The Moorefield and Lightning Mountain Atom processors are
missing the NO_SSB flag in the vulnerabilities whitelist.
This will cause unaffected parts to incorrectly be reported
as vulnerable. Add the missing flag.

Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
---
 arch/x86/kernel/cpu/common.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index d4e539d4e158..be307c9ef263 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -1165,8 +1165,8 @@ static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
 
 	VULNWL_INTEL(INTEL_CORE_YONAH,		NO_SSB),
 
-	VULNWL_INTEL(INTEL_ATOM_AIRMONT_MID,	NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
-	VULNWL_INTEL(INTEL_ATOM_AIRMONT_NP,	NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT),
+	VULNWL_INTEL(INTEL_ATOM_AIRMONT_MID,	NO_SSB | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT | MSBDS_ONLY),
+	VULNWL_INTEL(INTEL_ATOM_AIRMONT_NP,	NO_SSB | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT),
 
 	VULNWL_INTEL(INTEL_ATOM_GOLDMONT,	NO_MDS | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
 	VULNWL_INTEL(INTEL_ATOM_GOLDMONT_D,	NO_MDS | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
-- 
2.25.1

On 8/28/24 15:40, Daniel Sneddon wrote:
> The Moorefield and Lightning Mountain Atom processors are
> missing the NO_SSB flag in the vulnerabilities whitelist.
> This will cause unaffected parts to incorrectly be reported
> as vulnerable. Add the missing flag.

It'd be really cool to add two things to these changelogs: First, who
figured this out and how?  Basically, who cares and why?  Second, what
public Intel documentation supports this change?

On 8/28/24 16:36, Dave Hansen wrote:
> On 8/28/24 15:40, Daniel Sneddon wrote:
>> The Moorefield and Lightning Mountain Atom processors are
>> missing the NO_SSB flag in the vulnerabilities whitelist.
>> This will cause unaffected parts to incorrectly be reported
>> as vulnerable. Add the missing flag.
> 
> It'd be really cool to add two things to these changelogs: First, who
> figured this out and how?  Basically, who cares and why?  Second, what
> public Intel documentation supports this change?

The first thing I can do no problem. The second..... :(

On 8/28/24 16:50, Daniel Sneddon wrote:
> On 8/28/24 16:36, Dave Hansen wrote:
>> On 8/28/24 15:40, Daniel Sneddon wrote:
>>> The Moorefield and Lightning Mountain Atom processors are
>>> missing the NO_SSB flag in the vulnerabilities whitelist.
>>> This will cause unaffected parts to incorrectly be reported
>>> as vulnerable. Add the missing flag.
>> It'd be really cool to add two things to these changelogs: First, who
>> figured this out and how?  Basically, who cares and why?  Second, what
>> public Intel documentation supports this change?
> The first thing I can do no problem. The second..... 🙁

Heh, I went looking just after I asked.  These CPUs are ghosts as far as
the docs are concerned.  I assume because they are end-of-life'd (or
whatever the proper name is).  But even saying _that_ in the changelog
would be helpful.

On 8/28/24 16:54, Dave Hansen wrote:
> On 8/28/24 16:50, Daniel Sneddon wrote:
>> On 8/28/24 16:36, Dave Hansen wrote:
>>> On 8/28/24 15:40, Daniel Sneddon wrote:
>>>> The Moorefield and Lightning Mountain Atom processors are
>>>> missing the NO_SSB flag in the vulnerabilities whitelist.
>>>> This will cause unaffected parts to incorrectly be reported
>>>> as vulnerable. Add the missing flag.
>>> It'd be really cool to add two things to these changelogs: First, who
>>> figured this out and how?  Basically, who cares and why?  Second, what
>>> public Intel documentation supports this change?
>> The first thing I can do no problem. The second..... 🙁
> 
> Heh, I went looking just after I asked.  These CPUs are ghosts as far as
> the docs are concerned.  I assume because they are end-of-life'd (or
> whatever the proper name is).  But even saying _that_ in the changelog
> would be helpful.

Will do!