQRPEp1iLhLMzkNJvtZqLTIgl2cDD82/VJ 57ESkMvHx+3R9Pn+OLtswJlChYfQ4qlTr9UIBtPOBjkKPta99mfIZmWjpqVDJzQx0xWz /1Cw== X-Gm-Message-State: AOJu0YxaW7ESR3Q4fme8draGqvRvI2Vzek1tK7fj42qu/3D3zpJx4uVW c8Dv/k/3DbsdfPiY0i6Be70nNM0s9DL/6FkZB7qE/+UXGrBRUvZY X-Google-Smtp-Source: AGHT+IFYK4x+eYK9ZsqY4/muHpp3sLZrMf8qTMCB4YbfQkmMmdlT0zjIxmimKq4HzKbxd04hffxXWg== X-Received: by 2002:a50:8755:0:b0:582:7394:a83d with SMTP id 4fb4d7f45d1cf-5b018be38a5mr7643434a12.12.1722271292655; Mon, 29 Jul 2024 09:41:32 -0700 (PDT) Received: from localhost (fwdproxy-lla-000.fbsv.net. [2a03:2880:30ff::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5af507c6e9bsm4687457a12.54.2024.07.29.09.41.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:32 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 08/11] x86/bugs: Add a separate config for Spectre V2 Date: Mon, 29 Jul 2024 09:40:56 -0700 Message-ID: <20240729164105.554296-9-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the Spectre V2 CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 12 ++++++++++++ arch/x86/kernel/cpu/bugs.c | 9 +++++---- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 22d324581a60..33e125a28f79 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2716,6 +2716,18 @@ config MITIGATION_SPECTRE_V1 memory access bounds check. See also =20 +config MITIGATION_SPECTRE_V2 + bool "Mitigate SPECTRE V2 hardware bug" + default y + help + Enable mitigation for Spectre V2 (Branch Target Injection). Spectre + V2 is a class of side channel attacks that takes advantage of + indirect branch predictors inside the processor. In Spectre variant 2 + attacks, the attacker can steer speculative indirect branches in the + victim to gadget code by poisoning the branch target buffer of a CPU + used for predicting indirect branch addresses. + See also + config MITIGATION_SRBDS bool "Mitigate Special Register Buffer Data Sampling (SRBDS) hardware bug" depends on CPU_SUP_INTEL diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 8292a96d376c..45cbc6f994ca 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1452,17 +1452,18 @@ static void __init spec_v2_print_cond(const char *r= eason, bool secure) =20 static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) { - enum spectre_v2_mitigation_cmd cmd =3D SPECTRE_V2_CMD_AUTO; + enum spectre_v2_mitigation_cmd cmd; char arg[20]; int ret, i; =20 + cmd =3D IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? SPECTRE_V2_CMD_AUTO := SPECTRE_V2_CMD_NONE; if (cmdline_find_option_bool(boot_command_line, "nospectre_v2") || cpu_mitigations_off()) return SPECTRE_V2_CMD_NONE; =20 ret =3D cmdline_find_option(boot_command_line, "spectre_v2", arg, sizeof(= arg)); if (ret < 0) - return SPECTRE_V2_CMD_AUTO; + return cmd; =20 for (i =3D 0; i < ARRAY_SIZE(mitigation_options); i++) { if (!match_option(arg, ret, mitigation_options[i].option)) @@ -1472,8 +1473,8 @@ static enum spectre_v2_mitigation_cmd __init spectre_= v2_parse_cmdline(void) } =20 if (i >=3D ARRAY_SIZE(mitigation_options)) { - pr_err("unknown option (%s). Switching to AUTO select\n", arg); - return SPECTRE_V2_CMD_AUTO; + pr_err("unknown option (%s). Switching to default mode\n", arg); + return cmd; } =20 if ((cmd =3D=3D SPECTRE_V2_CMD_RETPOLINE || --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-ej1-f45.google.com (mail-ej1-f45.google.com [209.85.218.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54CB21891A3 for ; Mon, 29 Jul 2024 16:41:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.45 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271298; cv=none; b=YqQEV/f30j4tNKUE3+1XbJSLK+uRYs4zA35j79WNSRtMtsjbW43NoBOtC7zLiIUW7oYlrwjiQ01tG7H36A7NyEIq2X4AN+HF0lv8lAVCHVzRSpk7Vg+41dBmZT3YrGJIb+AYMW162djCkz3wwu6MGWN9IMhTwDDeWlfgDqlh6E4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271298; c=relaxed/simple; bh=kFzFCKyGM+BaZMlUF3x0UOzVewG83smIsNmXLjD0swM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZkjYNt6EMm8v38x7D5LQgRSlPARj1WXHtF1kMtdIgyUgh4EfmQFbs3trDKhlU0qLxQph18fA5xW3oaOOBIuiKIJw1CjhnEiasMOD18+T9UdIoAq3EdqpysuyjGCpetr1LMVKJAAAduWis76R4khX0tEt65VWomZ7wTEZBC+0TxU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.218.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ej1-f45.google.com with SMTP id a640c23a62f3a-a7aabb71bb2so517320466b.2 for ; Mon, 29 Jul 2024 09:41:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271294; x=1722876094; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fOG+72i1mjqHjwsg119pJufGs0ekMU3qUubpOUe+L4w=; b=CkOtu1xraO6JR5HZSJ1DF/efF7MdapGJlYDxdZV4NGaX4CLvtmjmBXFXM0dk7hOeGP ogFq7xv/3QHe9TIXOxJDc0EbU6Z0HjqF2eLQe+dDUnwBC7VHQf5aHgCYor5mkh2fq92b zqlfYajRYZLrzex70hGXh1IFN+ds/7tB+tzGyANSRSvZEYb2we3sdcORrfU2TeiNBf2k 8WbSP9h7HnYHa83UifWFbSqmiQagca3xXeL2sPcgXCexJMwrMvDPkAVySrEXOdXMEZK0 bPQPzUrb/oDeu+Pims4orF6Ho024dP9mru62AO9q6MNEDbSNT7B9TWY6NheTRYc17cMi sZaw== X-Gm-Message-State: AOJu0YwHzZYfFk97eUDLpfDFlAkPIci0+XdX7ZFC6PzEOdppq13vsf72 MZrKcd/XDmN6ajm/5yAwZrbF4qTRLmMGJPJ8Dg6eM3O1sCgidLVF X-Google-Smtp-Source: AGHT+IHepKMtVy7riosdATsBkDyPfEftLGY09TfsO6YnGbL9NxtbeRNe5EnEyv+PRAS5wnlOBULuwA== X-Received: by 2002:a17:907:3f1e:b0:a7a:bb54:c852 with SMTP id a640c23a62f3a-a7d401863e0mr583144366b.61.1722271294464; Mon, 29 Jul 2024 09:41:34 -0700 (PDT) Received: from localhost (fwdproxy-lla-009.fbsv.net. [2a03:2880:30ff:9::face:b00c]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7acadb8356sm526604066b.206.2024.07.29.09.41.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:34 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 09/11] x86/bugs: Add a separate config for SSB Date: Mon, 29 Jul 2024 09:40:57 -0700 Message-ID: <20240729164105.554296-10-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the SSB CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 10 ++++++++++ arch/x86/kernel/cpu/bugs.c | 10 ++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 33e125a28f79..2e72a07981b2 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2741,6 +2741,16 @@ config MITIGATION_SRBDS using MDS techniques. See also + +config MITIGATION_SSB + bool "Mitigate Speculative Store Bypass (SSB) hardware bug" + default y + help + Enable mitigation for Speculative Store Bypass (SSB). SSB is a + hardware security vulnerability and its exploitation takes advantage + of speculative execution in a similar way to the Meltdown and Spectre + security vulnerabilities. + endif =20 config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 45cbc6f994ca..a7f20ae2fcf4 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2027,10 +2027,12 @@ static const struct { =20 static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) { - enum ssb_mitigation_cmd cmd =3D SPEC_STORE_BYPASS_CMD_AUTO; + enum ssb_mitigation_cmd cmd; char arg[20]; int ret, i; =20 + cmd =3D IS_ENABLED(CONFIG_MITIGATION_SSB) ? + SPEC_STORE_BYPASS_CMD_AUTO : SPEC_STORE_BYPASS_CMD_NONE; if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disa= ble") || cpu_mitigations_off()) { return SPEC_STORE_BYPASS_CMD_NONE; @@ -2038,7 +2040,7 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdli= ne(void) ret =3D cmdline_find_option(boot_command_line, "spec_store_bypass_disabl= e", arg, sizeof(arg)); if (ret < 0) - return SPEC_STORE_BYPASS_CMD_AUTO; + return cmd; =20 for (i =3D 0; i < ARRAY_SIZE(ssb_mitigation_options); i++) { if (!match_option(arg, ret, ssb_mitigation_options[i].option)) @@ -2049,8 +2051,8 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdli= ne(void) } =20 if (i >=3D ARRAY_SIZE(ssb_mitigation_options)) { - pr_err("unknown option (%s). Switching to AUTO select\n", arg); - return SPEC_STORE_BYPASS_CMD_AUTO; + pr_err("unknown option (%s). Switching to default mode\n", arg); + return cmd; } } =20 --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-lj1-f173.google.com (mail-lj1-f173.google.com [209.85.208.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 572221891DE for ; Mon, 29 Jul 2024 16:41:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271300; cv=none; b=Ocsp/t1lxd/GBMCr/9MG4DNfRKw+4XuAnYzAvVGtW1ND7/Y64/So4i4c4OCbpS9fgGPNm7G42+OYY384U2JAK6uznDB6+TNwsU6h4ZxzpH0yUTZ9CKjbAQpFR2BAq8mZlqaRuITCFoFb57EYYg9wyJ5lUi6Zttz7qWElLpA+S3A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271300; c=relaxed/simple; bh=FEndCg0Pz2OslQ6B28mh6KzzTV1y5Kgcyrx69GxcCO8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fKyX8jnkDywfZywsyssu34+K6fHRu/lS9t0A/A80x985OlrH+g9HVL1tH+NUg/D7OunxIkMc9+pQQtOLgQ7/URzpZzyomolhphP1paD99W6xmc/S5BBXjwpbZK39mVImeTiTzbWCGq3IB8LZy4jP8t4o4PjGKvSI5eMhZkQVgWQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f173.google.com with SMTP id 38308e7fff4ca-2ef23d04541so46171251fa.2 for ; Mon, 29 Jul 2024 09:41:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271297; x=1722876097; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5kKL7LLYKP1+RwU7glg50RHgGSPpM+rBExCNZBvYFfc=; b=lWkzMUmyEd2QvOjPS7zZ+/5wB13HYjQFktp4MfdeluUi2on3btWazzoaYJP+WaElRb g7zguRCGPL/xAoUWXOoeMPblj03mIbxXcZrmR//B6NgiFFqwIxezk8GW2LsvREnpC0t9 /RJavRkIAE8Lkm1nDMtMdjZYJ2BoH++K36uGoWZZz3Uv0jKyb8khdEKo6+T+4yYeJIlp QLmbHdMkrmj8xZQm3ex6puNj5Je5F6RG37kXrH7bvkcbiTzepKJyrY4tcBY479ubo96g nelnbNxA7tEhPTnN69to7KZEiNym+5EQVDAhU7fQsspegAeHWfKQzGu8b7ZOqCVqb0FQ JAdA== X-Gm-Message-State: AOJu0Yw9ZyENGsM67ss/0X1fZ5X2Z3mTl/1V7lcIXBv0n8uJC8s3cRbf I+8GbA2bbeTPOUmxszmTQUJcub5P9hHQt/o3AkCzA8AM+u7f9AGL X-Google-Smtp-Source: AGHT+IH3MBqUB2it74cRDky3yr8m+XT64X75i9nRQ7dR1peopRTkd536ei1f4S5H9id9j3Ao4V6IAQ== X-Received: by 2002:a2e:920c:0:b0:2ef:22a5:9472 with SMTP id 38308e7fff4ca-2f12ee42154mr57392231fa.38.1722271296400; Mon, 29 Jul 2024 09:41:36 -0700 (PDT) Received: from localhost (fwdproxy-lla-007.fbsv.net. [2a03:2880:30ff:7::face:b00c]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5ac63b59ca1sm6065190a12.52.2024.07.29.09.41.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:36 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org, Daniel Sneddon Subject: [PATCH v4 10/11] x86/bugs: Remove GDS Force Kconfig option Date: Mon, 29 Jul 2024 09:40:58 -0700 Message-ID: <20240729164105.554296-11-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove the MITIGATION_GDS_FORCE Kconfig option, which aggressively disables AVX as a mitigation for Gather Data Sampling (GDS) vulnerabilities. This option is not widely used by distros. While removing the Kconfig option, retain the runtime configuration ability through the `gather_data_sampling=3Dforce` kernel parameter. This allows users to still enable this aggressive mitigation if needed, without baking it into the kernel configuration. This change simplifies the kernel configuration while maintaining flexibility for runtime mitigation choices. Cc: Daniel Sneddon Suggested-by: Borislav Petkov Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 19 ------------------- arch/x86/kernel/cpu/bugs.c | 4 ---- 2 files changed, 23 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 2e72a07981b2..ab5b210c8315 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2610,25 +2610,6 @@ config MITIGATION_SLS against straight line speculation. The kernel image might be slightly larger. =20 -config MITIGATION_GDS_FORCE - bool "Force GDS Mitigation" - depends on CPU_SUP_INTEL - default n - help - Gather Data Sampling (GDS) is a hardware vulnerability which allows - unprivileged speculative access to data which was previously stored in - vector registers. - - This option is equivalent to setting gather_data_sampling=3Dforce on the - command line. The microcode mitigation is used if present, otherwise - AVX is disabled as a mitigation. On affected systems that are missing - the microcode any userspace code that unconditionally uses AVX will - break with this option set. - - Setting this option on systems not vulnerable to GDS has no effect. - - If in doubt, say N. - config MITIGATION_RFDS bool "RFDS Mitigation" depends on CPU_SUP_INTEL diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index a7f20ae2fcf4..b2e752eeb098 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -735,11 +735,7 @@ enum gds_mitigations { GDS_MITIGATION_HYPERVISOR, }; =20 -#if IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) -static enum gds_mitigations gds_mitigation __ro_after_init =3D GDS_MITIGAT= ION_FORCE; -#else static enum gds_mitigations gds_mitigation __ro_after_init =3D GDS_MITIGAT= ION_FULL; -#endif =20 static const char * const gds_strings[] =3D { [GDS_MITIGATION_OFF] =3D "Vulnerable", --=20 2.43.0 From nobody Sat Feb 7 04:57:02 2026 Received: from mail-ed1-f48.google.com (mail-ed1-f48.google.com [209.85.208.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E80DE15ECDB for ; Mon, 29 Jul 2024 16:41:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271301; cv=none; b=qI+4iezCdb5HiFcpNPiXG9FVQwyq7ftCGt717npTOMM+ukW+bju57IcHXqMRQFAqbyt9YUfpUOTMs2tltfuWVQdunux2kDBQawL/f10dcAYCQ74TJ5CcLjdD3RCgzUs4a4Cmv3HMrSbKfUjlTTN+oeSosRroEw1uL4aI+8tyDgU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722271301; c=relaxed/simple; bh=rjOy0J+6gbjAabPpcFr8EBNjak5fI9XMI+jdoUUnQ00=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qzODXZL7EDc9d54LOEZcEh/Z8oNq4Y4buvBAMwY9xxv/r0FEc0NiSjh2av04OgH4GdI/DbIpTwclqZ1rBM0FFN5WcZ+cq8/WfkqO2il+s7O4KX+u2Z6+S+CTE4QggcIRTI4iLU6imTTuaW8Csru5dxpqQv/5S/rDD1MqF61PFdk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.208.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=debian.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ed1-f48.google.com with SMTP id 4fb4d7f45d1cf-5afa207b8bfso3226708a12.0 for ; Mon, 29 Jul 2024 09:41:39 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722271298; x=1722876098; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RLEhMHuDWODppIoZZdWJkSUr7OSyKrJFLXS2R27TE1Y=; b=gt69a7WL/dcxnYDLcgfilQUas+PdNRSGDIIm+YIrKnjl9VqnXEAee3VrKIxMeGhUSY glBoi9Wn0Nu9gZYEtblwbq7H6uiSfLIYWr+H8ewaPaWDYat7Nw3c1EX/0x6pnDUMMZk9 JTxXj9oKUp3ua6QeVXqISGOLPv1uO3JoDVLTuK6wTi6P9b+Y1jvgyWl+bmPG3PxUbfTP x7fUt99cI7aLdX7qnsHbMPH/uCJNbi4DZEsy+N9F80bkUgNej8gT22z8QeHo3/PvsN2N 9IpgXlhofOJNwDVFAY7lq/x+72UCf5HLTVXTZq+zODojpw5EcIABiBz9foqsjkf6WKFc Ivug== X-Gm-Message-State: AOJu0YzzBmRiDTgxuy1G7vE2wxml2k4DYn1pgEes8/otjlfFEI0Ebuwm Y4rsAaJBoyvVJi+LPJiHIW3MzTsExGVKZ0GC5rSKl5pDkrclfIwL X-Google-Smtp-Source: AGHT+IGk1ouQw30sr4PLwOVHqxHZsD3wCFvolh3kCsHX58FHTJd5X9KMW17/C7AXpXWlTwkqyyPlYw== X-Received: by 2002:a17:906:c141:b0:a7a:a7b8:ada6 with SMTP id a640c23a62f3a-a7d40075322mr455642966b.39.1722271298324; Mon, 29 Jul 2024 09:41:38 -0700 (PDT) Received: from localhost (fwdproxy-lla-004.fbsv.net. [2a03:2880:30ff:4::face:b00c]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7acab4de47sm531048466b.67.2024.07.29.09.41.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 09:41:38 -0700 (PDT) From: Breno Leitao To: bp@alien8.de, Thomas Gleixner , Ingo Molnar , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: linux-kernel@vger.kernel.org Subject: [PATCH v4 11/11] x86/bugs: Add a separate config for GDS Date: Mon, 29 Jul 2024 09:40:59 -0700 Message-ID: <20240729164105.554296-12-leitao@debian.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240729164105.554296-1-leitao@debian.org> References: <20240729164105.554296-1-leitao@debian.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create a new kernel config that allows GDS to be completely disabled, similarly to the "gather_data_sampling=3Doff" or "mitigations=3Doff" kernel command-line. Now, there are two options for GDS mitigation: * CONFIG_MITIGATION_GDS=3Dn -> Mitigation disabled (New) * CONFIG_MITIGATION_GDS=3Dy -> Mitigation enabled (GDS_MITIGATION_FULL) Suggested-by: Josh Poimboeuf Acked-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 10 ++++++++++ arch/x86/kernel/cpu/bugs.c | 3 ++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index ab5b210c8315..475bc538615e 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2610,6 +2610,16 @@ config MITIGATION_SLS against straight line speculation. The kernel image might be slightly larger. =20 +config MITIGATION_GDS + bool "Mitigate Gather Data Sampling" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Gather Data Sampling (GDS). GDS is a hardware + vulnerability which allows unprivileged speculative access to data + which was previously stored in vector registers. The attacker uses gath= er + instructions to infer the stale vector register data. + config MITIGATION_RFDS bool "RFDS Mitigation" depends on CPU_SUP_INTEL diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b2e752eeb098..189840db2f8d 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -735,7 +735,8 @@ enum gds_mitigations { GDS_MITIGATION_HYPERVISOR, }; =20 -static enum gds_mitigations gds_mitigation __ro_after_init =3D GDS_MITIGAT= ION_FULL; +static enum gds_mitigations gds_mitigation __ro_after_init =3D + IS_ENABLED(CONFIG_MITIGATION_GDS) ? GDS_MITIGATION_FULL : GDS_MITIGATION_= OFF; =20 static const char * const gds_strings[] =3D { [GDS_MITIGATION_OFF] =3D "Vulnerable", --=20 2.43.0