From nobody Fri Dec 19 20:38:05 2025
Received: from NAM11-BN8-obe.outbound.protection.outlook.com
 (mail-bn8nam11on2053.outbound.protection.outlook.com [40.107.236.53])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDE51204096
	for <linux-kernel@vger.kernel.org>; Wed,  8 Jan 2025 20:25:46 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=fail smtp.client-ip=40.107.236.53
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1736367948; cv=fail;
 b=kfrY0G3FWGG9AlB5K+x96AFSRtLBlUQFai+2dO+6FttjQcrs+dzdqMnyMhhKa3WnpXZhb9M9JA15fOQRXz0EwSFn3udi8Sv0KiH5srYzTrSsoSgQAz8yZjYFGnyZoCszfZ4S5nyT+vKN1yt+pErz4zBoXIgy0ZeEzoFrcN4vsJs=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1736367948; c=relaxed/simple;
	bh=VYnkWrlj0ZzSONw1ohiCmz8D8scnG9mFjLZ7nOBY04Q=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=HtKXE1CZ2vHKRmUR4GiuWjrRAK+FZKhHbpNyBJ+h010cd1Gn0RwLWld4PNy8+VubRp2Axz+XJdGbaArMg0hAP3PpDdbWyufc2NahhZc/mkiMiJbpbZUOagzN0D3Ua/xf2armamVnbwimdqltqxogi5xiHDiEXnZ1F8PeUaUllW4=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com;
 spf=fail smtp.mailfrom=amd.com;
 dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b=mOBbGsPS; arc=fail smtp.client-ip=40.107.236.53
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=amd.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=fail smtp.mailfrom=amd.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com
 header.b="mOBbGsPS"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=hrJoOhbww26T656ZQiEOEWgw/uz/UAqadojimZAy5TI/F2LTLXNMiRoQcXZyulEiXOR4LJ0mmA2EANudWCdURFej655BkkLDHE/h6nYrLFTO0rdn4biDum74hpfR66guB6Sglj25/ZUGbRjXL/e+sMCn24BDTtjjoqzL4yaCWX6i70vDTM0qQavOPfpYSgZFJvjONEzg3EWwtclWzdaS8veP3HBTjd0X7oTANCHNFypV5nOyBQSWDSVGPBx57j17JAQ0nG1y8LPUqgadis5Qp+NwOa0Qi4HpcmJJLPg21CO6yK0VwshPT8TN+zxr1Eym1ZJzlm13HsCffZZMEjJ/Fg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=LBaXgDJHVEqw39QNDKHOE/ZhB66AwC5aPHy5nWzVdnE=;
 b=OmJ7qcd+xyVxvNSkQ6U8IAG6deLtMAUyQzLF9uyzwvp6JL+MAS0fNnc1Wf7lN9mGjnxCmOj9WRO5fdCglEQtiYFGsSCOf9G+6EKf+4QcB8syk1ys4kd7wdHdW3s9N65aPoqiMoelea2insPmD7xCBSBdQL4pXwCwJl2Y9XLr2xUAyY9vg31Ior9m0RXOeRsRLqkvWpQXnKKYx4RLqPAqaYFdERIX2u9Ma5WEdV45Lkgv40g0qwFvVUAtiErGTlvjCSwms98tae2XTH1JaXpn0t7XS9YwOlZHSDS9j/KVQx43lpgjZXi8TUiojjNAJqRrzEhe56+PhD4q7cHeeOjDDw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=LBaXgDJHVEqw39QNDKHOE/ZhB66AwC5aPHy5nWzVdnE=;
 b=mOBbGsPSVhxVjCP/pSoKQjPEJ74+1QI7F+eUfN7YN38qp5/MgMBCTqyNultuvYqM8U/Ve6bmPSgLMID/1EMR78Flv5SHCyIBFWZ3Mi40amzzb5eCV/i8aOEue9BeQ81AF/nBv6ASh3ck9Xw4CMWRtqBmt9V+sr93OCS02DItIxA=
Received: from BL0PR02CA0103.namprd02.prod.outlook.com (2603:10b6:208:51::44)
 by BL1PR12MB5876.namprd12.prod.outlook.com (2603:10b6:208:398::19) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8335.10; Wed, 8 Jan
 2025 20:25:42 +0000
Received: from DS3PEPF000099DB.namprd04.prod.outlook.com
 (2603:10b6:208:51:cafe::40) by BL0PR02CA0103.outlook.office365.com
 (2603:10b6:208:51::44) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.8093.26 via Frontend Transport; Wed,
 8 Jan 2025 20:25:42 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
Received: from SATLEXMB04.amd.com (165.204.84.17) by
 DS3PEPF000099DB.mail.protection.outlook.com (10.167.17.197) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.8335.7 via Frontend Transport; Wed, 8 Jan 2025 20:25:41 +0000
Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com
 (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 8 Jan
 2025 14:25:38 -0600
From: David Kaplan <david.kaplan@amd.com>
To: Thomas Gleixner <tglx@linutronix.de>, Borislav Petkov <bp@alien8.de>,
	Peter Zijlstra <peterz@infradead.org>, Josh Poimboeuf <jpoimboe@kernel.org>,
	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>, Ingo Molnar
	<mingo@redhat.com>, Dave Hansen <dave.hansen@linux.intel.com>,
	<x86@kernel.org>, "H . Peter Anvin" <hpa@zytor.com>
CC: <linux-kernel@vger.kernel.org>
Subject: [PATCH v3 06/35] x86/bugs: Restructure mmio mitigation
Date: Wed, 8 Jan 2025 14:24:46 -0600
Message-ID: <20250108202515.385902-7-david.kaplan@amd.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250108202515.385902-1-david.kaplan@amd.com>
References: <20250108202515.385902-1-david.kaplan@amd.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DS3PEPF000099DB:EE_|BL1PR12MB5876:EE_
X-MS-Office365-Filtering-Correlation-Id: 9f70f948-4d66-4de6-8f10-08dd30229f83
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|82310400026|1800799024|376014|36860700013|7416014;
X-Microsoft-Antispam-Message-Info: 
	=?us-ascii?Q?p9BSfianmicoaK56kKl8Fst8uQpad8J3P6yRR48higoQUULrRrBdwUh3ktAo?=
 =?us-ascii?Q?vMe9UWhLyxKD/136C/57mC9HWiqA9Fu8KoLYBlbJsaSxsD0w5DGdaYF7oUi3?=
 =?us-ascii?Q?Ug7uDg1T+2DPiJmFWjaNL2/GT5jhiWnkWhvvXb9QJVlRNEuM/T1FXIVQBLeA?=
 =?us-ascii?Q?c4V1eoKu+76VEAY8ztE/p6GuZPGBY1nhjU5786VboiRYXbCTVv+A5F2Yqqd6?=
 =?us-ascii?Q?u+cRP55Bz0qUFoezyXY6CNckrz+psFyjERxXVKjzEhrk/KxxhmIvGl0SVl2l?=
 =?us-ascii?Q?zdDk4x2CSuFP+NiOkUVrqpT4t0veuVm6gkKTj/dS50R9O/N2V1ocssHeVp10?=
 =?us-ascii?Q?0uXwdT+TmniRCqOIhSIC7DmFGXUBP418SasP2cxBpcavXDzNJHa24B+PgKuv?=
 =?us-ascii?Q?tm+TLlqydWyNuowJk+1igF1SRVHu4x7rj1xpdmmx8KR+1xdNMV8yNY6LHsVr?=
 =?us-ascii?Q?Dh3pYN5ygMozs3T/ZlRCfRD3uwgpKvRCgVrZ0rHHC3Q1Nk6zsnGn2SWDHUQL?=
 =?us-ascii?Q?BGb11Hr5+8vkgXO5BQp/XIZHvbFVYvdpeakoqZuKIdrfLXnWSQR8QSFbwICS?=
 =?us-ascii?Q?6mXQiOHXyhFvOvJ7ys9qIn9XIkSMUSJ1wtoDRJn/4eJUD+SK57VXywm5FKUG?=
 =?us-ascii?Q?lkyAGFt/F81l5OEGD2aMeDEwMga65yfzaeCDbyLkHpQxG9Xq+NToVPtJQQtG?=
 =?us-ascii?Q?ADkzGisAUNQG2/uCWexbSIpiXdfByDmYrMS9/Me9ggq5SB9bt+F+j/QiqFH6?=
 =?us-ascii?Q?TiGZYn3iz+Y2pa8ilbU92QFRL4vVf9B405YnpAxk46VckxdVEfPROp+ShiHV?=
 =?us-ascii?Q?xdpE2cgbm2+AhlEhbliJz+mEEk0wBQak/vRkBTvPMzxT5KdJgTaxeeHdBiXf?=
 =?us-ascii?Q?o8+2qSQqNdgR/8r5doHfLYGB8NCWGsIPGDqkgzOI5cdepb1su1D1yFaYaTA3?=
 =?us-ascii?Q?VOsOCbuI2WzGhDwx1XI7v1iKvK7sO7BfUDqVur/Gug/5/lIa/RjOxUUzan1F?=
 =?us-ascii?Q?u7EV+a2Ce4m4FqHMn7vcQy3piDORK/xETSnfwJpNrE4ug93I0494+KxTu28Y?=
 =?us-ascii?Q?qY/hGq13tH9+ahURCBqsU5InXwomEYt3M2Xu8mFpsmEUe4igXzmECnWeCPx8?=
 =?us-ascii?Q?SSsstwxYuLbwSgThnwIo+U4G8wS+TK+RFlzCfzl8OA5CFR6mH4oxLOT1eAO8?=
 =?us-ascii?Q?Vds0VZLcqEl8eRl/VbdGnk8UJADJU4jJupwoBdW54onIjN7iz5UgaZwv+BD4?=
 =?us-ascii?Q?o7+mssGMJwqLPqJs5ZNHIdKj3vNi4hPD9oBuLwKOlitSoTCO7sUoJxnzGT6a?=
 =?us-ascii?Q?8oIXw6h36Wr/d5aktoytrWTuEa9RK7kIPPbECHTw9ugvJfOmylW4KZK/KByO?=
 =?us-ascii?Q?K4BfnZ3TVFg6oAJYi96Z/7JQKODidCcnHhcZxsM+npD2GV4UwUddNqmcU+IB?=
 =?us-ascii?Q?rQ+NOj/1IO+4LpkrEpWG3Nb9ucaKkJFwSnRwJGfAoDDuTxkhfVxHEalMTnZB?=
 =?us-ascii?Q?2ng16zFLXvl3AnI=3D?=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(376014)(36860700013)(7416014);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jan 2025 20:25:41.8761
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 9f70f948-4d66-4de6-8f10-08dd30229f83
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	DS3PEPF000099DB.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5876
Content-Type: text/plain; charset="utf-8"

Restructure mmio mitigation to use select/update/apply functions to
create consistent vulnerability handling.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
---
 arch/x86/kernel/cpu/bugs.c | 60 ++++++++++++++++++++++++++++----------
 1 file changed, 44 insertions(+), 16 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 7beb2d6c43bb..a8da097ab2d5 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -68,6 +68,8 @@ static void __init taa_select_mitigation(void);
 static void __init taa_update_mitigation(void);
 static void __init taa_apply_mitigation(void);
 static void __init mmio_select_mitigation(void);
+static void __init mmio_update_mitigation(void);
+static void __init mmio_apply_mitigation(void);
 static void __init srbds_select_mitigation(void);
 static void __init l1d_flush_select_mitigation(void);
 static void __init srso_select_mitigation(void);
@@ -190,6 +192,7 @@ void __init cpu_select_mitigations(void)
 	l1tf_select_mitigation();
 	mds_select_mitigation();
 	taa_select_mitigation();
+	mmio_select_mitigation();
 	md_clear_select_mitigation();
 	srbds_select_mitigation();
 	l1d_flush_select_mitigation();
@@ -207,9 +210,11 @@ void __init cpu_select_mitigations(void)
 	 */
 	mds_update_mitigation();
 	taa_update_mitigation();
+	mmio_update_mitigation();
=20
 	mds_apply_mitigation();
 	taa_apply_mitigation();
+	mmio_apply_mitigation();
 }
=20
 /*
@@ -510,6 +515,45 @@ static void __init mmio_select_mitigation(void)
 		return;
 	}
=20
+	if (mmio_mitigation =3D=3D MMIO_MITIGATION_OFF)
+		return;
+
+	/* Microcode will be checked in mmio_update_mitigation(). */
+	if (mmio_mitigation =3D=3D MMIO_MITIGATION_AUTO)
+		mmio_mitigation =3D MMIO_MITIGATION_VERW;
+
+}
+
+static void __init mmio_update_mitigation(void)
+{
+	if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) || cpu_mitigations_off())
+		return;
+
+	if (verw_mitigation_enabled())
+		mmio_mitigation =3D MMIO_MITIGATION_VERW;
+
+	if (mmio_mitigation =3D=3D MMIO_MITIGATION_VERW) {
+		/*
+		 * Check if the system has the right microcode.
+		 *
+		 * CPU Fill buffer clear mitigation is enumerated by either an explicit
+		 * FB_CLEAR or by the presence of both MD_CLEAR and L1D_FLUSH on MDS
+		 * affected systems.
+		 */
+		if (!((x86_arch_cap_msr & ARCH_CAP_FB_CLEAR) ||
+		      (boot_cpu_has(X86_FEATURE_MD_CLEAR) &&
+		       boot_cpu_has(X86_FEATURE_FLUSH_L1D) &&
+		     !(x86_arch_cap_msr & ARCH_CAP_MDS_NO))))
+			mmio_mitigation =3D MMIO_MITIGATION_UCODE_NEEDED;
+	}
+
+	pr_info("%s\n", mmio_strings[mmio_mitigation]);
+	if (boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN))
+		pr_info("Unknown: No mitigations\n");
+}
+
+static void __init mmio_apply_mitigation(void)
+{
 	if (mmio_mitigation =3D=3D MMIO_MITIGATION_OFF)
 		return;
=20
@@ -538,21 +582,6 @@ static void __init mmio_select_mitigation(void)
 	if (!(x86_arch_cap_msr & ARCH_CAP_FBSDP_NO))
 		static_branch_enable(&mds_idle_clear);
=20
-	/*
-	 * Check if the system has the right microcode.
-	 *
-	 * CPU Fill buffer clear mitigation is enumerated by either an explicit
-	 * FB_CLEAR or by the presence of both MD_CLEAR and L1D_FLUSH on MDS
-	 * affected systems.
-	 */
-	if ((x86_arch_cap_msr & ARCH_CAP_FB_CLEAR) ||
-	    (boot_cpu_has(X86_FEATURE_MD_CLEAR) &&
-	     boot_cpu_has(X86_FEATURE_FLUSH_L1D) &&
-	     !(x86_arch_cap_msr & ARCH_CAP_MDS_NO)))
-		mmio_mitigation =3D MMIO_MITIGATION_VERW;
-	else
-		mmio_mitigation =3D MMIO_MITIGATION_UCODE_NEEDED;
-
 	if (mmio_nosmt || cpu_mitigations_auto_nosmt())
 		cpu_smt_disable(false);
 }
@@ -675,7 +704,6 @@ static void __init md_clear_update_mitigation(void)
=20
 static void __init md_clear_select_mitigation(void)
 {
-	mmio_select_mitigation();
 	rfds_select_mitigation();
=20
 	/*
--=20
2.34.1