From nobody Fri Dec 19 19:04:54 2025
Received: from NAM12-DM6-obe.outbound.protection.outlook.com
 (mail-dm6nam12on2052.outbound.protection.outlook.com [40.107.243.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 16C29204F95
	for <linux-kernel@vger.kernel.org>; Wed,  8 Jan 2025 20:25:52 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.107.243.52
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1736367955; cv=fail;
 b=RW9fq8J8wzhlx4LLZtz527BaxVLpYz4iOH27xiiqdoOu8Xf2lUuJlAxZOrwFd0DU2U7FPMfHmSMm7/6yUHtS9RuFf8KeXHJ7jQdG9ttK6OeUK5K3tLq1G81eLAyw0Ak3FqR1S4fGkmp7a3VZBZazjFWTXS63gOWy6+UP/NP9W+0=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1736367955; c=relaxed/simple;
	bh=Z1y1kwVAC/T3RxwfKzJBbqgZay4p+VrbfWugV0PsQs4=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=aUyNsnc2QvAcceF2QG+YEryMdVBVpdzH4iZaC1Ccz++vfYQJ4ofYAcr95fX17QKg2ETh/toDWxnZTIi0dfAbH75bICocYJgrP5b5SxVs7e84XPoFXQqKox6+8gapId26ZL2GPQhGiZ8LlT/A5QhTy2XSYVJyi694pB6MmrK6ySM=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=wIXH48bj; arc=fail smtp.client-ip=40.107.243.52
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="wIXH48bj"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=iMN5qZ/BsqKRfuHROJ99uCU6elphNBolP6ZT7HUQnsFyi9gpM3kDsf9Lh5YsK/0Vq/iz9DUQrHEDxyioZ5lNcR6RwyCVJe6uFZYbkPjC1fuIRL0pNPN7J2BJWbRcX4fl/G94CnJjF/1pMOpZ9uZRkbOFqOJOgmuaR0lKOKibf4PZVYMOEpQRZ07lFoil65FnDnr+ATf0zNcFaqPC7OYpWclbfGAlrLVDzSw4E5SEwMFelbBNHGUhAI4kptDjY8W4pyThxIQn/3rvejFYEgV0eOM5XZRP6z+rY33B/6f1CliGULQ7ZaN7WaXdmtgp+STv0HaqsSzQLkt7o4J5ha3wUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=Ruk1Kgc5p3EaLxE0aWYGRLzA9MROECUsch8nldExLAs=;
 b=KvrGnEp9srwwfkcxgctms0NU/DD7pbWM/MC5wex/MqZRikNByBEdoKhj9eQINZn13XKF0mtQOBEAGBoYHksGRQD83fvd8qgAKtNshCKyicZUpABY5/Ght9z1hChPz/ruyB0sw0RJOoM/IVuV8YvpVOffy1YPOSsg04BXJYiLkfCcIr/LMx7LNusRy3L8WTamccQnxH3yG5EEDXdWrrpkFpg6va+q7cHXhbEaxV6QXUTdHz4o04v+XmRoO68c+pNvDjjlEqR5WEHeB6iA3TDEcsxOa6NnpGbhUXQee1di0B+pE4XffI4fkVLyQZ1Mk1qW29BhqVMXc1t2tJ/X1pooew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Ruk1Kgc5p3EaLxE0aWYGRLzA9MROECUsch8nldExLAs=;
 b=wIXH48bjrivu+6HZamZqwSxEUr5TnXJI3XDxxZwERojF6dGbCKNRQEYF6pM/ObHFIL72syze79s9Y3zEWeFfNkTf4qYOsCp9Pt9DLzYgm1n4QfBCr4LGR3+JbgdKSP6jNQ1uaoMYDeQJexxhivF9QPnvZEoVa2vnEPaSVfNqwjA=
Received: from BL0PR02CA0105.namprd02.prod.outlook.com (2603:10b6:208:51::46)
 by MN0PR12MB6341.namprd12.prod.outlook.com (2603:10b6:208:3c2::13) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8335.11; Wed, 8 Jan
 2025 20:25:49 +0000
Received: from DS3PEPF000099DB.namprd04.prod.outlook.com
 (2603:10b6:208:51:cafe::c6) by BL0PR02CA0105.outlook.office365.com
 (2603:10b6:208:51::46) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.8093.22 via Frontend Transport; Wed,
 8 Jan 2025 20:25:48 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
Received: from SATLEXMB04.amd.com (165.204.84.17) by
 DS3PEPF000099DB.mail.protection.outlook.com (10.167.17.197) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.8335.7 via Frontend Transport; Wed, 8 Jan 2025 20:25:48 +0000
Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com
 (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 8 Jan
 2025 14:25:47 -0600
From: David Kaplan <david.kaplan@amd.com>
To: Thomas Gleixner <tglx@linutronix.de>, Borislav Petkov <bp@alien8.de>,
	Peter Zijlstra <peterz@infradead.org>, Josh Poimboeuf <jpoimboe@kernel.org>,
	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>, Ingo Molnar
	<mingo@redhat.com>, Dave Hansen <dave.hansen@linux.intel.com>,
	<x86@kernel.org>, "H . Peter Anvin" <hpa@zytor.com>
CC: <linux-kernel@vger.kernel.org>
Subject: [PATCH v3 21/35] x86/bugs: Determine relevant vulnerabilities based
 on attack vector controls.
Date: Wed, 8 Jan 2025 14:25:01 -0600
Message-ID: <20250108202515.385902-22-david.kaplan@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250108202515.385902-1-david.kaplan@amd.com>
References: <20250108202515.385902-1-david.kaplan@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DS3PEPF000099DB:EE_|MN0PR12MB6341:EE_
X-MS-Office365-Filtering-Correlation-Id: ec72a1fa-f44e-4c2d-02a0-08dd3022a342
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|36860700013|82310400026|1800799024|376014|7416014;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?0gNu/hKuEx0M1S+FK0R+KNNNbvEIz7OMcpD0UIZZWBaT2M/G5IJZZYa98fH9?=
 =?us-ascii?Q?RWGHrIPO9QkHkRukIoOpGBopL5tyhR6BPEkikWT8qI9bV3U4GhobgaBZNEsB?=
 =?us-ascii?Q?fMfsxLkB9xOFMIlkC9q1F1NZEXaMCHdhZe14xrqc7LHXFqrkd78SWyy3xt2l?=
 =?us-ascii?Q?woMz805/SD9vRw6f6aoRhjAbmRzkkPWGgdfAxfkk4zKow2jyEaoqz1VLMh8G?=
 =?us-ascii?Q?H6lH4G8iZt1L7d3CYU5d7tEouOWs8Tgr2A02jtFsd2JVRd/MtaIHuU30ZW88?=
 =?us-ascii?Q?c2VMnNe/kP53QqnXmkMFQNLl7/i6ZWQtL87x67+PlPcm3lnRBJ7y2WAcZR1i?=
 =?us-ascii?Q?4DpL5LG1ZoLGpb6vIn1TrHtxYwi5ggyX19xco6FMGwtbWxku1sTHI7KYFlcx?=
 =?us-ascii?Q?8dCNhhOIppP+KeOdkhJLcogLNdOwI6HdBpqm9RCkHTYB7jPOlwk2pnpoJnoU?=
 =?us-ascii?Q?p0HuLn50+oNjst/8dUAZU/I5dpgGTx5l0iWjX5WXr2wyo7CwBQELjxo4uP4R?=
 =?us-ascii?Q?L5SqeJRLf2dGUG2Au/Hkh4xtJn+cdGrqJ5UwfqozLzpFuzdsE59wxU6Oyml9?=
 =?us-ascii?Q?SeJsaSIAHOPdDIoUBxLhS/a5adwfI/l0RZXKsTYw4+A0K/kc0THHh/24InWy?=
 =?us-ascii?Q?BLsbAIN34ejfs6oy+gs8CGCOR7PzT8dMi2314xxRX4+je4R9SUQEnl5/VuTj?=
 =?us-ascii?Q?f0k3rryciMzXSRum8OqrQfvI4tjG2R/ZyZnGbFirIDICHJMZZB5jemSFOr2G?=
 =?us-ascii?Q?FOs3nPZAoX5jcFtZsPRf6q5zVBSGhRFAe4kTlLNwGJw9g9Furl09MbL35hCg?=
 =?us-ascii?Q?Rz5yQUOj028tvExULsvzy/TnXx9M2PU+Ga5R1L2Fw857mmp7b/cXSSVWAJzn?=
 =?us-ascii?Q?bR+bl9UpJ9Af/mUj7XnUFpBqcNO0sktVMu+YcO7iFKdFeyR7Xili8AZpCupQ?=
 =?us-ascii?Q?/ea7m8S5tOMUMmaXjPa1odbSezM0+Pyr73BGOQp2/iFaLm+pGz8ca2b6Cwf2?=
 =?us-ascii?Q?riYzouWqgcDFT5XKtSiBg5RzvYCbASrPIg8uh2PDzKKu2OYpIkuNwt0AFwiZ?=
 =?us-ascii?Q?Lr3cUXP3cPRMZkUrggkbfCO5L7PiXnEUZmZd+pxZBWzSLFl+lTJssCYGkf+z?=
 =?us-ascii?Q?sNFAEuaC6ZayKGQWoZ0DemAcwznqkmw1NOx2LsD4H8gNrFRUetX3QTfQ4sLX?=
 =?us-ascii?Q?IgFmJOEeo9k9VnTlmnTSti8IKd9oWI8YRJOYvBzOL1XjDqvvW6WaVtM7p2Bu?=
 =?us-ascii?Q?mpyODuh+Lbc2wJdNa8FEfSWyzaurpGv6r5yVqTZNXd/tYRoKim66O2ielgB3?=
 =?us-ascii?Q?ZeIX9c1Rv5vlyF0JGm8WvzO3HwyqTAQK+YmDhrsz1KQd61u8mAUdBMcaWJ6F?=
 =?us-ascii?Q?fnp4R6uaZfFgDm394mrnnLsvF8lSsU0vuBD1gQNDYWh9r/R7GXxzv978VyfT?=
 =?us-ascii?Q?FOTDp5nYF6Cd9Hj7HtjdJRTLdHRPABZZy7lwBBzc/0rkj5irOyiADiXFb2vr?=
 =?us-ascii?Q?Wcv5j0MGoqUISJQ=3D?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(1800799024)(376014)(7416014);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jan 2025 20:25:48.1418
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ec72a1fa-f44e-4c2d-02a0-08dd3022a342
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	DS3PEPF000099DB.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6341
Content-Type: text/plain; charset="utf-8"

The function should_mitigate_vuln() defines which vulnerabilities should
be mitigated based on the selected attack vector controls.  The
selections here are based on the individual characteristics of each
vulnerability.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
---
 arch/x86/kernel/cpu/bugs.c | 69 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 88eba8e4c7fb..175dbbf9b06e 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -347,6 +347,75 @@ static void x86_amd_ssb_disable(void)
 		wrmsrl(MSR_AMD64_LS_CFG, msrval);
 }
=20
+/*
+ * Returns true if vulnerability should be mitigated based on the
+ * selected attack vector controls
+ *
+ * See Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
+ */
+static bool __init should_mitigate_vuln(unsigned int bug)
+{
+	switch (bug) {
+	/*
+	 * The only spectre_v1 mitigations in the kernel are related to
+	 * SWAPGS protection on kernel entry.  Therefore, protection is
+	 * only required for the user->kernel attack vector.
+	 */
+	case X86_BUG_SPECTRE_V1:
+		return cpu_mitigate_attack_vector(CPU_MITIGATE_USER_KERNEL);
+
+	/*
+	 * Both spectre_v2 and srso may allow user->kernel or
+	 * guest->host attacks through branch predictor manipulation.
+	 */
+	case X86_BUG_SPECTRE_V2:
+	case X86_BUG_SRSO:
+		return cpu_mitigate_attack_vector(CPU_MITIGATE_USER_KERNEL) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_HOST);
+
+	/*
+	 * spectre_v2_user refers to user->user or guest->guest branch
+	 * predictor attacks only.  Other indirect branch predictor attacks
+	 * are covered by the spectre_v2 vulnerability.
+	 */
+	case X86_BUG_SPECTRE_V2_USER:
+		return cpu_mitigate_attack_vector(CPU_MITIGATE_USER_USER) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_GUEST);
+
+	/* L1TF is only possible as a guest->host attack */
+	case X86_BUG_L1TF:
+		return cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_HOST);
+
+	/*
+	 * All the vulnerabilities below allow potentially leaking data
+	 * across address spaces.  Therefore, mitigation is required for
+	 * any of these 4 attack vectors.
+	 */
+	case X86_BUG_MDS:
+	case X86_BUG_TAA:
+	case X86_BUG_MMIO_STALE_DATA:
+	case X86_BUG_RFDS:
+	case X86_BUG_SRBDS:
+		return cpu_mitigate_attack_vector(CPU_MITIGATE_USER_KERNEL) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_HOST) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_USER_USER) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_GUEST);
+	/*
+	 * GDS can potentially leak data across address spaces and
+	 * threads.  Mitigation is required under all attack vectors.
+	 */
+	case X86_BUG_GDS:
+		return cpu_mitigate_attack_vector(CPU_MITIGATE_USER_KERNEL) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_HOST) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_USER_USER) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_GUEST_GUEST) ||
+			cpu_mitigate_attack_vector(CPU_MITIGATE_CROSS_THREAD);
+	default:
+		return false;
+	}
+}
+
+
 /* Default mitigation for MDS-affected CPUs */
 static enum mds_mitigations mds_mitigation __ro_after_init =3D
 	IS_ENABLED(CONFIG_MITIGATION_MDS) ? MDS_MITIGATION_AUTO : MDS_MITIGATION_=
OFF;
--=20
2.34.1