From nobody Fri Nov 29 03:46:38 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 00554146A6C; Tue, 24 Sep 2024 22:32:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217126; cv=none; b=JTGDADw2L3jX/ya4lmsGtGr+gGNrEegp870oKlTxlKauF/QJNANMwn7IDcBvrwOvxix0oZayDawp13byTvkx5oZlWYu697yflTvxoy+J8oETQkKpZdLI/9NXAjOrChavX/eD29IcCDUzb6tCToFeb6JSGUC2KkRfQZfoEhpPFPs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217126; c=relaxed/simple; bh=zWD3/hrw9NBGVzXNUXaFiaMtx2BgEk+Qq27PFVjELSk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=WwRU6JwDpppwNIpBTdENVZ6bcJm46Dr1e6qjC4rwdjqn2shE0Dcqc1IJfWgd3nnd+rZ8oddpZhLl80V4ycx7rYQwH8jCUjhd3xw6yT6rhcVCvFXgQTSqFtbwWtvmlEHDBEGJTp+8U9KdzLJv7ZKeYGc3CGPkk/kuumUFfbpK2pk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=WfVj78TD; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="WfVj78TD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1727217125; x=1758753125; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=zWD3/hrw9NBGVzXNUXaFiaMtx2BgEk+Qq27PFVjELSk=; b=WfVj78TDxSiUi1z3gq67FObECse0HPZXMd3HZxWqCXRzpNxWSZQiGT8v 6KCqik+7DSglF73t73G5BwJXtNYxLQsw8IN9x3aWSwfqYXF0TZHXTdR2f fok1rYUhqlzyoB/hOThMGw3swMLM7XjCQXo2yFNHxL9ksHnE6p1x9h4Um 83N3CpCT1iA22pGIoZDJOWJhhxMMjSi5+8KRS1+YEZsTGeNbP7PVCqYHE oitp4EODxQSiqffSg/+bHFI+sbJHIHOBxGcAomptPNYvHOphoxvs63Vc+ MfIWv9fUMOg3Zu5dMz0WaV3I5YFvntEm4PWbvMmkXi+Hhh9DNx8GkETEs w==; X-CSE-ConnectionGUID: BBALKv7HTOe+G7j5gEjugA== X-CSE-MsgGUID: Nbp4fyjdSviAx/Shb8zmnw== X-IronPort-AV: E=McAfee;i="6700,10204,11205"; a="36908043" X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="36908043" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:52 -0700 X-CSE-ConnectionGUID: lIDJBlAYTZm0OwxbQXV2XQ== X-CSE-MsgGUID: 0TdwgHPBQ1OuLqRzui+wmg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="102384766" Received: from laijusti-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.17.198]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:51 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 1/6] x86/bugs: Create single parameter for VERW based mitigations Date: Tue, 24 Sep 2024 15:31:35 -0700 Message-Id: <20240924223140.1054918-2-daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> References: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" There are currently 4 mitigations that use VERW to flush different cpu buffers. This can cause confusion when trying to disable all the different VERW mitigations. Simplify enabling/disabling these mitigations by creating a single parameter for controlling them. Future work will focus on combining similar code used in selecting these mitigations to further simplify. Signed-off-by: Daniel Sneddon --- .../admin-guide/kernel-parameters.txt | 16 +++++++++ arch/x86/kernel/cpu/bugs.c | 34 +++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio= n/admin-guide/kernel-parameters.txt index 09126bb8cc9f..66b567c4dce5 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -628,6 +628,21 @@ cio_ignore=3D [S390] See Documentation/arch/s390/common_io.rst for details. =20 + clear_cpu_buffers=3D + [X86] + Controls the mitigations that use + X86_FEATURE_CLEAR_CPU_BUF, namely + Micro-architectrual Data Sampling (MDS) + MMIO Stale Data + TSX Async Abort (TAA) + Register File Data Sampling (RFDS) + + The options are: + on - Enable cpu buffer clearing + on,nosmt - Enable cpu buffer clearing and disable + SMT + off - Disables cpu buffer clearing + clearcpuid=3DX[,X...] [X86] Disable CPUID feature X for the kernel. See arch/x86/include/asm/cpufeatures.h for the valid bit @@ -3461,6 +3476,7 @@ improves system performance, but it may also expose users to several CPU vulnerabilities. Equivalent to: if nokaslr then kpti=3D0 [ARM64] + clear_cpu_buffers=3Doff [X86] gather_data_sampling=3Doff [X86] kvm.nx_huge_pages=3Doff [X86] l1tf=3Doff [X86] diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 45675da354f3..b3c9e1eede12 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -531,6 +531,40 @@ early_param("reg_file_data_sampling", rfds_parse_cmdli= ne); #undef pr_fmt #define pr_fmt(fmt) "" fmt =20 +static int __init clear_cpu_buffers_cmdline(char *str) +{ + if (!str) + return -EINVAL; + + if (!boot_cpu_has_bug(X86_BUG_MDS) && + !boot_cpu_has_bug(X86_BUG_TAA) && + !boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) && + !boot_cpu_has_bug(X86_BUG_RFDS)) + return 0; + + if (!strcmp(str, "off")) { + mds_mitigation =3D MDS_MITIGATION_OFF; + taa_mitigation =3D TAA_MITIGATION_OFF; + mmio_mitigation =3D MMIO_MITIGATION_OFF; + rfds_mitigation =3D RFDS_MITIGATION_OFF; + } else if (!strcmp(str, "on")) { + mds_mitigation =3D MDS_MITIGATION_FULL; + taa_mitigation =3D TAA_MITIGATION_VERW; + mmio_mitigation =3D MMIO_MITIGATION_VERW; + rfds_mitigation =3D RFDS_MITIGATION_VERW; + } else if (!strcmp(str, "on,nosmt")) { + mds_mitigation =3D MDS_MITIGATION_FULL; + taa_mitigation =3D TAA_MITIGATION_VERW; + mmio_mitigation =3D MMIO_MITIGATION_VERW; + rfds_mitigation =3D RFDS_MITIGATION_VERW; + mds_nosmt =3D true; + taa_nosmt =3D true; + mmio_nosmt =3D true; + } + return 0; +} +early_param("clear_cpu_buffers", clear_cpu_buffers_cmdline); + static void __init md_clear_update_mitigation(void) { if (cpu_mitigations_off()) --=20 2.25.1 From nobody Fri Nov 29 03:46:38 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CF338146019; Tue, 24 Sep 2024 22:32:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217128; cv=none; b=nlNMXDxFs8UkLn/z/NlTlwp9IhLr3834+ndHFxIRcxGh2XA4LLY88NHo5duSw6b+AxaexkAymZEohg37kRfCxtk+mQB0LlDOWOQ5POT6qn1jbJJ7ViEZRsObkJvjGq2gtGANlsANtDQGi7svWueQO3wWmQlaQBMQWdnx7ge1KU4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217128; c=relaxed/simple; bh=JHP0kucEu5cNf6IEZdyNVnwiW4oeLVhE0jcwDKFRP2g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=YXDIfoXAt6DVBqAD8GZb30YaKuEMRXOeKpWPcNEfG0lpQT2UgqutRLQNhrLcjAQVMV/CiQ6fQnNcupufuwC47gFmR1z2K+5Pr4hYY9hl+ycFuLy5ZCADUexlh8mOWNEKS3XKFouafK+3GNAufeY7fyfUV/9zh8M6Ujv9Ms8Wmsg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=C39WWmGg; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="C39WWmGg" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1727217127; x=1758753127; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=JHP0kucEu5cNf6IEZdyNVnwiW4oeLVhE0jcwDKFRP2g=; b=C39WWmGgrLBDQfDO86yvaq69TCdxY9DqS3NCdVYheKSZP6N3HWPm0Wga hdta2jDfROH/LRUC+LcC34JNXgzxwG6i3oEKvoKKj0RqUOol+ZE54UmnJ YL3j52lUv6WycNAsjJC+5PWL0+cpRH+GiJ0CtKfURnsEtUwvwGxQPZ2IX CnYxdIbhxhkOwxELlit4xWQEEL4ILhO0DEFdmNdmLZtwcPhSFWKxH3mB6 4qzHP9dSvsvgDnnOE1bOU8HSPXEJkfnBaRVXDgxqdo5oDjwDKZ7RKhOUq PzfYiKrWaNE8zk31g3+RD/g/Qb/Ymv9LaXa19r9bh2RFmOW+AHZjOGlDB Q==; X-CSE-ConnectionGUID: swIGsEUwQ5+mAS+BvieOtg== X-CSE-MsgGUID: aIVcd1IXQf6CVP8kx+XKyQ== X-IronPort-AV: E=McAfee;i="6700,10204,11205"; a="36908054" X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="36908054" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:54 -0700 X-CSE-ConnectionGUID: YWmSlBm4T3+2j1quPKRsHg== X-CSE-MsgGUID: dx6f5LTfSGeRmGXbU44K1w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="102384786" Received: from laijusti-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.17.198]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:52 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 2/6] x86/bugs: Remove MDS command line Date: Tue, 24 Sep 2024 15:31:36 -0700 Message-Id: <20240924223140.1054918-3-daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> References: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove MDS command line option since it can be set using the common clar_cpu_buffers parameter. Signed-off-by: Daniel Sneddon --- .../admin-guide/kernel-parameters.txt | 32 ------------------- arch/x86/kernel/cpu/bugs.c | 21 ------------ 2 files changed, 53 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio= n/admin-guide/kernel-parameters.txt index 66b567c4dce5..2753a1e51da5 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -3231,38 +3231,6 @@ Format: , Specifies range of consoles to be captured by the MDA. =20 - mds=3D [X86,INTEL,EARLY] - Control mitigation for the Micro-architectural Data - Sampling (MDS) vulnerability. - - Certain CPUs are vulnerable to an exploit against CPU - internal buffers which can forward information to a - disclosure gadget under certain conditions. - - In vulnerable processors, the speculatively - forwarded data can be used in a cache side channel - attack, to access data to which the attacker does - not have direct access. - - This parameter controls the MDS mitigation. The - options are: - - full - Enable MDS mitigation on vulnerable CPUs - full,nosmt - Enable MDS mitigation and disable - SMT on vulnerable CPUs - off - Unconditionally disable MDS mitigation - - On TAA-affected machines, mds=3Doff can be prevented by - an active TAA mitigation as both vulnerabilities are - mitigated with the same mechanism so in order to disable - this mitigation, you need to specify tsx_async_abort=3Doff - too. - - Not specifying this option is equivalent to - mds=3Dfull. - - For details see: Documentation/admin-guide/hw-vuln/mds.rst - mem=3Dnn[KMG] [HEXAGON,EARLY] Set the memory size. Must be specified, otherwise memory size will be 0. =20 diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b3c9e1eede12..ed5524bc3ee4 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -261,27 +261,6 @@ static void __init mds_select_mitigation(void) } } =20 -static int __init mds_cmdline(char *str) -{ - if (!boot_cpu_has_bug(X86_BUG_MDS)) - return 0; - - if (!str) - return -EINVAL; - - if (!strcmp(str, "off")) - mds_mitigation =3D MDS_MITIGATION_OFF; - else if (!strcmp(str, "full")) - mds_mitigation =3D MDS_MITIGATION_FULL; - else if (!strcmp(str, "full,nosmt")) { - mds_mitigation =3D MDS_MITIGATION_FULL; - mds_nosmt =3D true; - } - - return 0; -} -early_param("mds", mds_cmdline); - #undef pr_fmt #define pr_fmt(fmt) "TAA: " fmt =20 --=20 2.25.1 From nobody Fri Nov 29 03:46:38 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4B0D2149E1A; Tue, 24 Sep 2024 22:32:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217128; cv=none; b=UF9Y9U1mgb50sM7u/b1gbc5qHWOlaEyF7+yS74LOwYbWNHcXQkmSir4vxrx+sVHJNlL44gkePWuspQRs9R7ScWdcWatNvcQ8vvmURR+6kJ0qkRFjOGttSpG79JlA8/bFQk75C+1wzMBGf20CKF1uli4F6RCe6GLkc8jkYaAEajY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217128; c=relaxed/simple; bh=c8oaYASoDJzy6qjAvJLp2ZNenSC2MJuCiZfOeEAKnek=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=NgHsEiVx8KRx2Ul1dBCwhFQ2IwyaSfNBx8zBRsH/jQCvmu5Wl0zP5qcDFI4iIRIUY5rRsHpZemiVu65HQM+ymYd9rc4tBo8YtAV5xFLldPsORS1ud0kpPkZjlXym71GGsxoDsY8eCY3LqX79w83PEsDH1igjtd2iHY9J8dGrUUU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=ZzaQOQJd; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="ZzaQOQJd" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1727217127; x=1758753127; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=c8oaYASoDJzy6qjAvJLp2ZNenSC2MJuCiZfOeEAKnek=; b=ZzaQOQJdtm6HZepevIhzOu6arUQoV6cIOsFLQdF+QfOA2t4H8817fxFJ ////y6gXkiJ4vJlYYGLAn3Iu8J4OwVjoWE3xwHSxI0tugl6as5LFOdk2n Ff//npoynIypuzfaICOjoHusUZyuou0XQ+7pFoZjZ9k/Z1RgdIDZwBgs/ ClzkN6xJ0CWaeREGt761GNqegbh03pLXd6BVmqKQnEqoTarrdYp9CrYPp aarBsOLjAUVxWN0AeaPmig2AITE4mKtMqv7/1S4eZQy8265yYo9gy4n2L FVVaS+1pZ0rWl7wXymGEBEZ3Hs/lWtZ8lHIfslATHjSmJX5isCaxdsZt+ A==; X-CSE-ConnectionGUID: EOPmgwBSTBKXGi16Agu1wg== X-CSE-MsgGUID: yNpRgA0ZTciKd1w0SFlbsA== X-IronPort-AV: E=McAfee;i="6700,10204,11205"; a="36908068" X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="36908068" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:55 -0700 X-CSE-ConnectionGUID: yr/7VWW1S5CeuNIW6wKP0Q== X-CSE-MsgGUID: 1JD9WR8zRpWlCe1+qoQWiw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="102384800" Received: from laijusti-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.17.198]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:54 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 3/6] x86/bugs: Remove TAA kernel parameter. Date: Tue, 24 Sep 2024 15:31:37 -0700 Message-Id: <20240924223140.1054918-4-daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> References: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove tsx_async_abort kernel parameter since it can be set with the common clar_cpu_buffers parameter. Signed-off-by: Daniel Sneddon --- .../admin-guide/kernel-parameters.txt | 41 ------------------- arch/x86/kernel/cpu/bugs.c | 21 ---------- 2 files changed, 62 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio= n/admin-guide/kernel-parameters.txt index 2753a1e51da5..961e637b8126 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -6883,47 +6883,6 @@ See Documentation/admin-guide/hw-vuln/tsx_async_abort.rst for more details. =20 - tsx_async_abort=3D [X86,INTEL,EARLY] Control mitigation for the TSX Async - Abort (TAA) vulnerability. - - Similar to Micro-architectural Data Sampling (MDS) - certain CPUs that support Transactional - Synchronization Extensions (TSX) are vulnerable to an - exploit against CPU internal buffers which can forward - information to a disclosure gadget under certain - conditions. - - In vulnerable processors, the speculatively forwarded - data can be used in a cache side channel attack, to - access data to which the attacker does not have direct - access. - - This parameter controls the TAA mitigation. The - options are: - - full - Enable TAA mitigation on vulnerable CPUs - if TSX is enabled. - - full,nosmt - Enable TAA mitigation and disable SMT on - vulnerable CPUs. If TSX is disabled, SMT - is not disabled because CPU is not - vulnerable to cross-thread TAA attacks. - off - Unconditionally disable TAA mitigation - - On MDS-affected machines, tsx_async_abort=3Doff can be - prevented by an active MDS mitigation as both vulnerabilities - are mitigated with the same mechanism so in order to disable - this mitigation, you need to specify mds=3Doff too. - - Not specifying this option is equivalent to - tsx_async_abort=3Dfull. On CPUs which are MDS affected - and deploy MDS mitigation, TAA mitigation is not - required and doesn't provide any additional - mitigation. - - For details see: - Documentation/admin-guide/hw-vuln/tsx_async_abort.rst - turbografx.map[2|3]=3D [HW,JOY] TurboGraFX parallel port interface Format: diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index ed5524bc3ee4..0a09f0d1a343 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -339,27 +339,6 @@ static void __init taa_select_mitigation(void) cpu_smt_disable(false); } =20 -static int __init tsx_async_abort_parse_cmdline(char *str) -{ - if (!boot_cpu_has_bug(X86_BUG_TAA)) - return 0; - - if (!str) - return -EINVAL; - - if (!strcmp(str, "off")) { - taa_mitigation =3D TAA_MITIGATION_OFF; - } else if (!strcmp(str, "full")) { - taa_mitigation =3D TAA_MITIGATION_VERW; - } else if (!strcmp(str, "full,nosmt")) { - taa_mitigation =3D TAA_MITIGATION_VERW; - taa_nosmt =3D true; - } - - return 0; -} -early_param("tsx_async_abort", tsx_async_abort_parse_cmdline); - #undef pr_fmt #define pr_fmt(fmt) "MMIO Stale Data: " fmt =20 --=20 2.25.1 From nobody Fri Nov 29 03:46:38 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD59E1A7AED; Tue, 24 Sep 2024 22:32:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217129; cv=none; b=Pw1f8SuxKTgARQF5QfiGgY2gGP42J02iQNqO/1c42hXWbKoS+xjxUrHKABGV5pG7m6ya264QqTQZKXRXFfftiTQHqXn7RWyk2YXoQxNrXKV3RqS86lynCEmOJR5BdqGRsi9DVwAApBB6Ik3FIa4wk/VOMxbzqDfU9MEUVtOavAM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217129; c=relaxed/simple; bh=U1C9syef2RALEQr4FL1orPy5enhFgsQ2BjicAItgZ5I=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=LNTKPEgqvMJjuTHeh19p6NS1/doce1H8JKIZABZ24FoIJisH9dfaefC7QqP4OIbMBLld193SufexMktlJmt10kAn5gy6AQ64RluSbLAFcQvVbVoYhEkl2wQQPbpqAZjLOm1eEe6uVuqNO+EwUZnK68rktPg2HM8VRkoTQs0vo/k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=PR7pBKUe; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="PR7pBKUe" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1727217128; x=1758753128; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=U1C9syef2RALEQr4FL1orPy5enhFgsQ2BjicAItgZ5I=; b=PR7pBKUepqA93S/lj6puLas/0HJVTvlaC5SmP1Fo/EQ1YRaRDboYJifH ErW/D80t+gfSqu9mM93iJrWuvKLFilPV4f0OcZk6bKi8w0VCJ+liY8kpi YfumWiGX73mUhEY/kdS69AZjZO+obksgHswL8NbkZ7SILVp9hY8IIqUNF hSIJayY8HhCrvKlbHqb0PCQwY/FN0XbMuFqZK9KGiQm+Bij+ZwTCKo+C0 Dbk2lQ+F9ELzMJ0jtX2AuiOEtN2KczLMqUML4IqVbt4CeohKCeroJjHD5 48yJmUChSiCYmExYFFHwg22k11wFcBdvnoozgaWC2VXcWfmVtWsMVJRDQ Q==; X-CSE-ConnectionGUID: kbHCKfXYRAqJ7vNdHdAH0A== X-CSE-MsgGUID: KRNq2uWTRombsIgbTHta1w== X-IronPort-AV: E=McAfee;i="6700,10204,11205"; a="36908078" X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="36908078" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:57 -0700 X-CSE-ConnectionGUID: YMxg0qk+TKeklxwfEhmOnQ== X-CSE-MsgGUID: KbaWO2OrT3aozj9ChF9pEw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="102384822" Received: from laijusti-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.17.198]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:55 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 4/6] x86/bugs: Remove MMIO kernel parameter Date: Tue, 24 Sep 2024 15:31:38 -0700 Message-Id: <20240924223140.1054918-5-daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> References: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove mmio_stale_data kernel parameter since it can be set with the common clear_cpu_buffers parameter. Signed-off-by: Daniel Sneddon --- .../admin-guide/kernel-parameters.txt | 34 ------------------- arch/x86/kernel/cpu/bugs.c | 21 ------------ 2 files changed, 55 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio= n/admin-guide/kernel-parameters.txt index 961e637b8126..7afccd044fb8 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -3498,40 +3498,6 @@ log everything. Information is printed at KERN_DEBUG so loglevel=3D8 may also need to be specified. =20 - mmio_stale_data=3D - [X86,INTEL,EARLY] Control mitigation for the Processor - MMIO Stale Data vulnerabilities. - - Processor MMIO Stale Data is a class of - vulnerabilities that may expose data after an MMIO - operation. Exposed data could originate or end in - the same CPU buffers as affected by MDS and TAA. - Therefore, similar to MDS and TAA, the mitigation - is to clear the affected CPU buffers. - - This parameter controls the mitigation. The - options are: - - full - Enable mitigation on vulnerable CPUs - - full,nosmt - Enable mitigation and disable SMT on - vulnerable CPUs. - - off - Unconditionally disable mitigation - - On MDS or TAA affected machines, - mmio_stale_data=3Doff can be prevented by an active - MDS or TAA mitigation as these vulnerabilities are - mitigated with the same mechanism so in order to - disable this mitigation, you need to specify - mds=3Doff and tsx_async_abort=3Doff too. - - Not specifying this option is equivalent to - mmio_stale_data=3Dfull. - - For details see: - Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst - .async_probe[=3D] [KNL] If no value is specified or if the value specified is not a valid , enable asynchronous diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0a09f0d1a343..63a8cda2fe30 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -414,27 +414,6 @@ static void __init mmio_select_mitigation(void) cpu_smt_disable(false); } =20 -static int __init mmio_stale_data_parse_cmdline(char *str) -{ - if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) - return 0; - - if (!str) - return -EINVAL; - - if (!strcmp(str, "off")) { - mmio_mitigation =3D MMIO_MITIGATION_OFF; - } else if (!strcmp(str, "full")) { - mmio_mitigation =3D MMIO_MITIGATION_VERW; - } else if (!strcmp(str, "full,nosmt")) { - mmio_mitigation =3D MMIO_MITIGATION_VERW; - mmio_nosmt =3D true; - } - - return 0; -} -early_param("mmio_stale_data", mmio_stale_data_parse_cmdline); - #undef pr_fmt #define pr_fmt(fmt) "Register File Data Sampling: " fmt =20 --=20 2.25.1 From nobody Fri Nov 29 03:46:38 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 896CE1AB6DB; Tue, 24 Sep 2024 22:32:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217130; cv=none; b=hEJ7VoB5ACDPb5lBTD8OndQpgn8NGjcuGLXLIv7KkTXFLJou9YhEWXC+PD6A7uCYu8bNQLK5ay8o2SBcsXWdYQnLYzUlebmJmyA7CAmwbSDkYSxdtO7fTECv4dGF40Z6OdWeZAZ0XYSiQ7CpZd50qfNxA1ONOXW3yQ9vYjiFvzY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217130; c=relaxed/simple; bh=MQ8eLb3mjCLab/2JRQu0j8MUTp2HmvQ8MTXtmcdxz7s=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=UlRmantoSInixiee5yj80uk7EuSfkGeyHK5jk2CUB+y1QfGXEwIY91xT6BxmbPxL2VBE6tCzluqwC8nmx4UmRJbKl200Hsz+U4eF3T6FuhW3SyuYAlzad9+oHoMsr9nRPbsRP5Uif8c27Rd/DyxKco+icbqGos7yE0y7VVrmL/Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=QYrUoOsw; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="QYrUoOsw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1727217129; x=1758753129; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MQ8eLb3mjCLab/2JRQu0j8MUTp2HmvQ8MTXtmcdxz7s=; b=QYrUoOsw7vmHbycwxU23962HAoeBXjQYmIexAwz3AaNzp5s7LIa8H2HP NOm2Mf2OJqvFSsccqncMIvVs1wUt2r8Z2hXG73NeYfXVahqegF80aFJj7 dZyGRN87T6AbuERtnx+oUreFDieN7XCuvbufYucgXCYnWgijwaLljnwif Jk343uLIyR67t/gMquDBEvPEzPZgCX+HA5pzt58wFXMvTw2oZRw/QyQvh yA66Mby0wl/MMgIT53XO4pfKzMEUPOWTW9T+LdDSO6CTtZKIyJtuo0uK4 c8K2SwW0EertVwhgFSdNQJbFMAWa28DxPFF5rC2rJC+9JxzHVQa6rGEue w==; X-CSE-ConnectionGUID: l74yUbgGT0OkQBW7Dn9XGQ== X-CSE-MsgGUID: V5ab0z+zRy2n9l+7WFmsMQ== X-IronPort-AV: E=McAfee;i="6700,10204,11205"; a="36908090" X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="36908090" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:58 -0700 X-CSE-ConnectionGUID: dFOzG2GlSdio8jrdbUf3Uw== X-CSE-MsgGUID: XrhWGbaxSA67HLLZsCURQw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="102384845" Received: from laijusti-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.17.198]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:57 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 5/6] x86/bugs: Remove RFDS kernel parameter. Date: Tue, 24 Sep 2024 15:31:39 -0700 Message-Id: <20240924223140.1054918-6-daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> References: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove the reg_file_data_sampling kernel parameter since it can be set using the common clear_cpu_buffers parameter. Signed-off-by: Daniel Sneddon --- .../admin-guide/kernel-parameters.txt | 20 ------------------- arch/x86/kernel/cpu/bugs.c | 17 ---------------- 2 files changed, 37 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio= n/admin-guide/kernel-parameters.txt index 7afccd044fb8..2728fef51749 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -1182,26 +1182,6 @@ The filter can be disabled or changed to another driver later using sysfs. =20 - reg_file_data_sampling=3D - [X86] Controls mitigation for Register File Data - Sampling (RFDS) vulnerability. RFDS is a CPU - vulnerability which may allow userspace to infer - kernel data values previously stored in floating point - registers, vector registers, or integer registers. - RFDS only affects Intel Atom processors. - - on: Turns ON the mitigation. - off: Turns OFF the mitigation. - - This parameter overrides the compile time default set - by CONFIG_MITIGATION_RFDS. Mitigation cannot be - disabled when other VERW based mitigations (like MDS) - are enabled. In order to disable RFDS mitigation all - VERW based mitigations need to be disabled. - - For details see: - Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst - driver_async_probe=3D [KNL] List of driver names to be probed asynchronously. * matches with all driver names. If * is specified, the diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 63a8cda2fe30..45411880481c 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -448,23 +448,6 @@ static void __init rfds_select_mitigation(void) rfds_mitigation =3D RFDS_MITIGATION_UCODE_NEEDED; } =20 -static __init int rfds_parse_cmdline(char *str) -{ - if (!str) - return -EINVAL; - - if (!boot_cpu_has_bug(X86_BUG_RFDS)) - return 0; - - if (!strcmp(str, "off")) - rfds_mitigation =3D RFDS_MITIGATION_OFF; - else if (!strcmp(str, "on")) - rfds_mitigation =3D RFDS_MITIGATION_VERW; - - return 0; -} -early_param("reg_file_data_sampling", rfds_parse_cmdline); - #undef pr_fmt #define pr_fmt(fmt) "" fmt =20 --=20 2.25.1 From nobody Fri Nov 29 03:46:38 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1601084A2C; Tue, 24 Sep 2024 22:32:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217130; cv=none; b=WaN/a6QRTy44HpzMT64GcfQfvqUewXjzLIlXX1/q+eBGE3kcWytWqiwKgJJSmPjlsiKsNWRMI1qjsiyPF/PB1m+pQkA6sv6RlnSTpvEE8IYB3E6nRkFdNWAUr3Iy91HUKSG54wnJPW6NP/NhgyPM/5+LRNSEvQ7+skzjbsNO8do= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727217130; c=relaxed/simple; bh=v2/J5ptPpvS9K3Oo6tUvptEqsFQ42UvwBeVLEGwbh/Y=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=u4D3KtSPWf7UA7YNdO3/Z6PBwy8Mnq8Vgrm0x9ZHewreDCkfPn8xuNtXqel22VhkPFEhyOAjKaHya88dru8JoFChixk9WV3YVTr2c+WQoCZxxIzFeYLoFLumtFG33CEISp99gLO7sVnXyDxotHmsgkMCCXDumsqG8jVUCi66oyc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=VQmAHEfk; arc=none smtp.client-ip=192.198.163.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="VQmAHEfk" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1727217129; x=1758753129; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=v2/J5ptPpvS9K3Oo6tUvptEqsFQ42UvwBeVLEGwbh/Y=; b=VQmAHEfkpNPTl8XaaJVuhFKsJWUsEV5H4ORRKxjgWIqZCM28JGN7AaKb o8XUlUQ4Z8r7hQlH1MV1xDZ0ZxQ+P5hB/afaiQ9pY4D6re/SCmE2sby2t GRltORpi5IoEwrMO4OHLsVARQ1cpXjpqpsYyA+RnMSFScuX4q2NHkL+6v map6UCHo3RZkdPuKOVc+4QDXsRb3NFTtgVXJM1LGaASxYlCndiQEP50Z3 fORtuZ9nyq9Ijh13UaPrso32o+uqb4M87vdkiGc7giPKPQNzQS4aulgow zdroeSfSLDyQMceUHsegsBcFWZTyPEpC13mS0vL1Y1q0uqJfNVpBaU32L A==; X-CSE-ConnectionGUID: vimuY2HcSKutEg/x9hQ/Rg== X-CSE-MsgGUID: TFxf1zcYQEmUSOm1ppaUkQ== X-IronPort-AV: E=McAfee;i="6700,10204,11205"; a="36908099" X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="36908099" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:32:00 -0700 X-CSE-ConnectionGUID: GAGHdPveQbiJEuWn7PZVLQ== X-CSE-MsgGUID: XsFlc0n4QXGy0/c4sCM1Fg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.10,255,1719903600"; d="scan'208";a="102384854" Received: from laijusti-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.17.198]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2024 15:31:58 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 6/6] x86/bugs: Clean-up verw mitigations Date: Tue, 24 Sep 2024 15:31:40 -0700 Message-Id: <20240924223140.1054918-7-daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> References: <20240924223140.1054918-1-daniel.sneddon@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The current md_clear routines duplicate a lot of code, and have to be called twice because if one of the mitigations gets enabled they all get enabled since it's the same instruction. This approach leads to code duplication and extra complexity. The only piece that really changes between the first call of *_select_mitigation() and the second is X86_FEATURE_CLEAR_CPU_BUF being set. Determine if this feature should be set prior to calling the _select_mitigation() routines. This not only means those functions only get called once, but it also simplifies them as well. Signed-off-by: Daniel Sneddon Reviewed-by: Nikolay Borisov --- arch/x86/kernel/cpu/bugs.c | 191 +++++++++++++++---------------------- 1 file changed, 77 insertions(+), 114 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 45411880481c..412855391184 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -41,7 +41,6 @@ static void __init spectre_v2_user_select_mitigation(void= ); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); -static void __init md_clear_update_mitigation(void); static void __init md_clear_select_mitigation(void); static void __init taa_select_mitigation(void); static void __init mmio_select_mitigation(void); @@ -244,21 +243,9 @@ static const char * const mds_strings[] =3D { =20 static void __init mds_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) { - mds_mitigation =3D MDS_MITIGATION_OFF; - return; - } - - if (mds_mitigation =3D=3D MDS_MITIGATION_FULL) { - if (!boot_cpu_has(X86_FEATURE_MD_CLEAR)) - mds_mitigation =3D MDS_MITIGATION_VMWERV; - - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - - if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) && - (mds_nosmt || cpu_mitigations_auto_nosmt())) - cpu_smt_disable(false); - } + if (mds_mitigation =3D=3D MDS_MITIGATION_FULL && + !boot_cpu_has(X86_FEATURE_MD_CLEAR)) + mds_mitigation =3D MDS_MITIGATION_VMWERV; } =20 #undef pr_fmt @@ -284,35 +271,17 @@ static const char * const taa_strings[] =3D { =20 static void __init taa_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_TAA)) { - taa_mitigation =3D TAA_MITIGATION_OFF; - return; - } - /* TSX previously disabled by tsx=3Doff */ if (!boot_cpu_has(X86_FEATURE_RTM)) { taa_mitigation =3D TAA_MITIGATION_TSX_DISABLED; return; } =20 - if (cpu_mitigations_off()) { - taa_mitigation =3D TAA_MITIGATION_OFF; + if (!boot_cpu_has(X86_FEATURE_MD_CLEAR)) { + taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; return; } =20 - /* - * TAA mitigation via VERW is turned off if both - * tsx_async_abort=3Doff and mds=3Doff are specified. - */ - if (taa_mitigation =3D=3D TAA_MITIGATION_OFF && - mds_mitigation =3D=3D MDS_MITIGATION_OFF) - return; - - if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) - taa_mitigation =3D TAA_MITIGATION_VERW; - else - taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; - /* * VERW doesn't clear the CPU buffers when MD_CLEAR=3D1 and MDS_NO=3D1. * A microcode update fixes this behavior to clear CPU buffers. It also @@ -325,18 +294,6 @@ static void __init taa_select_mitigation(void) if ( (x86_arch_cap_msr & ARCH_CAP_MDS_NO) && !(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR)) taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; - - /* - * TSX is enabled, select alternate mitigation for TAA which is - * the same as MDS. Enable MDS static branch to clear CPU buffers. - * - * For guests that can't determine whether the correct microcode is - * present on host, enable the mitigation for UCODE_NEEDED as well. - */ - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - - if (taa_nosmt || cpu_mitigations_auto_nosmt()) - cpu_smt_disable(false); } =20 #undef pr_fmt @@ -360,24 +317,6 @@ static const char * const mmio_strings[] =3D { =20 static void __init mmio_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) || - boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN) || - cpu_mitigations_off()) { - mmio_mitigation =3D MMIO_MITIGATION_OFF; - return; - } - - if (mmio_mitigation =3D=3D MMIO_MITIGATION_OFF) - return; - - /* - * Enable CPU buffer clear mitigation for host and VMM, if also affected - * by MDS or TAA. Otherwise, enable mitigation for VMM only. - */ - if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) && - boot_cpu_has(X86_FEATURE_RTM))) - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - /* * X86_FEATURE_CLEAR_CPU_BUF could be enabled by other VERW based * mitigations, disable KVM-only mitigation in that case. @@ -409,9 +348,6 @@ static void __init mmio_select_mitigation(void) mmio_mitigation =3D MMIO_MITIGATION_VERW; else mmio_mitigation =3D MMIO_MITIGATION_UCODE_NEEDED; - - if (mmio_nosmt || cpu_mitigations_auto_nosmt()) - cpu_smt_disable(false); } =20 #undef pr_fmt @@ -435,16 +371,7 @@ static const char * const rfds_strings[] =3D { =20 static void __init rfds_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_RFDS) || cpu_mitigations_off()) { - rfds_mitigation =3D RFDS_MITIGATION_OFF; - return; - } - if (rfds_mitigation =3D=3D RFDS_MITIGATION_OFF) - return; - - if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR) - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - else + if (!(x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)) rfds_mitigation =3D RFDS_MITIGATION_UCODE_NEEDED; } =20 @@ -485,41 +412,92 @@ static int __init clear_cpu_buffers_cmdline(char *str) } early_param("clear_cpu_buffers", clear_cpu_buffers_cmdline); =20 -static void __init md_clear_update_mitigation(void) +static bool __init cpu_bug_needs_verw(void) { - if (cpu_mitigations_off()) - return; + return boot_cpu_has_bug(X86_BUG_MDS) || + boot_cpu_has_bug(X86_BUG_TAA) || + boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) || + boot_cpu_has_bug(X86_BUG_RFDS); +} =20 - if (!boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF)) - goto out; +static bool __init verw_mitigations_disabled(void) +{ + /* + * TODO: Create a single mitigation variable that will allow for setting + * the location of the mitigation, i.e.: + * + * kernel->user + * kvm->guest + * kvm->guest if device passthrough + * kernel->idle + */ + return (mds_mitigation =3D=3D MDS_MITIGATION_OFF && + taa_mitigation =3D=3D TAA_MITIGATION_OFF && + mmio_mitigation =3D=3D MMIO_MITIGATION_OFF && + rfds_mitigation =3D=3D RFDS_MITIGATION_OFF); +} =20 +static void __init md_clear_select_mitigation(void) +{ /* - * X86_FEATURE_CLEAR_CPU_BUF is now enabled. Update MDS, TAA and MMIO - * Stale Data mitigation, if necessary. + * If no CPU bug needs VERW, all VERW mitigations are disabled, or all + * mitigations are disabled we bail. */ - if (mds_mitigation =3D=3D MDS_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_MDS)) { + if (!cpu_bug_needs_verw() || verw_mitigations_disabled() || + cpu_mitigations_off()) { + mds_mitigation =3D MDS_MITIGATION_OFF; + taa_mitigation =3D TAA_MITIGATION_OFF; + mmio_mitigation =3D MMIO_MITIGATION_OFF; + rfds_mitigation =3D RFDS_MITIGATION_OFF; + goto out; + } + + /* Check that at least one mitigation is using the verw mitigaiton. + * If the cpu doesn't have the correct ucode or if the BUG_* is mitigated + * by disabling a feature we won't want to use verw. Ignore MMIO + * for now since it depends on what the others choose. + */ + + if (boot_cpu_has_bug(X86_BUG_MDS)) { mds_mitigation =3D MDS_MITIGATION_FULL; mds_select_mitigation(); + } else { + mds_mitigation =3D MDS_MITIGATION_OFF; } - if (taa_mitigation =3D=3D TAA_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_TAA)) { + if (boot_cpu_has_bug(X86_BUG_TAA)) { taa_mitigation =3D TAA_MITIGATION_VERW; taa_select_mitigation(); + } else { + taa_mitigation =3D TAA_MITIGATION_OFF; } - /* - * MMIO_MITIGATION_OFF is not checked here so that mmio_stale_data_clear - * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state. - */ + if (boot_cpu_has_bug(X86_BUG_RFDS)) { + rfds_mitigation =3D RFDS_MITIGATION_VERW; + rfds_select_mitigation(); + } else { + rfds_mitigation =3D RFDS_MITIGATION_OFF; + } + + if (mds_mitigation =3D=3D MDS_MITIGATION_FULL || + taa_mitigation =3D=3D TAA_MITIGATION_VERW || + rfds_mitigation =3D=3D RFDS_MITIGATION_VERW) + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + + /* Now handle MMIO since it may not use X86_FEATURE_CLEAR_CPU_BUF */ if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { mmio_mitigation =3D MMIO_MITIGATION_VERW; mmio_select_mitigation(); + } else { + mmio_mitigation =3D MMIO_MITIGATION_OFF; } - if (rfds_mitigation =3D=3D RFDS_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_RFDS)) { - rfds_mitigation =3D RFDS_MITIGATION_VERW; - rfds_select_mitigation(); - } + + /* handle nosmt */ + if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) && + (mds_nosmt || cpu_mitigations_auto_nosmt())) + cpu_smt_disable(false); + + if (taa_nosmt || mmio_nosmt || cpu_mitigations_auto_nosmt()) + cpu_smt_disable(false); + out: if (boot_cpu_has_bug(X86_BUG_MDS)) pr_info("MDS: %s\n", mds_strings[mds_mitigation]); @@ -533,21 +511,6 @@ static void __init md_clear_update_mitigation(void) pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigatio= n]); } =20 -static void __init md_clear_select_mitigation(void) -{ - mds_select_mitigation(); - taa_select_mitigation(); - mmio_select_mitigation(); - rfds_select_mitigation(); - - /* - * As these mitigations are inter-related and rely on VERW instruction - * to clear the microarchitural buffers, update and print their status - * after mitigation selection is done for each of these vulnerabilities. - */ - md_clear_update_mitigation(); -} - #undef pr_fmt #define pr_fmt(fmt) "SRBDS: " fmt =20 --=20 2.25.1