From nobody Sun Dec 14 12:10:41 2025 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2057.outbound.protection.outlook.com [40.107.102.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9BCAA2101BD for ; Fri, 18 Apr 2025 16:17:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.102.57 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993060; cv=fail; b=YDueOALNVcTVF8z4qut+CY9JvfSwGRI4huCaSt9Xc0swn/nR3fIqo71AqBRtZAjosD59RvBBPMBTVYEPIJAax/09Oz1r5xsMPr7js1jrx0dFJZ8B9XCNLFaLV1OkBPj6AQia4hqXY7YvMAicil1UzJz48bzuw6kcmgxLRZby4zA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993060; c=relaxed/simple; bh=fty9OlrIx/fpOj6iVlmYBkx84XPBF32CXhf16afDUpA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=FuYS4ufMxMm998wxKDL+KEiSxa/LuJiHR3EPsLxao/iMJFlNm72Q9h/K/dsq+vJh89cunqpMdwun2Pf2DxjC4blI3WyYN1sWBnxjey2+x11ZPbePXyWSCFIr3uWPshjauvRsEIT1s/NpKA1Jk2kyHfvOYZyI96wVdzyiz49wpXs= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=1mH9+w67; arc=fail smtp.client-ip=40.107.102.57 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="1mH9+w67" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=xR5H16FLxPA6+2Lz4+Z6r8flB17KKpnw24RScTGyQ/5M1ro2cdkDEHROrt0GlMTPmx1fYw676L1ggZXZ/f+5eJ+DNU5yxFV3Eljvdrs/KmbtojKD+eyM1kNzeJU4GGdGBEdvusXKq2g9U2nFOOHCP5ey5vkcZuL5kw4JdnHh8LuakWgx59Qfdym/WdlYKZnK19LsjIcx1nnjp3XZ18AgjapZcKZUmSk9GZQiQYWrjM9JNSwdBzeP9dw6XDWoVUFpu9hOwu7ltbs6L13Gj15iHQb7bEaojAbPsYUumkUELkvhg3TLVWuZg0jpoRjvHcR+wrt40pA577acvhjQ5JItqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=O7reZJ6fWZZne3TJrLf3zTxxP9MAvx/A5reF4heMvBA=; b=r65jTtdhZD1OTO/JsAFXP2zbaPIgyk3gcSban1F87A+xOjKn9ixWKVcH4hwae6VZOS6eyTySE2/vhXtEtOJQTNBV2Xe/qZKVT4HzB48iRVukg0Ln4WYTblg0d3BkUY6xy/UtqxVuHCHeUPV8rhKuBgP/10efkccckhIVBs6pc7WgWF5Ag7aZuxy7m2t54E6Lyl2bH0zbYtj0KafNeD5ImCk0z2DsDAJf3K9WJRaDM9xfKep7057ZTmbBDW/YKxGywJFk2Y6nyip8gbWtnRcsJdU+sAKfXKpaObFLyhPi5tikplb2urB+uaJbrGJFQI7YG6axNMw12J1/GTRZb+iSsA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O7reZJ6fWZZne3TJrLf3zTxxP9MAvx/A5reF4heMvBA=; b=1mH9+w67srC4w12CPpNTB+AGtvbVBQHvCsdnVxjBNek7H+Dp7jIbs7ymF43ku/7tiYKD3yDxwPtDErzXH5Al7+ql3gmZ01sOSs00PVadaDOMiA/oqRXGo9rpEmfZipiw7CExjcCnuK9z9j9q6g1m5KuMFKYwsViAP1XcADlkXzA= Received: from CH0P220CA0008.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::6) by SN7PR12MB7276.namprd12.prod.outlook.com (2603:10b6:806:2af::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.30; Fri, 18 Apr 2025 16:17:33 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::3a) by CH0P220CA0008.outlook.office365.com (2603:10b6:610:ef::6) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.25 via Frontend Transport; Fri, 18 Apr 2025 16:17:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:32 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:31 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 01/16] x86/bugs: Restructure MDS mitigation Date: Fri, 18 Apr 2025 11:17:06 -0500 Message-ID: <20250418161721.1855190-2-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|SN7PR12MB7276:EE_ X-MS-Office365-Filtering-Correlation-Id: 5a8db439-3762-4ee4-e95a-08dd7e948658 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|1800799024|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?ECuKqL2cJHBmuxHwk71CkDB8RHs71zvX0kq+pARYy5JdGQVqhjnKVObE80ZI?= =?us-ascii?Q?9PcvH7WB3ArQ8gf0O1PGmIQQ36im+sCFw5VO16s8EO846yQHcd28d2W3g1bI?= =?us-ascii?Q?ZbbRr3DnG8GCXrh97dBS3vXa3m8DdSRONkmr6Zq2oZ3PreHv6fIsEBm9lySy?= =?us-ascii?Q?oFVxMGK9BKpIKUvt/MRZWYnOGk/v1sj5QQsyXNzewSsyZFfoWF7eZchmDnVP?= =?us-ascii?Q?aFlftzoiVkQGufT8bAAE9YBq98hQwURNclFMdlcpR8eH1x4TRT3YWWnL7KCS?= =?us-ascii?Q?WRejVk3GirJYxbX9kNJzyCcmfsfVHNo/XvNXQd40MIrIvzLTCq29JkpX7yTo?= =?us-ascii?Q?w7O1zLdZuhzW/UVq/7tJjzLQCbuyWxNo3wdB4sRNodv3DkcUeqRtlAHtNJNH?= =?us-ascii?Q?q9Z9qnd0V/16QsRXfzBusAdi/WTni+7SpaxXK2958TOCai+MGTfInDx0EdJa?= =?us-ascii?Q?kEp5A2/WAlfQ6m/ZIOjc7BILRHwanXhaWgjXLvg6fTnI3XmsIo+HLGaJSFVs?= =?us-ascii?Q?qZAadhWQXQZCvFhbiHRnL1nBpjGhGF0Acg1rm54NDrmImBIrfs9rsZHDw1rG?= =?us-ascii?Q?Q6erKXjgVK4MKMuqs97UNXR+NB9V6VJ17ST28UeuzJEOBqywKkVKlTlN9oUM?= =?us-ascii?Q?/lhGxm4TMc2aQx0RlCS+2o3LRk0ZSkndyEcm+dJ/dd64hgjSwD9YvvzTfVqH?= =?us-ascii?Q?4YOnfMh0essBUtegq5Kf9Y0gEqWlhoA5/IO8rzE29asiSdjllpbIM3sPWmu9?= =?us-ascii?Q?s/2PZC7wlX6OxH8d0bCGzT1zuGW2L9blXR2X01HlWViB2/wWcDFN9Gvrn/2o?= =?us-ascii?Q?cCUH9tT+5YmHPGlQVrraTAz7ibSE0Hp+2Q3fvGjpuL6zG7Wsr7mhB6xRq5DC?= =?us-ascii?Q?e3DqSmA4jDKEr78rOiQI9zCF+4eDh1tbWqZJRM8Y1mE2Mt3jta+DX7+9nBqf?= =?us-ascii?Q?rTa8hMxhcmwpwI8EfK9cYPI/ePTogM811IMAiTEHnbeozlfp7Hhp5/Ewg/Hx?= =?us-ascii?Q?5UHkrXP2SjF7Xx98Pjutvokuwfnjfkrqx8vDOKGus9paGvTJnbK9Uf6/0Vgq?= =?us-ascii?Q?oO1J09pPGDjckFUGHF0n4GNp6zAVCCxtIs/A+r5GlKoldIHjrR81cbB70CJb?= =?us-ascii?Q?3MstX/S+DeZHgWOtnxm17fJczghot6sA2lfbMp3l40OUmfdMDXIkg6BBlR8J?= =?us-ascii?Q?nUPri+7Q/w3SNrYfc+J1UB0JvzUYCPmNnNMdyhNbv6W0qtdZyeWPVfIJRy6z?= =?us-ascii?Q?IgDC46DJDudR/LyMWAnwTylmstDcNRcJskf5cy8DGyNzwuzy/P5d2fkwTIGw?= =?us-ascii?Q?ZYBYmpYZxdD6tNj9ASOGvE0KOn+H3eQWH/vAAwhTyCrZ+kV7H/OC2sOnixhI?= =?us-ascii?Q?Ap2Ay6GcgXNI+rTFHPuwQhHVwkooNMyUzwNXpD5Z3HO9L5hEuzhJo+SaMP41?= =?us-ascii?Q?Ex4Bj3WsuBt42yFJLz8ZLKgtw6DesfIg7vOuqjsTtO8EOP0KhH63LtjFqnRE?= =?us-ascii?Q?mdKmFX4LAzb58WxG7a5Q3n9iF4v79IY8pGqC?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(1800799024)(376014)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:32.9853 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5a8db439-3762-4ee4-e95a-08dd7e948658 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7276 Content-Type: text/plain; charset="utf-8" Restructure MDS mitigation selection to use select/update/apply functions to create consistent vulnerability handling. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 58 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 56 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 9387f5f9de12..4295502ea082 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -34,6 +34,25 @@ =20 #include "cpu.h" =20 +/* + * Speculation Vulnerability Handling + * + * Each vulnerability is handled with the following functions: + * _select_mitigation() -- Selects a mitigation to use. This shou= ld + * take into account all relevant command line + * options. + * _update_mitigation() -- This is called after all vulnerabilitie= s have + * selected a mitigation, in case the selection + * may want to change based on other choices + * made. This function is optional. + * _apply_mitigation() -- Enable the selected mitigation. + * + * The compile-time mitigation in all cases should be AUTO. An explicit + * command-line option can override AUTO. If no such option is + * provided, _select_mitigation() will override AUTO to the best + * mitigation option. + */ + static void __init spectre_v1_select_mitigation(void); static void __init spectre_v2_select_mitigation(void); static void __init retbleed_select_mitigation(void); @@ -41,6 +60,8 @@ static void __init spectre_v2_user_select_mitigation(void= ); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); +static void __init mds_update_mitigation(void); +static void __init mds_apply_mitigation(void); static void __init md_clear_update_mitigation(void); static void __init md_clear_select_mitigation(void); static void __init taa_select_mitigation(void); @@ -172,6 +193,7 @@ void __init cpu_select_mitigations(void) spectre_v2_user_select_mitigation(); ssb_select_mitigation(); l1tf_select_mitigation(); + mds_select_mitigation(); md_clear_select_mitigation(); srbds_select_mitigation(); l1d_flush_select_mitigation(); @@ -182,6 +204,14 @@ void __init cpu_select_mitigations(void) */ srso_select_mitigation(); gds_select_mitigation(); + + /* + * After mitigations are selected, some may need to update their + * choices. + */ + mds_update_mitigation(); + + mds_apply_mitigation(); } =20 /* @@ -284,6 +314,9 @@ enum rfds_mitigations { static enum rfds_mitigations rfds_mitigation __ro_after_init =3D IS_ENABLED(CONFIG_MITIGATION_RFDS) ? RFDS_MITIGATION_AUTO : RFDS_MITIGATI= ON_OFF; =20 +/* Set if any of MDS/TAA/MMIO/RFDS are going to enable VERW. */ +static bool verw_mitigation_selected __ro_after_init; + static void __init mds_select_mitigation(void) { if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) { @@ -294,12 +327,34 @@ static void __init mds_select_mitigation(void) if (mds_mitigation =3D=3D MDS_MITIGATION_AUTO) mds_mitigation =3D MDS_MITIGATION_FULL; =20 + if (mds_mitigation =3D=3D MDS_MITIGATION_OFF) + return; + + verw_mitigation_selected =3D true; +} + +static void __init mds_update_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) + return; + + /* If TAA, MMIO, or RFDS are being mitigated, MDS gets mitigated too. */ + if (verw_mitigation_selected) + mds_mitigation =3D MDS_MITIGATION_FULL; + if (mds_mitigation =3D=3D MDS_MITIGATION_FULL) { if (!boot_cpu_has(X86_FEATURE_MD_CLEAR)) mds_mitigation =3D MDS_MITIGATION_VMWERV; + } =20 - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + pr_info("%s\n", mds_strings[mds_mitigation]); +} =20 +static void __init mds_apply_mitigation(void) +{ + if (mds_mitigation =3D=3D MDS_MITIGATION_FULL || + mds_mitigation =3D=3D MDS_MITIGATION_VMWERV) { + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) && (mds_nosmt || cpu_mitigations_auto_nosmt())) cpu_smt_disable(false); @@ -599,7 +654,6 @@ static void __init md_clear_update_mitigation(void) =20 static void __init md_clear_select_mitigation(void) { - mds_select_mitigation(); taa_select_mitigation(); mmio_select_mitigation(); rfds_select_mitigation(); --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2048.outbound.protection.outlook.com [40.107.237.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DC37821420E for ; Fri, 18 Apr 2025 16:17:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.48 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993059; cv=fail; b=j5cAylZs5CKvWvx1WtQEh/tcRgXaCG0P7uUG1upY163as46kpzkHmojBVpNKyg8X9EUroa9G7+IJ0o+yeJjfl7LS1Tf8UFqaKWbztj+AvG6O65HgO1iq1m/9gsc155KatTevie6wV9Ea5GnXZOuOGh8TxOxY0c+gQ+Mo9WljFpM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993059; c=relaxed/simple; bh=dt45PNj+0M5jKE/EBij8x0Tmn2vFvKASbF7a1EWPk5o=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=a7pO7Clv/Q7TyJ82Wz8wdD/DLANPXiU7G2lYA/wBv2yJR3LpW8yRzvK/eF2UVWMPIxxjxVzn3pRgEoFbT4JiqxpMP9Ql2bzFmZHKOAu0Wty2DnTiroNMI2LSfs65FLmoMqCKwC3GW9M17ERrwmhyrfAQ1TT1KrxcbYUbBKypSWc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=HtMUShqw; arc=fail smtp.client-ip=40.107.237.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="HtMUShqw" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CG54rVnaAw3kpokPbVKWAy03DKGxI2t7ljs06QCWXBxloHlsua6rOtuM/fc8ubziYjuoGBJ6+cJUCBiTkd1FZirb3m7p7NN0kGcqelrPJOLIzYMLwtK2t08vgBpVkJ3StMGW8+VyaxCuPyA4o3m0zG8tDU/h0S1nxf5h4iCGjNT9wgSpxTInO4cG0p65o/1Ag1XPOweNb5WYLp2nHYQ6S49blrxtxWqvCXWBPY4fVinMy6w3MeJYk/fezPBcwAw8iBSUvD7RHciNqrqojXo1FG0ktJP6SzC5/fSua4j9B4oan5Ry4ahW5jmP7BlqFIftAl1E4ll+iJsDidWw9LSAQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0yUiwlZDTxktjU4xlofONWs07IVe2tiI61PNKgc/hnU=; b=CH6CWCn7wGioS+sBz0DMy0Pr1ByCPvtL2rRi10hxr1hlAcinteYBLf7BbjQpKX0Pqsxz000NQeH2bKSNxSZW0AKLzrbrtTIbAkHOmLymyjGBNpfAjNUry7OHqMIt/xDOFBP7RxJWuQgVIWNpFYTd/3jZkZNSX9w1U6OssmpRr0f6iGS59SesNCHncvhvIS6jh7X4uSGrRtrjPrEG+RzNvirKlxa7MFbOX6IWdUsbjnH1t8+BpPLSKX+hEsSwW7Is8HNwEVIjfRSMFfVBOh2jGgKL7lxrrGm1xgS0jKuHQ8TpaUywuL/LfX5dUC7NmqCHANGU30UV0ordgoIYulcJ8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0yUiwlZDTxktjU4xlofONWs07IVe2tiI61PNKgc/hnU=; b=HtMUShqwua8fw/FtOt5qp5BQUl0oSvUd5ZwykGyPUW2nrNSq9dc6yJSumT38aenkojmn3WooFkXX749xKRYR2/IsS40oZjHsexTNhQ/Yufm8VfYaqL8fw2yptPLV4TO56ge30FhzhFbHZU9eC6XriSUUGB0FNDxDZWhVOV4ar/w= Received: from CH0P220CA0029.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::17) by DS4PR12MB9562.namprd12.prod.outlook.com (2603:10b6:8:27e::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.22; Fri, 18 Apr 2025 16:17:34 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::1e) by CH0P220CA0029.outlook.office365.com (2603:10b6:610:ef::17) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.24 via Frontend Transport; Fri, 18 Apr 2025 16:17:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:33 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:32 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 02/16] x86/bugs: Restructure TAA mitigation Date: Fri, 18 Apr 2025 11:17:07 -0500 Message-ID: <20250418161721.1855190-3-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|DS4PR12MB9562:EE_ X-MS-Office365-Filtering-Correlation-Id: 4dcc5a20-9ff8-402e-f289-08dd7e9486bb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|376014|1800799024|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?W99eU3Q8IYvADfkXf70h1uns6Nc8/l6J9LhTEmEX2J8AOfIh2sYoLeNMnUIc?= =?us-ascii?Q?dLErY/eqOVH/6Y5Cwhg2r/v4IecV3Ps74anP0wU0ciH7N5lqylnLGuT9FP9M?= =?us-ascii?Q?/OvJUoBEL4wPsfRIqYIHfRbaJS37HFVMisDMvn0hT5NSSCNVHuRH17sUljR+?= =?us-ascii?Q?Ucy10lgHCZdr08TL4CWDBXIj72JNoNnaIn7MTzRwgwCxkVOkkYIygVEfcijL?= =?us-ascii?Q?DLFunqG9IkHmFXt9IScf1YGsNBMsZfcsPcVVrtzuETl46WiKhseatBY5kzLR?= =?us-ascii?Q?Sj0zad63utTKBkWuZqn1mJgb01/fU1vVVBwdkuGUmy6cVlw+fQzrz3nP1/8x?= =?us-ascii?Q?t3w6DAzv18rUMGiBAvBGOYYhZcfEJFrNn/Xnor87OOY7nBNucxvoNKPrMdVU?= =?us-ascii?Q?/Qo8gwsNcfxu72Dy8g2Gv7DcfuOxmO55nYFIqzZ163v/5qJbQGsZ4Mc9ggZa?= =?us-ascii?Q?w1QWpEEKkSrXLoQittV3Aihr/dzAEGUnFH38akKPQVB26EG9TwT07aSYGa28?= =?us-ascii?Q?4Melk8Y/2WB9skwkZFOdqtLUCEcsZ7PZJv7CvhdLuKd3CSNubm/XevyplaK0?= =?us-ascii?Q?WTGldA3Sg298fEuvrUlbZvbsmVqH8QCijePkMqMiBOSpNAPrXbi+A7ahW4Qf?= =?us-ascii?Q?5jd3eaiW+jtB1rPw5p6OJT9X/npftzSOgd4rKD5wPblqy+dYDTg9+y+Jf8JT?= =?us-ascii?Q?34uuLxmOOy10TIEdWs/MiTL2ylc0MPaitLUMCJMHLQByrh/Ec6nMuLfbnxrc?= =?us-ascii?Q?X6neYAZ33xZf4bP4yotBLhM9uny+/OEh2zJzccEADMQ1Be8z0Nd6XGAi/uKr?= =?us-ascii?Q?STT+AGOfgol2h3ZQ8sEuTWHQq666Y1sar8G3OGnj/VYUeDNu9KLE2saYq5Mf?= =?us-ascii?Q?ULtXqxM0zC7jM+1zMcNIgPmpnn+bCbf/fWCf2HcHOhYxfMuJkwtzgsgtjC8C?= =?us-ascii?Q?qEPyMWwPyiyuTnHOogNE/QgpWMdRNUuQYqzDEenwKs0mJoMqb1dW74dFaoUa?= =?us-ascii?Q?YX1C/JT5kSP2vpNSMaBjsyIgYGLLzUM6ddYz5tk9XkDhzlxuNJ3mbfPMPWfO?= =?us-ascii?Q?t/zlWfKlZEsail47Q6TsIiOH1Cvzz65Hy1O6jAVc4tezZGuNA2kr1i1W9oI2?= =?us-ascii?Q?AtDxia+VukNheFLM5CKPJ4jgS+0GdhrMS4pZIJqcFPJ5N0YVLb+Blw3fIjyI?= =?us-ascii?Q?CZEQZAmWsA0s+ATTHuUli4FWqoqHvC5xfPfgwTDMiFhbJ0aXox38ppqELdE7?= =?us-ascii?Q?LjO4/89S6K4qU3KRP6Sj1MT7pHcrQjccF0Wo7ZSDNG56BDPj1JiFfDV5neMN?= =?us-ascii?Q?N7y9pnK+ShXPMZ3aTAWoltqUt6YdNWjstOhJpIJoPQVynFxAvH5tSCll34hh?= =?us-ascii?Q?mrwZApt9pA+ucQFlJbcVNe63+E9PCcuUraZnxKEjCJ+AXmd5vZsdFcgJs1/m?= =?us-ascii?Q?8qYu9ktGTXAsHrOCHc5E027lEZcso75vGunPWomiqBXBuLY/0GtijovpDMcD?= =?us-ascii?Q?1WU30GzlU94zDt/llB9zM4sQdVbWbSe2tau4?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(376014)(1800799024)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:33.6361 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4dcc5a20-9ff8-402e-f289-08dd7e9486bb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS4PR12MB9562 Content-Type: text/plain; charset="utf-8" Restructure TAA mitigation to use select/update/apply functions to create consistent vulnerability handling. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 94 ++++++++++++++++++++++++-------------- 1 file changed, 59 insertions(+), 35 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 4295502ea082..c0ba034ae1f9 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -65,6 +65,8 @@ static void __init mds_apply_mitigation(void); static void __init md_clear_update_mitigation(void); static void __init md_clear_select_mitigation(void); static void __init taa_select_mitigation(void); +static void __init taa_update_mitigation(void); +static void __init taa_apply_mitigation(void); static void __init mmio_select_mitigation(void); static void __init srbds_select_mitigation(void); static void __init l1d_flush_select_mitigation(void); @@ -194,6 +196,7 @@ void __init cpu_select_mitigations(void) ssb_select_mitigation(); l1tf_select_mitigation(); mds_select_mitigation(); + taa_select_mitigation(); md_clear_select_mitigation(); srbds_select_mitigation(); l1d_flush_select_mitigation(); @@ -210,8 +213,10 @@ void __init cpu_select_mitigations(void) * choices. */ mds_update_mitigation(); + taa_update_mitigation(); =20 mds_apply_mitigation(); + taa_apply_mitigation(); } =20 /* @@ -394,6 +399,11 @@ static const char * const taa_strings[] =3D { [TAA_MITIGATION_TSX_DISABLED] =3D "Mitigation: TSX disabled", }; =20 +static bool __init taa_vulnerable(void) +{ + return boot_cpu_has_bug(X86_BUG_TAA) && boot_cpu_has(X86_FEATURE_RTM); +} + static void __init taa_select_mitigation(void) { if (!boot_cpu_has_bug(X86_BUG_TAA)) { @@ -407,48 +417,63 @@ static void __init taa_select_mitigation(void) return; } =20 - if (cpu_mitigations_off()) { + if (cpu_mitigations_off()) taa_mitigation =3D TAA_MITIGATION_OFF; - return; - } =20 - /* - * TAA mitigation via VERW is turned off if both - * tsx_async_abort=3Doff and mds=3Doff are specified. - */ - if (taa_mitigation =3D=3D TAA_MITIGATION_OFF && - mds_mitigation =3D=3D MDS_MITIGATION_OFF) + /* Microcode will be checked in taa_update_mitigation(). */ + if (taa_mitigation =3D=3D TAA_MITIGATION_AUTO) + taa_mitigation =3D TAA_MITIGATION_VERW; + + if (taa_mitigation !=3D TAA_MITIGATION_OFF) + verw_mitigation_selected =3D true; +} + +static void __init taa_update_mitigation(void) +{ + if (!taa_vulnerable() || cpu_mitigations_off()) return; =20 - if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) + if (verw_mitigation_selected) taa_mitigation =3D TAA_MITIGATION_VERW; - else - taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; =20 - /* - * VERW doesn't clear the CPU buffers when MD_CLEAR=3D1 and MDS_NO=3D1. - * A microcode update fixes this behavior to clear CPU buffers. It also - * adds support for MSR_IA32_TSX_CTRL which is enumerated by the - * ARCH_CAP_TSX_CTRL_MSR bit. - * - * On MDS_NO=3D1 CPUs if ARCH_CAP_TSX_CTRL_MSR is not set, microcode - * update is required. - */ - if ( (x86_arch_cap_msr & ARCH_CAP_MDS_NO) && - !(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR)) - taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; + if (taa_mitigation =3D=3D TAA_MITIGATION_VERW) { + /* Check if the requisite ucode is available. */ + if (!boot_cpu_has(X86_FEATURE_MD_CLEAR)) + taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; =20 - /* - * TSX is enabled, select alternate mitigation for TAA which is - * the same as MDS. Enable MDS static branch to clear CPU buffers. - * - * For guests that can't determine whether the correct microcode is - * present on host, enable the mitigation for UCODE_NEEDED as well. - */ - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + /* + * VERW doesn't clear the CPU buffers when MD_CLEAR=3D1 and MDS_NO=3D1. + * A microcode update fixes this behavior to clear CPU buffers. It also + * adds support for MSR_IA32_TSX_CTRL which is enumerated by the + * ARCH_CAP_TSX_CTRL_MSR bit. + * + * On MDS_NO=3D1 CPUs if ARCH_CAP_TSX_CTRL_MSR is not set, microcode + * update is required. + */ + if ((x86_arch_cap_msr & ARCH_CAP_MDS_NO) && + !(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR)) + taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; + } =20 - if (taa_nosmt || cpu_mitigations_auto_nosmt()) - cpu_smt_disable(false); + pr_info("%s\n", taa_strings[taa_mitigation]); +} + +static void __init taa_apply_mitigation(void) +{ + if (taa_mitigation =3D=3D TAA_MITIGATION_VERW || + taa_mitigation =3D=3D TAA_MITIGATION_UCODE_NEEDED) { + /* + * TSX is enabled, select alternate mitigation for TAA which is + * the same as MDS. Enable MDS static branch to clear CPU buffers. + * + * For guests that can't determine whether the correct microcode is + * present on host, enable the mitigation for UCODE_NEEDED as well. + */ + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + + if (taa_nosmt || cpu_mitigations_auto_nosmt()) + cpu_smt_disable(false); + } } =20 static int __init tsx_async_abort_parse_cmdline(char *str) @@ -654,7 +679,6 @@ static void __init md_clear_update_mitigation(void) =20 static void __init md_clear_select_mitigation(void) { - taa_select_mitigation(); mmio_select_mitigation(); rfds_select_mitigation(); =20 --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2052.outbound.protection.outlook.com [40.107.96.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F8A6217F30 for ; Fri, 18 Apr 2025 16:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.52 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993063; cv=fail; b=RLp4GaMSo6f4Hx4UH6PBCUiVrPQAESUVTsOZU5aqWf5P+vYKSO97UAfmuxFcZokZLqyJWGYPn49Pp5EkrblEVENG/sIXCYHmOVtgArida6P1lEwFybIr7WTIANWJtZO+r45S2gZcz2uaoQbXntW4GZXO3BwE2a5YJ2Jd21PMWeU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993063; c=relaxed/simple; bh=qtffWf1gssTclUXMJPT9AvR+8HIItC7QHnOMHezmSk8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=JSFVgbPFD2JKT5HCDlORZQxwR3OxjZBNZUl5yfWJBOgaNFUrCKaKYLlNhhDGQX6DZ6tlagEAd85tvO8xKe29I3NW1hJ0MBI62j+eRb+y1FLKyhPlIIWC08N9xdq6XT8U0cMIsAyxjmAfYFEPziN4hvsZcyv0UIONzcRorOJ8/R4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=rpsu+V15; arc=fail smtp.client-ip=40.107.96.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="rpsu+V15" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Kb46EJmLpQEuWei2KT+USgUb5Bn7jVmoepckQtrgb16u+pDWSpvPeyGQBJvWVCRBKfenwdTIucLYkOe1HUQm7QthQUbYepgHU35MUerWydZx3zed6GIorA2K/lSnb9QecM31M2jWBwyW+MBZocB0xRbDVCZRnEZDrRI6TLeqbsFA6sM/NH41IlBMQbd18augHTE8Q9YhFOgdRB5XdPpPGWIjpUCVV4ZxiOn6tPUYjDWZigE9GqQKUcgkrHlG1tzo5E46tEoGBBfJlBCmzTcpqGVQYMZkYGWtOnV7jtjduqkylrTLijg9Omeijz0QM5M8+m1df7nGyRODBDplq4cUPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AbAt0VnNOmUUYoV+umXu/JsfGsS1kJueof43zvJCrYA=; b=pnpiNUPYpzxAAfH2IxI/yMM8FQ6aoowsN3hiWURzexRxnsFhkuaVPPV02Bm4psyga+fTIH0q8ITCY9STz4ylzs03atMZWJAkEDEbFCUENWNmPO8biTLUSnWYNRZDAQYtHear6lfQUOvhUquWnuLIvMabjCCFmqmNj29dFqXElw61rlGAjqAzAT6Sb0Hl0LIX1DD+7BoiB0Cia+7fLovemGsM/h+zXMOis0CPL62BSzZTGXLh1jy7buJ0YHhjPwOLudyCDwAZJN/3wQ7czHksxH5aHnued+cEbdMdhzJ7nu9hjqNALJMri1/9pWHwwXXWJF2ppl1L3vlAP7dnjLeKbA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AbAt0VnNOmUUYoV+umXu/JsfGsS1kJueof43zvJCrYA=; b=rpsu+V15xUfpHvVdFexOl9O9LQTXDxoUpwi5Jthaa14x19jvGZchjB0eFk8TbyTFwtpqWFmP8Rh9uhbBQe/JqINhk32XzBAjW8KNAKtwziFPHpBvw2nA1qj4fDa+vJMFS8SxPoAurDNbtX/WWHdV5u8GA7Sr7huiRjpgo+iXp/U= Received: from CH0P220CA0008.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::6) by IA1PR12MB6531.namprd12.prod.outlook.com (2603:10b6:208:3a4::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.32; Fri, 18 Apr 2025 16:17:34 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::2d) by CH0P220CA0008.outlook.office365.com (2603:10b6:610:ef::6) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.25 via Frontend Transport; Fri, 18 Apr 2025 16:17:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:34 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:32 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 03/16] x86/bugs: Restructure MMIO mitigation Date: Fri, 18 Apr 2025 11:17:08 -0500 Message-ID: <20250418161721.1855190-4-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|IA1PR12MB6531:EE_ X-MS-Office365-Filtering-Correlation-Id: a137fa94-9eda-4c8d-a5f7-08dd7e948724 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|36860700013|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?tbS1pfLWiKL/UrjUHWVDxSda2SB4VuVfFmhkl7tDSiYKLGNQarcg+tbRA/5O?= =?us-ascii?Q?JRtMLiKhXnCcqKi7ldmbRMo0loL/h6LoShwyEpHRRbpFVBxpWTYphyMF5EOs?= =?us-ascii?Q?kbdU49RD9h/3z1aKZJEGeFdYtS4grbhkwh/RdO/7QtRyCg5gCKjii9WqaQ5G?= =?us-ascii?Q?pIwU+Lk/6wJNStpHb/s+lEFPAfGQulzMb6wIZH6CC+ql1FHJIsI3vVnJUd4a?= =?us-ascii?Q?aIptpxdBTNQKSn99XuLuiDXEAv+7qnnlAMYGMWnFRjWcO2s9nwCWYPZn7DbX?= =?us-ascii?Q?sNkOTaFmbeqtltzkbO2/fXkl9xMblet6MkIJ+3bUU5wBW7kc12m58O3qrOZP?= =?us-ascii?Q?ZZCR+J6Nq58TVRunQV3PYoh+ULThvrc6eZseMY0H2k+Hcxtsai7HZEkAUGj8?= =?us-ascii?Q?h89X5euk5weeIMqFaTquIYICkwKT9ww+PTBz5hTNuGxk/ZBLII/zY5fGP9St?= =?us-ascii?Q?UiPaywgLaHG3gMjJwlCW9cc4Ifi9GpFFxd7d0qG+EPWwoFsbvTUleLAthks5?= =?us-ascii?Q?WMJBe4yG6x21JMH4M5i61OIm9j/Dcpnfby96seDQKFIrsYsaIlAbzwPm5/1F?= =?us-ascii?Q?9LbaZf7iD4dAlx5I58Go9YqbSak3M7K2Wf6IYaM5pExxry1GAMwMvFCDI+8c?= =?us-ascii?Q?8XzkaXukrA3aLcP3BjG4Xs6JHFx9F//JqxDvf2qFXcKKB1aLQ3mP5w3Cj3Yn?= =?us-ascii?Q?DeuFnDbVp2flkcLuaO86wtQOMymzyhm76raSj0bVt1HyYZlBVVIO7pv5vcNK?= =?us-ascii?Q?OuhESwXEIbX05Ff+Fn+UcU+1ukQCB3tz0El1WoRz/itEB7aSVUB0PLU/94pQ?= =?us-ascii?Q?04SYEQztxHNWnMI+wwWUlU++N4rk98WG8KWR7As+OVqMaUncy9/xLwYZaUBs?= =?us-ascii?Q?KJNSy9llqALNRn+kSLaZmun2dOii7v1hHXy1ZVhYqh9rWiSdO0axfU0NspVL?= =?us-ascii?Q?LwUWW166zFOBtzC7s92Gdlq42Kx48cULV+bqDKpfZIrT6pNb5IeAm1FUXBZp?= =?us-ascii?Q?IojEHAzIIUsUh7togSFGGVz/YsVj731EmoAjSL009FcwC+cDS2Px8XVzZOKS?= =?us-ascii?Q?mIXSTzhQFyUw5wHimi7eavLHgf6USMac9bOXxjlGk3D0e2+OmHxc4NDBJ2D5?= =?us-ascii?Q?BT3XEroM2h8RBuXjW4ugGANIGxryzUTr8w6NzkFt0dzfohtazvOxeBbUa8NO?= =?us-ascii?Q?y4ePACNEm0VyieUIdlZ5GsBwwVedZ7NDGF42euZ6IHGfworzMpym4Cpf4B4g?= =?us-ascii?Q?skGiaGpoaXGkiEMRigEnYHB0Gn2gaoglO5R8+GlurAXCFAj4dek1SYR/obz8?= =?us-ascii?Q?N79VDHxhTUzherBUCER/dX66/y9pRD7SQ7mGicKF4jj1Onlzn4tkF0TP+W2l?= =?us-ascii?Q?gQ0Es1VFe33b6018XlFzQ5EJ4H2H4HcTSFQTR72Pjp5XyTjLuSdkGiCvy1H7?= =?us-ascii?Q?a7EuFmXkKMwxLEMMej0tFmzc7eA5jG+5cBLddX0eLJPU+LFtpM4YghB1sJfp?= =?us-ascii?Q?MKtQ9JIKG9hEEwAqyUsF8Fhj3WEh+v/OnY94?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(36860700013)(376014)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:34.3215 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a137fa94-9eda-4c8d-a5f7-08dd7e948724 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6531 Content-Type: text/plain; charset="utf-8" Restructure MMIO mitigation to use select/update/apply functions to create consistent vulnerability handling. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 74 +++++++++++++++++++++++++------------- 1 file changed, 50 insertions(+), 24 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index c0ba034ae1f9..28b55a7457bc 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -68,6 +68,8 @@ static void __init taa_select_mitigation(void); static void __init taa_update_mitigation(void); static void __init taa_apply_mitigation(void); static void __init mmio_select_mitigation(void); +static void __init mmio_update_mitigation(void); +static void __init mmio_apply_mitigation(void); static void __init srbds_select_mitigation(void); static void __init l1d_flush_select_mitigation(void); static void __init srso_select_mitigation(void); @@ -197,6 +199,7 @@ void __init cpu_select_mitigations(void) l1tf_select_mitigation(); mds_select_mitigation(); taa_select_mitigation(); + mmio_select_mitigation(); md_clear_select_mitigation(); srbds_select_mitigation(); l1d_flush_select_mitigation(); @@ -214,9 +217,11 @@ void __init cpu_select_mitigations(void) */ mds_update_mitigation(); taa_update_mitigation(); + mmio_update_mitigation(); =20 mds_apply_mitigation(); taa_apply_mitigation(); + mmio_apply_mitigation(); } =20 /* @@ -516,25 +521,62 @@ static void __init mmio_select_mitigation(void) return; } =20 + /* Microcode will be checked in mmio_update_mitigation(). */ + if (mmio_mitigation =3D=3D MMIO_MITIGATION_AUTO) + mmio_mitigation =3D MMIO_MITIGATION_VERW; + if (mmio_mitigation =3D=3D MMIO_MITIGATION_OFF) return; =20 /* * Enable CPU buffer clear mitigation for host and VMM, if also affected - * by MDS or TAA. Otherwise, enable mitigation for VMM only. + * by MDS or TAA. */ - if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) && - boot_cpu_has(X86_FEATURE_RTM))) - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + if (boot_cpu_has_bug(X86_BUG_MDS) || taa_vulnerable()) + verw_mitigation_selected =3D true; +} + +static void __init mmio_update_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) || cpu_mitigations_off()) + return; + + if (verw_mitigation_selected) + mmio_mitigation =3D MMIO_MITIGATION_VERW; + + if (mmio_mitigation =3D=3D MMIO_MITIGATION_VERW) { + /* + * Check if the system has the right microcode. + * + * CPU Fill buffer clear mitigation is enumerated by either an explicit + * FB_CLEAR or by the presence of both MD_CLEAR and L1D_FLUSH on MDS + * affected systems. + */ + if (!((x86_arch_cap_msr & ARCH_CAP_FB_CLEAR) || + (boot_cpu_has(X86_FEATURE_MD_CLEAR) && + boot_cpu_has(X86_FEATURE_FLUSH_L1D) && + !(x86_arch_cap_msr & ARCH_CAP_MDS_NO)))) + mmio_mitigation =3D MMIO_MITIGATION_UCODE_NEEDED; + } + + pr_info("%s\n", mmio_strings[mmio_mitigation]); +} + +static void __init mmio_apply_mitigation(void) +{ + if (mmio_mitigation =3D=3D MMIO_MITIGATION_OFF) + return; =20 /* - * X86_FEATURE_CLEAR_CPU_BUF could be enabled by other VERW based - * mitigations, disable KVM-only mitigation in that case. + * Only enable the VMM mitigation if the CPU buffer clear mitigation is + * not being used. */ - if (boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF)) + if (verw_mitigation_selected) { + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); static_branch_disable(&cpu_buf_vm_clear); - else + } else { static_branch_enable(&cpu_buf_vm_clear); + } =20 /* * If Processor-MMIO-Stale-Data bug is present and Fill Buffer data can @@ -544,21 +586,6 @@ static void __init mmio_select_mitigation(void) if (!(x86_arch_cap_msr & ARCH_CAP_FBSDP_NO)) static_branch_enable(&mds_idle_clear); =20 - /* - * Check if the system has the right microcode. - * - * CPU Fill buffer clear mitigation is enumerated by either an explicit - * FB_CLEAR or by the presence of both MD_CLEAR and L1D_FLUSH on MDS - * affected systems. - */ - if ((x86_arch_cap_msr & ARCH_CAP_FB_CLEAR) || - (boot_cpu_has(X86_FEATURE_MD_CLEAR) && - boot_cpu_has(X86_FEATURE_FLUSH_L1D) && - !(x86_arch_cap_msr & ARCH_CAP_MDS_NO))) - mmio_mitigation =3D MMIO_MITIGATION_VERW; - else - mmio_mitigation =3D MMIO_MITIGATION_UCODE_NEEDED; - if (mmio_nosmt || cpu_mitigations_auto_nosmt()) cpu_smt_disable(false); } @@ -679,7 +706,6 @@ static void __init md_clear_update_mitigation(void) =20 static void __init md_clear_select_mitigation(void) { - mmio_select_mitigation(); rfds_select_mitigation(); =20 /* --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2081.outbound.protection.outlook.com [40.107.93.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6441F214818 for ; Fri, 18 Apr 2025 16:17:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.81 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993061; cv=fail; b=ATKhXUuJQCrUEG+Or3ytnqnn4zZxCIUgNas+ZumMgZNIyewNRCc9i9cev/2DWxeNwxf9gYJEdzXOxrzYjVtjV32QUlvXrH/8frtrB3IMZkjsBkAAdXC39zYBjrXJ88oE6u3IaZKJcY54sXA+sPbfByQXEnl3ot1eURaSydrDgGI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993061; c=relaxed/simple; bh=XNvtrobeV3fa/Oa6fqr8paCOsEQYv/zDChNpq0Wzbi8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=uzaNwXnRTRRkXVDUBa3ipP/niNrZj6BfgVBjP8rumzgJm+ocel/k8kol49boGGJ57nS624uQPIdwhk+cyselHk2vMIBJTGH8BAH5nuHfJxzY1jSVkYrRQaiNpcrcATkVN4z53eeBxMNw610cJELFjgjHKSooSB/ASfde+6sPKL0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=pIHdKeGH; arc=fail smtp.client-ip=40.107.93.81 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="pIHdKeGH" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CBPfRFA9qUtGyO/TZRHV3xGmXnh/IQWzMuh43crKVephMDmHENEnuTG1yqdOr34DNAwYMxocpYRNE/mhl7zBIejb06qHdvO4g8YU+u6QngVxu5bDqT6AlR6kUmzHDH+VQ+3ce6boiUJabAL0lMp2bZIrEDF9Vj9fFqQOa8+tGNMzS4C7QvyFeEoX5Z/2TAcqaHHW3eC23nuN9YcK+W+Bh18SIIgt73wj/eagRO0RNK4z3Dvt7eReKgQAGeLdpQwBBIx//paJqLBHBhBQ+6pI5xbvWAMhGxNjZJHWp/PFJSQSzhHj/D/F8H2XlRHQDEKGcwqYRQ7wKTkLsOaR6vdKVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3UC8iUNiZI3An+6Fp0SxQRycBHPiFb4heK3UoIlMlLA=; b=Rrs7bgyBWdtxRSEK7byVsf4FuJYZbASVj1umdSY5iEhPciWdPWSS21MuIutUf8PAGwlm1PI4FKwWbvRiaVBc1IT4470m+WyD1S85PFJ6Tq9vTkMH+3NKT3dPGpjs2hY9QEJbM08rYvLudTlBSAnNr7ViPPzTTiFS1WgFHNtBK7D1/BfR2MAnqrKIAUsF+iTEpZDPy2We479bESSnNwcsUBaQV1QzsTIrbMbjgRzbazhGrhJ/HNIo+RBo5foGetXsH8CZe42Fhky1iQh/CUMdrwtEQYhDlHcdnjhvAT0UJkJMWP1aCvYu4sAlkajg7MT30il9DbZKa3+s/mOP3SdBZw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3UC8iUNiZI3An+6Fp0SxQRycBHPiFb4heK3UoIlMlLA=; b=pIHdKeGHQ+FwGfURJN5eN35KVLvdQtfj667X20cPHqdiAy87Iqufb3aK9HCZ4USKZErhlszKMTKSMkhS3JFbM2mNsttFAD74PmsYqMNGto52+u5oQ+3RUz0mtwnlR83l3KcnjTHPzoYhYmqrkZVjlCs5+NcH2W0/1QLfKLSgV+4= Received: from CH0P220CA0007.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::15) by DS7PR12MB5720.namprd12.prod.outlook.com (2603:10b6:8:73::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.22; Fri, 18 Apr 2025 16:17:35 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::fa) by CH0P220CA0007.outlook.office365.com (2603:10b6:610:ef::15) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:34 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:33 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 04/16] x86/bugs: Restructure RFDS mitigation Date: Fri, 18 Apr 2025 11:17:09 -0500 Message-ID: <20250418161721.1855190-5-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|DS7PR12MB5720:EE_ X-MS-Office365-Filtering-Correlation-Id: 1bee3714-7c43-4c4c-869d-08dd7e948777 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|1800799024|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?f1rAbZb5Npj/3F2tt6knztyPP+9q6QgVIVnSxImDwUZ+qVgOnL3oQwdCi0v1?= =?us-ascii?Q?RijszOaIIxaoqEa5G1UqeZZoGEj3ftOfxlfs1o1cjvmW3rsRLNkdETPkPRl1?= =?us-ascii?Q?gsqiqdYaN98UBYWSgUZGxspw1f98vAgnTrOvFlSdZCl82lMjExP4J1R33Vvy?= =?us-ascii?Q?4nREUbE4aQ4pksUcRgw+d8ryyCQdmWPzOyPTiGXQPSCEWOVSv6JREUJd6rd5?= =?us-ascii?Q?6zwxYjSbPKyhm1VX3KHw1TnsMYS83vVk2ROS3bbYupXJERjL/B3I9xc3v4wd?= =?us-ascii?Q?2YJX3EVbiM6J4tFEED+nfrfXdAg6T6tXntoMq8BDUgxEngszqTkFgEET9hrX?= =?us-ascii?Q?Mjoxji/uY33hfOJyYj8Pc9ew3tWn5VakEpQR9RWyt1e4R2q1ztZ/HT6XJLZZ?= =?us-ascii?Q?GGKHd98ngQoTG6hhRLCHUFyavPDkdJBj/cnp/AspHSMBsWocwbor/LB5buW4?= =?us-ascii?Q?+Q+EYIbiBki1S4BaDf5r1S7G9Wseqa+AikdrSm4SN4wEFaqVR89PxGFdBZAX?= =?us-ascii?Q?9CmpvYdEY67vTVaAFZ/wihEFSFswpbJLntsTDIbFmpFSql6RcTMi6EhOVjS2?= =?us-ascii?Q?+GAf/DFCiB/l1IW2eEfuNMqySXpB4pHQiE0M8NpiB/6aqm1jEe4qjblReY6P?= =?us-ascii?Q?qx+yR5kcmV2SQIwXRic6jUK0i6dpfEP2C2+B1bW2/j7USt+UDUO0JEkbREYV?= =?us-ascii?Q?7rNj+vt0jDzgPDHNxfJq6QycejPh8Dy0UNfdwxs6WXl9UikyTjwifIezh+wz?= =?us-ascii?Q?x0BEl0EbHT9pCvescTD2OEIEHS1AReItpWPr38BmcPsXlfmSwcFUSouSv4YD?= =?us-ascii?Q?l8HCPlYkPr3mO3M3Qh5wnK3fLAVGaEFRWOBrQJ2rxgvloZDOGJPtuDWw6U7z?= =?us-ascii?Q?jiedwpydRzZCNCGUlHZwRjq0rfbGxWxwDuH/O4EPagaGuG6SRJwTuzdCD+eT?= =?us-ascii?Q?Kcnm5hv4mtaVgVLM3fMmAPkluMkeMwXO7Uz+oiUJla/+uRnDAkzPPkU0zPvx?= =?us-ascii?Q?5MiCAtcXXA10OhiJIzCPL/u0ES/f29XhIqwqZ5PAPVVs1MmV/mj3unlXTbGX?= =?us-ascii?Q?w93/ZNBwrdMapnQ8RJ+/alvSQ+VklXkEXObxju5LacOZAxM/Sj//vtM+y+xH?= =?us-ascii?Q?9dGQ1Dklg+UxD9LfwjS/4Wrpy9bBpTTINlWrbnj2eql/ZdvYoptdI194ihQE?= =?us-ascii?Q?6aT1WjkGwVs0Gbb+PWXasr121LLAHxhvv1yhCDaUscfncZm5XFOGGQ+JWniU?= =?us-ascii?Q?eoxZ66p5HXGrKayxa9ly6wG/eQNFeXJwiC1eMHWyYnJDJTlO1Bk6HJlAvocx?= =?us-ascii?Q?QWcif8DnOVYNxsWGjzaLQ5PHK8oigSOKd3WsxdVfYRVKeuFbAQj7rgZvtRHL?= =?us-ascii?Q?gp4qjq2EicI55rxoVDz7lf/1EzGtXBu+JMNLY30EXuYqJC5TmrFPlH9XeaH3?= =?us-ascii?Q?W6G/D6etDkOe8TjsQhxxrX2CRlV2kZVoocC//LYpiUJ8WK/QyCLUtwYV/lvo?= =?us-ascii?Q?pT1wKDkP3ts5G9z6zIBFh66Mcswfda0aBatG?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(1800799024)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:34.8656 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1bee3714-7c43-4c4c-869d-08dd7e948777 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB5720 Content-Type: text/plain; charset="utf-8" Restructure RFDS mitigation to use select/update/apply functions to create consistent vulnerability handling. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 41 +++++++++++++++++++++++++++++++++----- 1 file changed, 36 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 28b55a7457bc..303718689aac 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -70,6 +70,9 @@ static void __init taa_apply_mitigation(void); static void __init mmio_select_mitigation(void); static void __init mmio_update_mitigation(void); static void __init mmio_apply_mitigation(void); +static void __init rfds_select_mitigation(void); +static void __init rfds_update_mitigation(void); +static void __init rfds_apply_mitigation(void); static void __init srbds_select_mitigation(void); static void __init l1d_flush_select_mitigation(void); static void __init srso_select_mitigation(void); @@ -200,6 +203,7 @@ void __init cpu_select_mitigations(void) mds_select_mitigation(); taa_select_mitigation(); mmio_select_mitigation(); + rfds_select_mitigation(); md_clear_select_mitigation(); srbds_select_mitigation(); l1d_flush_select_mitigation(); @@ -218,10 +222,12 @@ void __init cpu_select_mitigations(void) mds_update_mitigation(); taa_update_mitigation(); mmio_update_mitigation(); + rfds_update_mitigation(); =20 mds_apply_mitigation(); taa_apply_mitigation(); mmio_apply_mitigation(); + rfds_apply_mitigation(); } =20 /* @@ -620,22 +626,48 @@ static const char * const rfds_strings[] =3D { [RFDS_MITIGATION_UCODE_NEEDED] =3D "Vulnerable: No microcode", }; =20 +static bool __init rfds_has_ucode(void) +{ + return (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR); +} + static void __init rfds_select_mitigation(void) { if (!boot_cpu_has_bug(X86_BUG_RFDS) || cpu_mitigations_off()) { rfds_mitigation =3D RFDS_MITIGATION_OFF; return; } + + if (rfds_mitigation =3D=3D RFDS_MITIGATION_AUTO) + rfds_mitigation =3D RFDS_MITIGATION_VERW; + if (rfds_mitigation =3D=3D RFDS_MITIGATION_OFF) return; =20 - if (rfds_mitigation =3D=3D RFDS_MITIGATION_AUTO) + if (rfds_has_ucode()) + verw_mitigation_selected =3D true; +} + +static void __init rfds_update_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_RFDS) || cpu_mitigations_off()) + return; + + if (verw_mitigation_selected) rfds_mitigation =3D RFDS_MITIGATION_VERW; =20 - if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR) + if (rfds_mitigation =3D=3D RFDS_MITIGATION_VERW) { + if (!rfds_has_ucode()) + rfds_mitigation =3D RFDS_MITIGATION_UCODE_NEEDED; + } + + pr_info("%s\n", rfds_strings[rfds_mitigation]); +} + +static void __init rfds_apply_mitigation(void) +{ + if (rfds_mitigation =3D=3D RFDS_MITIGATION_VERW) setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - else - rfds_mitigation =3D RFDS_MITIGATION_UCODE_NEEDED; } =20 static __init int rfds_parse_cmdline(char *str) @@ -706,7 +738,6 @@ static void __init md_clear_update_mitigation(void) =20 static void __init md_clear_select_mitigation(void) { - rfds_select_mitigation(); =20 /* * As these mitigations are inter-related and rely on VERW instruction --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2043.outbound.protection.outlook.com [40.107.244.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2893A21481E for ; Fri, 18 Apr 2025 16:17:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.43 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993060; cv=fail; b=n213edstVaahMtf0l6FTQXGLlqMzmAaReFM49pI65kJZFv0MmwK20/SVncQ71yYtwvl6zvw1P83MNmyn1GyPNEUTchf8qoLQ8I3pAbPI0frx0l55x9K7eD9JpVAbmqi1HIfZ9p+sbz6Do3mNdghri3BWusYezlitxiWQdKvhtUc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993060; c=relaxed/simple; bh=o0xLya7hrsftihh0+bCY/JlxP2KJCyFTLwcfaDDFqmc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=BkWDnjjq5sYKP6XayIIx+jiaBfI7DE6hE4A5Vioufl6X0NNGA+GZ82+71vvCpxWts3fWIRmkqdUaA+k3SXHKrfdA6FWp0Lzf5a2cffjPYETWCt768WZNg8PeX4l3wqDOg33l581IpodKhNLkrkmit4I3/ngOcANU1xpB4X75Maw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=F58Yyaa+; arc=fail smtp.client-ip=40.107.244.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="F58Yyaa+" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=A1LMvrnKko7ghfycSzQ+5BoWJ1ERq/n8GDKxta4U39kj40ckBZVTeUJ0yXf6ksIJSFK7B25oXY+1N+NKlC4uzIt6Be0iA2eLDu/s3caRHkocHT1++kZSSRw9EyJXOgOLpeu1OsG347iZEGW+4WPVyOyLroo9lfjeJlyhOniuJUDsN4sbDSu1/vVEG8xCw1igrAAM0XkIpkYATUMFMOc0BLBZUg4TEhAUDaPqJg2eBPH1le84dR3nA1jITP5LjDCiu6uQliIztOAmzsW8kp3fVFvOBroFTHteTKYJXewqgyT756kqq/FzTtgRSopm/So2z0hcC30HRh5yiqKjn1Rnnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZjYxT98J7o4QLhxnhi4saOMaD9COOKzyKfjrkSya0GM=; b=j1OWp0RSwXb76xvjF/DUoBdY3mZqB2dlGHwun8yntNHFtdGi0jICeavPhaPucgcZRM7ksKderaWrw6dJg1R2WuiOd5Snx+xHfhuLqUVjcuZmauZcRZvkj+6VIm+GEZucL1c+lswgFhPQGoiJJWNFJKvDZIC92H1YPGRWbKn5PiftEVkYm4XxXAgVzAGv64MygP0cys2FNMks80Lns/BH0NKb8MUc2YXphU7QwyUPE6QsdbR6n6K4UEfE8T2kilAin6o6IHt9rGjMspOJ+BWSc0trkFHrEpRwq3uKsdb5R9spENSLs10qyOU7Xed9VV1r+RFIpnhj5BWQrGeZcy+FdA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZjYxT98J7o4QLhxnhi4saOMaD9COOKzyKfjrkSya0GM=; b=F58Yyaa+ZSV1ZFqaE4pRo63emETIqDTnCMcydz4rREA68jIW/1mzq3ubxh0ueG4iGQZbwrKZ1r0USou7B7VOwM/GmFsIcfb7J4KGLzf5hfW6EjKu2ffd9+y0ch27hLMEsMJ1ohbCbPdoK61ZupREx573X7IylqTg0jxvetCSD78= Received: from CH0P220CA0004.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::10) by IA1PR12MB7736.namprd12.prod.outlook.com (2603:10b6:208:420::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.25; Fri, 18 Apr 2025 16:17:35 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::e6) by CH0P220CA0004.outlook.office365.com (2603:10b6:610:ef::10) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:35 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:34 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 05/16] x86/bugs: Remove md_clear_*_mitigation() Date: Fri, 18 Apr 2025 11:17:10 -0500 Message-ID: <20250418161721.1855190-6-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|IA1PR12MB7736:EE_ X-MS-Office365-Filtering-Correlation-Id: 0279a457-455e-476e-ca53-08dd7e9487da X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|1800799024|82310400026|376014|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?b/x8p/JHHwH8Q3xdLTi56SY7SrXxh4RMVP9XcOxOMmZcZOFhoH0wY8noIEcU?= =?us-ascii?Q?6n1Srgqe4cnDn0IzDhxpDWmTQ95lCWybeXgKgTj9BGXx77RFlevdexHtjg6F?= =?us-ascii?Q?mxwhUuxNmVkLT1fPjDt9indIPqsldKlsg14hFamhV3W18diUKC2kVQNMxhVA?= =?us-ascii?Q?sQdAyaCW4B5n5oNldtkMVy8s3BnaIAlQmAtTCMtb0l6oVLSXpBKXed+ObJCc?= =?us-ascii?Q?VtsEQDsLKacVuX/gBltMkKl6/XVPSm1RwELklRuhNKOE2dQ2wdBnv4iy/OJj?= =?us-ascii?Q?V/CmX43SjYNyv9GhXXCQ21jJWb1vWWSSk1kfOf2SXcScNPTFITPoTnpNZ0H6?= =?us-ascii?Q?Er2XP7V4tUw/OXdb+ak7Xhdn3pFHToeBzrZemWFG4uXDSLDNEJG1FCDXxYEf?= =?us-ascii?Q?5b6kHEXRLsQa8cpTIGPN8l+P5kpEBGR/qB24cCvH5tpkNN1a+uFCZlfuBGhT?= =?us-ascii?Q?lHek5xNRd1RPuVxe9J/qhGB3HjQjEiiQOFWliCV02zo/n0nGZW2KALTRGBLI?= =?us-ascii?Q?p9qhjqlsC3Ei5u1fCKh1jPGcJPW9hqBLnnljuDN2uNGr+H+n6P3+3Jn/Wbsn?= =?us-ascii?Q?nHRvJ8VbulB1kbjDrUfh3ENsFRaYsN/wHMukeoQGjYyc/OZcQVg7g2wBieUZ?= =?us-ascii?Q?VO8JhKp1NFLFHNnmM+QaGrXqa1rfC7Vy8uJFi130gDgQUoUsiA7Su19JtV58?= =?us-ascii?Q?ptU8j/OqsG+wvnLl3gpv5nt0eezRKQ8r0e6IRvQdaO1VDzg7IbH0ZPYZcFL3?= =?us-ascii?Q?cb/2UxFN1bdrFBDsfapk8RFqmXZP695JM8N/1UTizCUBRd9C3aRcFANz1dd3?= =?us-ascii?Q?WjLc73QRAbyAdi7QTjYLInn3yVt000tx+vt6AF/OpNnZFDHaKGhmqJlY45eR?= =?us-ascii?Q?3RkppTiHjZatm1stS5XIrubuRBMGdXnNvVk5yPVYqZhyi0aFhcEvbXXYal5I?= =?us-ascii?Q?Dg8aVIUfNOtGa4VdAJdouknfPr/uwlIO+UeOf8ys/3fOzMVXlkateH55FlK0?= =?us-ascii?Q?O2097szMQtUp5GlpdMiMvek+x8odIicsr3Gk1cokHStsgCaNSAqyptG/j13D?= =?us-ascii?Q?lCcz/jXrEzdh8ryuIsgiDIY77Ogy6oE5woSvq2v7uztdIvI/Wlnk3/2xRIGm?= =?us-ascii?Q?qibLx/cQDOAvQYP1XwlcfxTBYapdWbHzaNz5xhAs82qkE33jRy0QIx0plWGs?= =?us-ascii?Q?sceBq7mCC0Gk+zyIjVDFOBu8HhAsO7N8RWUrNPdOiIqHF0fW5S9Put/04fRQ?= =?us-ascii?Q?KnztMwr2WvDy56bCEDx/+pN3Rvjjb49H/elzUvsSLfVo26Im7/q7mNy5Ldht?= =?us-ascii?Q?0Pey0u9rLGjIQc8MoXMS3FiZj6e8bnZQQ9Mpy+RJ+qlc7wfB62lsIjVr18aN?= =?us-ascii?Q?KAE1SBF7eG7/zw/SXf1qJWwxGx4qbDdLJk0LbVWiJVtMwY3/xGhtXNMzB43g?= =?us-ascii?Q?wF+H7XOHAVaNlvXtv3KlNVzujwL+TEeEqHVTPk8kaivYLlyaw8ra513sAS4N?= =?us-ascii?Q?NH6SP2VVnE5aAq417mL2kcUoRStNnqfXcgZ6?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(1800799024)(82310400026)(376014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:35.5160 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0279a457-455e-476e-ca53-08dd7e9487da X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB7736 Content-Type: text/plain; charset="utf-8" The functionality in md_clear_update_mitigation() and md_clear_select_mitigation() is now integrated into the select/update functions for the MDS, TAA, MMIO, and RFDS vulnerabilities. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 63 -------------------------------------- 1 file changed, 63 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 303718689aac..ae6619416ce1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -62,8 +62,6 @@ static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); static void __init mds_update_mitigation(void); static void __init mds_apply_mitigation(void); -static void __init md_clear_update_mitigation(void); -static void __init md_clear_select_mitigation(void); static void __init taa_select_mitigation(void); static void __init taa_update_mitigation(void); static void __init taa_apply_mitigation(void); @@ -204,7 +202,6 @@ void __init cpu_select_mitigations(void) taa_select_mitigation(); mmio_select_mitigation(); rfds_select_mitigation(); - md_clear_select_mitigation(); srbds_select_mitigation(); l1d_flush_select_mitigation(); =20 @@ -687,66 +684,6 @@ static __init int rfds_parse_cmdline(char *str) } early_param("reg_file_data_sampling", rfds_parse_cmdline); =20 -#undef pr_fmt -#define pr_fmt(fmt) "" fmt - -static void __init md_clear_update_mitigation(void) -{ - if (cpu_mitigations_off()) - return; - - if (!boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF)) - goto out; - - /* - * X86_FEATURE_CLEAR_CPU_BUF is now enabled. Update MDS, TAA and MMIO - * Stale Data mitigation, if necessary. - */ - if (mds_mitigation =3D=3D MDS_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_MDS)) { - mds_mitigation =3D MDS_MITIGATION_FULL; - mds_select_mitigation(); - } - if (taa_mitigation =3D=3D TAA_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_TAA)) { - taa_mitigation =3D TAA_MITIGATION_VERW; - taa_select_mitigation(); - } - /* - * MMIO_MITIGATION_OFF is not checked here so that cpu_buf_vm_clear - * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state. - */ - if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { - mmio_mitigation =3D MMIO_MITIGATION_VERW; - mmio_select_mitigation(); - } - if (rfds_mitigation =3D=3D RFDS_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_RFDS)) { - rfds_mitigation =3D RFDS_MITIGATION_VERW; - rfds_select_mitigation(); - } -out: - if (boot_cpu_has_bug(X86_BUG_MDS)) - pr_info("MDS: %s\n", mds_strings[mds_mitigation]); - if (boot_cpu_has_bug(X86_BUG_TAA)) - pr_info("TAA: %s\n", taa_strings[taa_mitigation]); - if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) - pr_info("MMIO Stale Data: %s\n", mmio_strings[mmio_mitigation]); - if (boot_cpu_has_bug(X86_BUG_RFDS)) - pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigatio= n]); -} - -static void __init md_clear_select_mitigation(void) -{ - - /* - * As these mitigations are inter-related and rely on VERW instruction - * to clear the microarchitural buffers, update and print their status - * after mitigation selection is done for each of these vulnerabilities. - */ - md_clear_update_mitigation(); -} - #undef pr_fmt #define pr_fmt(fmt) "SRBDS: " fmt =20 --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2081.outbound.protection.outlook.com [40.107.101.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4ED2421505C for ; Fri, 18 Apr 2025 16:17:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.101.81 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993062; cv=fail; b=WDoXQm3UZzTuM5i+TANk+xfbNvKxagTYCeiAtf+EdlpEhO5Y9QRcOtX5+NIjzqVyxtO/fT7rFMEw2/PGcRess49078xXYb6StmwmMHy7XK01wxV2V+SQtqFH91NNgGDLZGLQj+AoMjVjyzjb2qn4M/bljJ2D6t01U+KA9O4o8Po= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993062; c=relaxed/simple; bh=Mnu9Iq6eQQFrMrO5EVyy7BmqLuo7WL1tZoYv2B3fuu0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oHJ8Po9ZnVYFyKOULaEws/mXBXf57aPkz9TuA9SIfN37mi1bs7e8SxKmjqvYFcFdTxL7JcPK4XfvHKVC/VRcOjwKNIMNpRCX8G4uGW6bEsN/ULf/VG9skmYaMendHWpK9/C4Efny1JjnSz9ZirV+5gVvpAZiLn7qBJ8Pi0ClNCs= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=gh/eR5ai; arc=fail smtp.client-ip=40.107.101.81 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="gh/eR5ai" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=HgpHIN+bSFf9+wVyvt/KHy1ByamCdKzSRXgipRAchspeYERaC1NxQZSa5NPYSf1TgPQnt0muhCPHHHeufU1CKyldR/wFAaI1Y84oEuKSLg/AVTa40xLQwOSsfEnwgbDJuEEeEiEjs99w9FVpECmm0STTr7/0TUJ/kA0l6MTOg1F6MXE7D48y9Q8CzYTRzuLmUW/eBoRZQuSSoiV3ymB1PXhZ5hatWoi5a/CZrRezq+gdW/QDjt5NYneqPxTiWR7cJAsph3FrQ9F3qhc5uusOMZhIRKRzzOmMo3Xr6q1TJ5dmQT488OckF1CKgKWZ1547v4QC9ZMf48A1TXjzr6Tmrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pr36jq03MUShKn7hVZsyDAKLKe6VLEw8nzHibQyUXuc=; b=yzEZLrFqDthM8ARLfHnoTzkGP5jjegssUOUOmdIdiR53yVrxQsFcy0pm3aBRbP+Y60KxOch7tCxx64L9zawMZV7ukDZjMC7YftX8ZBSZw2WGlAGWEjb4d/LAQnkZD1Gwtsy25WnUlIHmNhtMW2Ht3RDRMAHkCfvY0TpzkbTCJZYRn+PgMgWpsqhSQ63BFST958jPPM1Iaupuq1/jY/cXn6FmGTioneC4hvkaQriI9xb438BoJtHYmi1CB3Sqy8lnv7A7LzUUu0RN7ycJXMz8Zkw3eb9d0gxfZwW7Uh/lue/IsfYKTMJoM0XWCBqX2AiSoThBsxfebA8cusvCvQqXIA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pr36jq03MUShKn7hVZsyDAKLKe6VLEw8nzHibQyUXuc=; b=gh/eR5ai5SApDqk/+2amJgIvY5PTEBQgmVCVNEn2XA4vV7bcOwx/eFstno96eluVuFCBoIU2wNDVV1MxkHPowWdoUJuAqQfTCvCIUDxmOC5MZ5Z9DuJnhLUmkmr5VOrNrP6wldkV56sfIVSa9DLmDSgtYaoDaiLZnf2rkOD7ldw= Received: from CH0P220CA0025.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::20) by SJ0PR12MB7084.namprd12.prod.outlook.com (2603:10b6:a03:4ae::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.26; Fri, 18 Apr 2025 16:17:36 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::b2) by CH0P220CA0025.outlook.office365.com (2603:10b6:610:ef::20) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:36 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:34 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 06/16] x86/bugs: Restructure SRBDS mitigation Date: Fri, 18 Apr 2025 11:17:11 -0500 Message-ID: <20250418161721.1855190-7-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|SJ0PR12MB7084:EE_ X-MS-Office365-Filtering-Correlation-Id: 449ce6ef-0a56-4912-6fdf-08dd7e948835 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|36860700013|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?9Syq7azsnUHwmiBMpIgur0jqmyAzKrR9tQ03pm9nLOyG2l2S+log1PE9jYSK?= =?us-ascii?Q?FGwAK31vUn+Lj1kxbw9QiDOt7btHYX62yERQQK81ij3V2lVZNzmDRcFdK3dI?= =?us-ascii?Q?7cHg8UhevYGnARfXFRKYzjvKjFPtt0Z7ukaNtXb/tXH+1my7YVg9GaL6UAOJ?= =?us-ascii?Q?oTq/Nqp72sf74U0xLoRet66LUZpnmkFflndijq3CMSI6juwgLIwAVIzrHtsL?= =?us-ascii?Q?WHme3fVLAeyN5biojMUW+UKSkRM+pf5Zs76qsaybyN9GdlL2Yac75dI8iyZT?= =?us-ascii?Q?PPnovr81jzeOTXtbp+cxozqMAhpblED3uR68kb3hBxSe5YLpQ/BFLFBobxMw?= =?us-ascii?Q?ntZuSVpGxIVSrtI9cZ4OdJnNcp6qwoUFTr29WlacGTnZIB85RaN5n2H3f7Oj?= =?us-ascii?Q?cNfjh0LgmwRXUKguXbiiHU9eNJfzhNHcrk2f5UgPeCNzlV36Bfp7PbiBvo8G?= =?us-ascii?Q?YkqEMS28KNxk7fKVzCbo+Y+uSEjGLhMNqAFNaALSHxHR36byUzdax0swd5Vf?= =?us-ascii?Q?3WBpBD0wnhlitaENUEILDzTqIqte2EQnLoXz+6D4qPGELyfyr7xpZEkA3OiS?= =?us-ascii?Q?F5fyygoLDcK8DEpacvb0MoHbUWRa8s3uVwyVw+9ZKfZ5/Pn7rgjyk5nPOHiC?= =?us-ascii?Q?vmh1/R1wmB7H5gZ5yzaNm2yuq8xxBtbLzPDoeqzxjq+WdfEB102o1wt3CX4Y?= =?us-ascii?Q?9Ciilrlir/2R6bN/aVUBRqOw00TJrbEpUne14hnLPTLSRHnRk4elr4eVhgrl?= =?us-ascii?Q?4BoWm1eBKeuXNvfaSLADk3tdWasWxM9lpjmsDFYW1XHD5cxI+DG9tdrDAo49?= =?us-ascii?Q?pRKiUx4sSW8WbwS49iBwTExNEHWKO+BIlZjwLakaKKjc865tQSa4dUgtSMkd?= =?us-ascii?Q?3824xggrHED3KjgVwnUU2xw4AetEvkSeED5Abs1BhuCC1kDIW7CXMqX0sqrL?= =?us-ascii?Q?EMuAm0v72bP6AB/QdbrCAxi+YJyQofDl5fXZU/nuYRKLZO1gVAGVDfdTTa7q?= =?us-ascii?Q?fhzmpTgdz07hba1bTzKPXM5OnCTLOuElPlHkIHXAjlUvlxXSgMMLkwd9VBhJ?= =?us-ascii?Q?wDrS3QD6Oir3DWn+mBPk5PxF7EDkXgg+MYcqfbER4FKzwww3eaO+2dIqfmey?= =?us-ascii?Q?OgfwY60U8+3BfYSp+5mEngrKvvDu2YXU7MLI5bjCjliTP/9ID3gnG1XpuPYk?= =?us-ascii?Q?GrPQT1X075rskzfKNSd/lqe34WAZjMbz47So+N+DAkXRLXBcc6LF+XiMdfu1?= =?us-ascii?Q?S6D9T1cxWuOkGElGTJGwWCPRlDURBzebCQf9tWBx00efBExu9qVgYrvTfGNd?= =?us-ascii?Q?I+wjYviiYe38YNV/eYygZLXHffJyrZn55Y8JHs7nJqitC+IEDkZsT8742r2A?= =?us-ascii?Q?k7inROlWHncwlLSR4YmWSX44Gt1TEsVEuxAIGNliXqCwILjs65FX3tta8z7m?= =?us-ascii?Q?6iB4xiDL3WrZK6Vku0r7H+oQt95BI2ZKgPxDPWfUhstbUB1O3xrMz48umQkP?= =?us-ascii?Q?j8qryREOuQ5ceHh3uaxkxQkLmTebYXzmIrC9?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(36860700013)(376014)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:36.1101 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 449ce6ef-0a56-4912-6fdf-08dd7e948835 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB7084 Content-Type: text/plain; charset="utf-8" Restructure SRBDS to use select/apply functions to create consistent vulnerability handling. Define new AUTO mitigation for SRBDS. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index ae6619416ce1..942db170eb4e 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -72,6 +72,7 @@ static void __init rfds_select_mitigation(void); static void __init rfds_update_mitigation(void); static void __init rfds_apply_mitigation(void); static void __init srbds_select_mitigation(void); +static void __init srbds_apply_mitigation(void); static void __init l1d_flush_select_mitigation(void); static void __init srso_select_mitigation(void); static void __init gds_select_mitigation(void); @@ -225,6 +226,7 @@ void __init cpu_select_mitigations(void) taa_apply_mitigation(); mmio_apply_mitigation(); rfds_apply_mitigation(); + srbds_apply_mitigation(); } =20 /* @@ -689,6 +691,7 @@ early_param("reg_file_data_sampling", rfds_parse_cmdlin= e); =20 enum srbds_mitigations { SRBDS_MITIGATION_OFF, + SRBDS_MITIGATION_AUTO, SRBDS_MITIGATION_UCODE_NEEDED, SRBDS_MITIGATION_FULL, SRBDS_MITIGATION_TSX_OFF, @@ -696,7 +699,7 @@ enum srbds_mitigations { }; =20 static enum srbds_mitigations srbds_mitigation __ro_after_init =3D - IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_FULL : SRBDS_MITIG= ATION_OFF; + IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_AUTO : SRBDS_MITIG= ATION_OFF; =20 static const char * const srbds_strings[] =3D { [SRBDS_MITIGATION_OFF] =3D "Vulnerable", @@ -747,8 +750,13 @@ void update_srbds_msr(void) =20 static void __init srbds_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_SRBDS)) + if (!boot_cpu_has_bug(X86_BUG_SRBDS) || cpu_mitigations_off()) { + srbds_mitigation =3D SRBDS_MITIGATION_OFF; return; + } + + if (srbds_mitigation =3D=3D SRBDS_MITIGATION_AUTO) + srbds_mitigation =3D SRBDS_MITIGATION_FULL; =20 /* * Check to see if this is one of the MDS_NO systems supporting TSX that @@ -762,13 +770,17 @@ static void __init srbds_select_mitigation(void) srbds_mitigation =3D SRBDS_MITIGATION_HYPERVISOR; else if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL)) srbds_mitigation =3D SRBDS_MITIGATION_UCODE_NEEDED; - else if (cpu_mitigations_off() || srbds_off) + else if (srbds_off) srbds_mitigation =3D SRBDS_MITIGATION_OFF; =20 - update_srbds_msr(); pr_info("%s\n", srbds_strings[srbds_mitigation]); } =20 +static void __init srbds_apply_mitigation(void) +{ + update_srbds_msr(); +} + static int __init srbds_parse_cmdline(char *str) { if (!str) --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2069.outbound.protection.outlook.com [40.107.93.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5872215073 for ; Fri, 18 Apr 2025 16:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993062; cv=fail; b=WJZgeHxPntPpwMImtddp9dYiPhNPVvxLcELFQDsyowO7l9SDiMsE81z83TAWBgIsvkbRvor1gfWBwt4Gdm8KlR7ZDHPcoolIZbr2odcvgfShfMO2p29xS0mo3eSvAwxsWRtiCFWyQMgxVwvrl65fBBlL6UW+VkUyvfPRvdyHEw4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993062; c=relaxed/simple; bh=v5J4l4BVlnrKPdHdDyBmtt6miEMTCo3njbOIixDLVzk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=RGiHUVEvV73aCQFJIRumakKMf9bdLiHvm/SzZ20Kh+yTan7yBsqV3YUXE1j7deLqZbJ0SIc3IY9COqqWuTTRopQeRxQ0np+r/iVys8FmvPyU5fyn5y8kT+P5e70B8JXAkRVZUSF1/q8TLycPNiIBzEEofA3VVnPRbj1UHmiMwKw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=YHgTnPeX; arc=fail smtp.client-ip=40.107.93.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="YHgTnPeX" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=k3hTRsQe4Ejga1aRmf4j04EYPSRtLmAsYWIhgd3VKAsuaa6tpW0o5jN1/OWGOoNXH5OB/im43k68lWKjRBZPBYkRWeQfcog0TU17YmUa0ZJ0h2Qp85yfHYYcFX0DenH3tYrq8c8/qjL01121kcapijDN9aTn8xth/n3jn7hKtD5ylNhPRlq2ANmQWhIlKTfkX6ey23JyS3eWwpsNMQy/S5V487VlG9hr+4yH2zqiCkS4sH5q/QkiyYsvyMn+whG3PpXS7RT8Kg9uUxS8ccyAKqSTyFZ/rZE/r6YwD7qo2xrUg6MgRLfZLPFmm1yqdA5WlWiKm8UWFQkuDrndCNrIBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=r5t7R5QYyfT7agBVTJJKs7rpUkPD7DCRt2KKotjseSE=; b=zBpusfZHReosFcRfqx8Neml8aG7oG0dzAZtsONfnGQrC+LqLzKvB6pnIBob/H0fmn7/x6QAdv5wqs/afbTsMfJphIOLDaBOFqd/8R8OAHphOZv/7Pz4hk37lvl9dzxAgHmrf0T4L68uxsJ3OZWK4ACkaRkhmBmFZt+vgf1kouU9QBvrB6xu3r/rS02oriIUuYQoBi3nZaZ8+Qw/IZ34RTrcsrp/js5L8PPGXScDnyKh9vuJrNzKF5YQtrNQbOY+ri3d2W7/MI7dasR3yYf/8GyEeGeXnOkCWjDgcQ/0sNUbsRFwFNKKY5JBvGvrK/EUHe1IthoyDubHJKRk8eSOgDQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r5t7R5QYyfT7agBVTJJKs7rpUkPD7DCRt2KKotjseSE=; b=YHgTnPeXPKxjQQtIZxMnNU0qtPvY3jXYD2AkwxnnqESPvFiqf4Ww1nbOF6IVULQFIfFc9pnnAPGH1fYmtTvcsDHCqPcINrL4/d2OmOhSODbnC6kd15BJDStufAvaQ1lP+Qk1Om4eAsZocmy5kVRnNth8U4ISswhvV/PFunUOAT8= Received: from CH0P220CA0017.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::34) by DS0PR12MB8443.namprd12.prod.outlook.com (2603:10b6:8:126::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.33; Fri, 18 Apr 2025 16:17:37 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::a4) by CH0P220CA0017.outlook.office365.com (2603:10b6:610:ef::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:37 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:35 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 07/16] x86/bugs: Restructure GDS mitigation Date: Fri, 18 Apr 2025 11:17:12 -0500 Message-ID: <20250418161721.1855190-8-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|DS0PR12MB8443:EE_ X-MS-Office365-Filtering-Correlation-Id: bbab3d03-f270-42ba-6af5-08dd7e9488d6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|1800799024|82310400026|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?jas4Qdi8XSbr4eDAx83nqRgOLLkKYjokX1deOzD0VULYHEopfGXPw2WwrR3x?= =?us-ascii?Q?oiT/i7SnXcGRgWmMm0FRxL19Kc8RZ1h6Z9rVI/IOZIHAq/7/7rxeZ0oojQdc?= =?us-ascii?Q?w7B4Eq9ydqokxhoQoCy1qTrlWVXOf2j29dHuqZwZd50OBJImjvly3fhc584E?= =?us-ascii?Q?rxn9I+/wD7NKPcdDjpfD4g2x3NbUeAjDvZ1VK/85jNrJp/4XAeGGQg+HKJ0l?= =?us-ascii?Q?qCSvIlbqKjXau0fxw5b9oggjc35AEGcEzetYKtLHLSyw/mSfnCCP/4TZD5zd?= =?us-ascii?Q?DLQBGeHM3FE5UHg0cL7eTWCo74f7HlvI/CLssQq+QIarQzyROBFxHeKsG4gy?= =?us-ascii?Q?nUyqdaaeulu367I2znw4iukR0cIW5QK2gYJq82ZqEKR+ILOCE8h2B74YSfts?= =?us-ascii?Q?WH7DRXmWjNB1gAFX+i0lIVQN6ARIhrawVJeOBJVY4eRTDmgBYym6evdPGgql?= =?us-ascii?Q?geuXzAv/Cw7wdRWdQsp4+IuTio/YNYXOE3RZkuiRnj5biHgCxgKqrGr0N5ya?= =?us-ascii?Q?8xd0/hKUzvPM0DhrpIBXL4gusZNNlZy278j3yrd1OkUJVBsWTt0e97o93+fR?= =?us-ascii?Q?8Qy83iQ1QS+utraEAWJuF7I9vlX6OaFTcWaLtjuhstQs3WetEoQUVemdJyen?= =?us-ascii?Q?GmKgUkhW7uOofjmgMl5qA8KaTRTxETVRhRmthn/RQPF/dNLlgAjVrr4rEldy?= =?us-ascii?Q?8tx487H6PGZv+qjFk75nysfj74MsHN3FLZRTvyVvT5Swhtpd7RibeT3Xizhu?= =?us-ascii?Q?P2JoIetHpLdOObXfKNwjOfBGbeD9gOt36s1zz9eLd3UNPkJQ+iNh4oe/J37m?= =?us-ascii?Q?wRaQL9WwHW4arZ1o39xH7LkIt5JcSNXlPNwkmoSkjV7Hzn6jtlu02CUbzGAX?= =?us-ascii?Q?OnsCrAMaZkuVrdy3NIC1UAYwXF8i7CLoBFMq7G7O958M6OurswgO21CRqFFU?= =?us-ascii?Q?Bwkpgj6FxjgTpdJm7GMON3/CvWPBJ5wyvIuW1dsY2kcrck8peZ1AAcJT3nXY?= =?us-ascii?Q?UBx1uSauK+41nb2pBLWM6qNdyT/aQmsa98+NY1bAJf+UFweDBVB1Lcctd4bq?= =?us-ascii?Q?XQvOjuuQeBKIMLAo0tAKUdX9Mi9wJ3EurC1AaRfvPQPSApEP0WUhsa0M5BEG?= =?us-ascii?Q?Y4036BCORE6ShdI77r/uWtx2T6KJeZQotL97xHuZYsfyou8wuXRxvzwBhF09?= =?us-ascii?Q?QTDL/6R7VpNk8iURG7KJW87viqjhHrfyB4su6CzRjU/6w6NG0mCT1YkEOFDX?= =?us-ascii?Q?ATtWGXML09N5uL86ko67t3sswumDWOcltTg/ewHLeFhy6Zw/PDPxXwxzZPMo?= =?us-ascii?Q?5OXdAgvsBXasKby/FK+4+/KD5HOePWbn6GIZhqQsZwqO6Y6mwdImqzohTBWk?= =?us-ascii?Q?2T4ZrGDRF7yIlr/woM78qFvWI/+8T95x86QiN+AIbMsiwrSZ5rVoJI9XCAzX?= =?us-ascii?Q?dhI8CZRsYgTmvvOWxXrlU88x48p6uSbzSiKhEEsTho7uWqy8rXdKFAYv61a7?= =?us-ascii?Q?20CEaUVPm+XfjjN7Ql0fgIL+4+u9hN6bGN7z?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(1800799024)(82310400026)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:37.1652 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bbab3d03-f270-42ba-6af5-08dd7e9488d6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8443 Content-Type: text/plain; charset="utf-8" Restructure GDS mitigation to use select/apply functions to create consistent vulnerability handling. Define new AUTO mitigation for GDS. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 43 +++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 942db170eb4e..57f9ebf90472 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -76,6 +76,7 @@ static void __init srbds_apply_mitigation(void); static void __init l1d_flush_select_mitigation(void); static void __init srso_select_mitigation(void); static void __init gds_select_mitigation(void); +static void __init gds_apply_mitigation(void); =20 /* The base value of the SPEC_CTRL MSR without task-specific bits set */ u64 x86_spec_ctrl_base; @@ -227,6 +228,7 @@ void __init cpu_select_mitigations(void) mmio_apply_mitigation(); rfds_apply_mitigation(); srbds_apply_mitigation(); + gds_apply_mitigation(); } =20 /* @@ -827,6 +829,7 @@ early_param("l1d_flush", l1d_flush_parse_cmdline); =20 enum gds_mitigations { GDS_MITIGATION_OFF, + GDS_MITIGATION_AUTO, GDS_MITIGATION_UCODE_NEEDED, GDS_MITIGATION_FORCE, GDS_MITIGATION_FULL, @@ -835,7 +838,7 @@ enum gds_mitigations { }; =20 static enum gds_mitigations gds_mitigation __ro_after_init =3D - IS_ENABLED(CONFIG_MITIGATION_GDS) ? GDS_MITIGATION_FULL : GDS_MITIGATION_= OFF; + IS_ENABLED(CONFIG_MITIGATION_GDS) ? GDS_MITIGATION_AUTO : GDS_MITIGATION_= OFF; =20 static const char * const gds_strings[] =3D { [GDS_MITIGATION_OFF] =3D "Vulnerable", @@ -876,6 +879,7 @@ void update_gds_msr(void) case GDS_MITIGATION_FORCE: case GDS_MITIGATION_UCODE_NEEDED: case GDS_MITIGATION_HYPERVISOR: + case GDS_MITIGATION_AUTO: return; } =20 @@ -899,26 +903,21 @@ static void __init gds_select_mitigation(void) =20 if (boot_cpu_has(X86_FEATURE_HYPERVISOR)) { gds_mitigation =3D GDS_MITIGATION_HYPERVISOR; - goto out; + return; } =20 if (cpu_mitigations_off()) gds_mitigation =3D GDS_MITIGATION_OFF; /* Will verify below that mitigation _can_ be disabled */ =20 + if (gds_mitigation =3D=3D GDS_MITIGATION_AUTO) + gds_mitigation =3D GDS_MITIGATION_FULL; + /* No microcode */ if (!(x86_arch_cap_msr & ARCH_CAP_GDS_CTRL)) { - if (gds_mitigation =3D=3D GDS_MITIGATION_FORCE) { - /* - * This only needs to be done on the boot CPU so do it - * here rather than in update_gds_msr() - */ - setup_clear_cpu_cap(X86_FEATURE_AVX); - pr_warn("Microcode update needed! Disabling AVX as mitigation.\n"); - } else { + if (gds_mitigation !=3D GDS_MITIGATION_FORCE) gds_mitigation =3D GDS_MITIGATION_UCODE_NEEDED; - } - goto out; + return; } =20 /* Microcode has mitigation, use it */ @@ -939,9 +938,25 @@ static void __init gds_select_mitigation(void) */ gds_mitigation =3D GDS_MITIGATION_FULL_LOCKED; } +} + +static void __init gds_apply_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_GDS)) + return; + + /* Microcode is present */ + if (x86_arch_cap_msr & ARCH_CAP_GDS_CTRL) + update_gds_msr(); + else if (gds_mitigation =3D=3D GDS_MITIGATION_FORCE) { + /* + * This only needs to be done on the boot CPU so do it + * here rather than in update_gds_msr() + */ + setup_clear_cpu_cap(X86_FEATURE_AVX); + pr_warn("Microcode update needed! Disabling AVX as mitigation.\n"); + } =20 - update_gds_msr(); -out: pr_info("%s\n", gds_strings[gds_mitigation]); } =20 --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1AB99215191 for ; Fri, 18 Apr 2025 16:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.41 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993062; cv=fail; b=LHzA9pm0yBU26t/AlI22EuIyluwbUlrtPDarn1dhaRyAlPMWzExvmD4+7w2OzUSAJq6ZaPEheLM7w6IQG+kBwrbUvz1wxaEHiNRuMVYEYEaQQw1q7ZIkVictS1ZOfckgLsLnTlCxUjcNnEpFlQXXL/7GXHEVy39tb51Tl6Nom2c= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993062; c=relaxed/simple; bh=CBhMwVu3YEgv8NKYDwJJSGtwbCKLtq2WHl5kLLSt/l0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=E/f7+vxwanl5X94imHiT8wu/+AEkNR8tQhlM2ee1IIsFG5jn+W+dZ7XqDkF2aQUfey3fQuUlR6bMIHBRKpCpg6BdHY73P/GvSaQ0LwEc21gJkGSlU0Y5FDE5CWKuvjUaH0Z3aFESwSk3p95livwhPr9mjM7AktS6ccE9oLNckMI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=0ff7l9R3; arc=fail smtp.client-ip=40.107.236.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="0ff7l9R3" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fMU+29Fofg2CflO4A+YdScmfKNz6anqcgAFaydOyxBNNSAFMCrNxFWCyA9CsU6Hmj7uYng0gnljpcJOaPHDV4K56ZZYR7YZmu9FhpTJNmss3GIz1QIkIHzrd1A3nH5U5/hjXYxZkA2DKxEGlqSO27GIece9b3A/8kCNB8zJl1YaSqmhfEoMhS5cu8gOllTycKNegK7qp4C8a9YVpoAzWdfM1wE9wPY8YDCRi4gOjBOK8xR1ILAtGoyo/VGAWOHpx3GhSbiRlM4d52Pfc951hNyJK67s8IND67pJg0BwUhjtsJWORTmBmMAGxTrscZtwW3WjWaA3wGz2Js8Op22SPvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8xtGFPoyBeGAxR1RaCQNaPNehQgV095XpKGo91nGxWM=; b=kka7OAcyK6rUgTXUZ57KeUF6f6/zSDRA0DRnzb/KSn7jjA3JwKTYBtqZvgBOUMRhAA2E52XTEznKz6zReckr0W4ka552tBa7+tmQyxH+2jmUCVUXzdSKBi1b+WexDohvjFqVSyXEnGqqmj8BnPpb3nx1t0ejU56D/Jjai/TfgG6eOxb+VqWftxLNoKWn3k4PwalDek9hnEOr6UaU84i5lgQHhHzU5S//tvI0/ncTwDQhflMPFEz+92+bBcjnCm4Wi+bOwj2unPD9DQG2jQ49TEL70Lpkrr4x+a0E9V4GGBz1Gra6YYJarmWjwL0naJEgZPdJqZ31onmhny3ejcxjQA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8xtGFPoyBeGAxR1RaCQNaPNehQgV095XpKGo91nGxWM=; b=0ff7l9R3lK9x7N95dEWt39xDVJA8ZhC016+8ii5IhieHLGr8V2FfXNuum0mqLRQrRcgFd2Q2zm0qAGfrhiCm35N0WAS5LT3eZTV0uH/5y+HR+60vLhr80iDHtZQ+jPS79YI3KV8ff5ii1jhjfiT12+hfoldMApHEHlAurUlov4U= Received: from CH0P220CA0022.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::24) by PH0PR12MB5605.namprd12.prod.outlook.com (2603:10b6:510:129::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.31; Fri, 18 Apr 2025 16:17:38 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::77) by CH0P220CA0022.outlook.office365.com (2603:10b6:610:ef::24) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:37 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:35 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 08/16] x86/bugs: Restructure spectre_v1 mitigation Date: Fri, 18 Apr 2025 11:17:13 -0500 Message-ID: <20250418161721.1855190-9-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|PH0PR12MB5605:EE_ X-MS-Office365-Filtering-Correlation-Id: 3874364f-7443-4a16-137b-08dd7e948928 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|82310400026|36860700013|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?mjppiR8e/5t8TejLu+b/DiZMtFQcrE8OAznpi2hG+Vc4x2NVCDWYLf4sQfV1?= =?us-ascii?Q?8CMR1AnYl1kTrSomSRsMqA+ffur7BWK3Wb0Y2nr43BM/HnMMOxcA2Y3vV3BM?= =?us-ascii?Q?L1t+B7AZmqI13ppLOwmc7GS+Z0oAR3lN1t9oc5hHQK5bc8P1WK2HkO1Rxs3/?= =?us-ascii?Q?VRSUV7oSkfsUjmHo11pMNEskLRviVqfrPXAUlUX+niQ/ddlGTIuNdbRG6YcA?= =?us-ascii?Q?8vG6Py0iFooukIqFbqLdxFK2GUtzVp8VOMDsvspZw/TavjhKHmokaX1bo2Cg?= =?us-ascii?Q?V63hIMCCqNlFEJAcJRGk1fc8xQc/kBsuJLTjDrUFeC0o2LAfVYbytrNic0X4?= =?us-ascii?Q?lHjb01ds2lPWiAx2WrvTDgNAffSxR/yPge2kOBhODFySwQFa9npDcySgBfQl?= =?us-ascii?Q?TIHqHE8PNM1qvSr140OYjhm87XD19QzgERR1/PStNCt4zZSF1R7XFzu6eFUp?= =?us-ascii?Q?Re9bWmeLv7hD2dBxfesMawu7vfjAP9k2wQbO1TzR4oF8JN92xhJ8b1usN0qJ?= =?us-ascii?Q?V7cwqyfSWfzpqr9cFTBX5UKl6pcgGOSAw/iGMRGBUd4HSdPFmEKX7vZ4tqod?= =?us-ascii?Q?O1Tjj+UnWO02YUC3GMBscRCJyhVS+bXu7GHB3N5IVovtE494bOThpslIS1P9?= =?us-ascii?Q?gKYBsMr3d/9PUNNo0I1le0yXwv4BkK2Cj3+HF/4fI8GhQHpuqsIYABzgCTQf?= =?us-ascii?Q?ECjD7e4jd0qqwxuFvJmIAqkTC+jAjj1gzZfYwMkEDQ1eCxDXiVS/f9zjCmkg?= =?us-ascii?Q?zuHQA2rqDRDKsWEyJI/hf53LxRu4LUrJBEH092++CW50GoHwP1PWp5pSOQZm?= =?us-ascii?Q?JoFLKE9GXfDobfimTVMqt5KnchwN+Sc8CFYNA/1AA7vqyBbJVHHwm0pDOFK3?= =?us-ascii?Q?e03nPXvP67pqqrA1KpkxYYRIokkjNO3kEV9YQmFl+NgNQjIQ31jmDxD106Ql?= =?us-ascii?Q?Pn54SGEV1tNCzrtFpywNyVjH6fZ9UjWmb+v8COUlZWLv2XOiiCfKbU45ENXe?= =?us-ascii?Q?jrMT0qzp8FXrWT7cs8gO8Qw8VkW9CZF/FdZJQwNnMcSRsCHujEPNspHzSEf6?= =?us-ascii?Q?c3GDbecCb4J2379WSYIJVx3wSCSgJ7TdNW3IHiIC69F0VXT9P1qXcHAcVYCP?= =?us-ascii?Q?8Xb9uf81x53i9VyFqfOuatYswVh1sX1swRZllFvF1yGXhYXv48sqbrjDVR2H?= =?us-ascii?Q?yNTwm0EwxB4rViq5BOtJ5aMnt8IHCr1UC90Dh6UyZLXJt+4VsWQpOgDCS58M?= =?us-ascii?Q?piirTVIhOF13qxB6xpdtRl6UyHRmRzNTEbe2tzmFV2BquZ2uf5Zr7GCnFkm7?= =?us-ascii?Q?qGJkv+vYS+FNKTQdcGA/A1vlwvej93rJWMpzqA84Ldstqlv320NnhzEtB6LH?= =?us-ascii?Q?OOz5zfbkb90UEbvW6Hl7dGvEX0jltcqal0Ah8rBIeok1AyWLisHZGDc0M6p8?= =?us-ascii?Q?KfL2LHRan9zPxGJOQ6YwdmoDz0It/k/b7tihLgufaqceAQLUz/hqOEMgezYW?= =?us-ascii?Q?EQC/MDqpG1RGpDfE21yRWZlKbIqquwPvYHNe?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(82310400026)(36860700013)(376014)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:37.7004 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3874364f-7443-4a16-137b-08dd7e948928 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB5605 Content-Type: text/plain; charset="utf-8" Restructure spectre_v1 to use select/apply functions to create consistent vulnerability handling. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 57f9ebf90472..72e04938fdcb 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -54,6 +54,7 @@ */ =20 static void __init spectre_v1_select_mitigation(void); +static void __init spectre_v1_apply_mitigation(void); static void __init spectre_v2_select_mitigation(void); static void __init retbleed_select_mitigation(void); static void __init spectre_v2_user_select_mitigation(void); @@ -223,6 +224,7 @@ void __init cpu_select_mitigations(void) mmio_update_mitigation(); rfds_update_mitigation(); =20 + spectre_v1_apply_mitigation(); mds_apply_mitigation(); taa_apply_mitigation(); mmio_apply_mitigation(); @@ -1017,10 +1019,14 @@ static bool smap_works_speculatively(void) =20 static void __init spectre_v1_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V1) || cpu_mitigations_off()) { + if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V1) || cpu_mitigations_off()) spectre_v1_mitigation =3D SPECTRE_V1_MITIGATION_NONE; +} + +static void __init spectre_v1_apply_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V1) || cpu_mitigations_off()) return; - } =20 if (spectre_v1_mitigation =3D=3D SPECTRE_V1_MITIGATION_AUTO) { /* --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2051.outbound.protection.outlook.com [40.107.96.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B289B218EA8 for ; Fri, 18 Apr 2025 16:17:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.51 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993063; cv=fail; b=edbkrf1gUDpGzVbjyIxL41BUpzguv/XhTUlFB5DNKkL4X7vkO1QqwUJAwj1BHTZxldjpbTxeet/hI0xkl4EM6SCoiSV57DOUSbu3WOo7YT5h9C6w9fBkM6QiQF8FL8q1ZY16HSQa8EwFk69ev2ko7v9JHo4J/qvLB8ZbWrCSS6g= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993063; c=relaxed/simple; bh=TMpdYE1micTL6Pq+Z4DNEJvgE9lJtxsZPAxruBzc2DA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=k7Wh4/+23tbY/iAZ9hy+SZ10yPKJKRUauyQ2sOG+Egnw6y78MNyMJ1oy1S7dKs0U9/1lJ74wkU7nEjAM1Zwn4x+SjMI+1hCdgbKk9fbdEC26ESKJ9PAd7ro2Jwy/k43ta4VhbEcpGpdcNXfE47QlXmFgWuBl8yeUrgd92570Q0g= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=VW+qosrE; arc=fail smtp.client-ip=40.107.96.51 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="VW+qosrE" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JalDH8Cpo18GpeYRYn2h9aEs1LFunWfvSReAswAUElza/Mf50uIYgKEoZXxto0MQ+UaxcGSd37y1Etm7KMcwfe9PxUXtaduIag6oEM77hsz7B0WZ9CUZmqQpYNMSzuE1mlNsY68aPov5cvAzOTnjAniAZb1kChLksRPFsfDZHS6j8EncNw9jYf29ZobY6Xme3XhrcIC1y8D/ivm0PrSxlvj61aBg1XCeqtpnrpLqdrM1vvDNoMSfLcOHnOP/yhWnTFIVftfB8wd1Fq9ZZcYlF5EE0RyaapjuvJhHX9U8Ey18g9wC/n/wzMTk763wtaEc+05ahmXO+svxQa8SDMv61A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rwRYwGUXedta4IkjBDOMVIiXPAigpEHtfDrgRBsqV6w=; b=vIC/NbXFpoBDiKuzcJbcQneYftd6dhvdzk2VayKsmHWJSXPqrndtUF0+lhk7cwkCh4qX5iRpSNBEVWqhrF6hXEKg24/4S4KDH/d3J1STEj6lzWggcL3Vu2LHZH2A73wgCyIB7FgMLHzSIjPce9xIGR6BsQeHp17r5I/tgUXqMBKRl79IulfLCnHUZenyq9zpClTrtJOlG5Hv85UKnteg39snrxgkr49RO7VUu5PnAP1zeMfbVGVlWAhZq4SpmTOxRQJIp8BEwFBYpLuFT0IRppMq3LIYDstsZDOViE9emBAdzc+5Z/6vdc7JtBXPKwrerAKkzRs5pkiWVztlf3XS0g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rwRYwGUXedta4IkjBDOMVIiXPAigpEHtfDrgRBsqV6w=; b=VW+qosrEvCwfx67YbOfhl8P9xmrt+dZ+XwD9TY6oSiL5of+krMdhx765hMtXpNbsKDtNGBGjBS2JS3gUI/UlD7AMVwbuh4VFb8hxUewY5EzZzN4Kt0k+EANtJY5GVLXfguAdoWBCHzxNqaR7E5hgCl84vDXONCdlu+tWEzHESxE= Received: from CH0P220CA0024.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::16) by MN2PR12MB4141.namprd12.prod.outlook.com (2603:10b6:208:1d5::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.21; Fri, 18 Apr 2025 16:17:39 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::a) by CH0P220CA0024.outlook.office365.com (2603:10b6:610:ef::16) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.25 via Frontend Transport; Fri, 18 Apr 2025 16:17:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:38 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:36 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 09/16] x86/bugs: Allow retbleed=stuff only on Intel Date: Fri, 18 Apr 2025 11:17:14 -0500 Message-ID: <20250418161721.1855190-10-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|MN2PR12MB4141:EE_ X-MS-Office365-Filtering-Correlation-Id: 26dadfc2-54fe-46b6-7ff5-08dd7e9489bb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|82310400026|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?pk4UmSCVKDSDvlCZtH6OPRPal8vh7XQhbxgKnhG9mzJN6AzWqvFLJ5URNyrN?= =?us-ascii?Q?IkhExFhPZBpChDRIq173s08iFTj8N9a9VsP4cCap3jqtfdMovl2BiXAdvIyz?= =?us-ascii?Q?elIlPpY/MyFb6USAmXI8b7XKbUQGU2+V9LHsVqjOZvjUUdxOe3Nk1oFlr009?= =?us-ascii?Q?4grPuRiMY2qkGlaSAgkZJJvGHJlE9VIztqeH0PxMuEfJ99+R+ocK69/Ok4oL?= =?us-ascii?Q?KhcShg/rfCrQPzy2U8VuI4Pz5EztzNpYVLKq0yQWRnaiFN6wAOomaQVBNOvG?= =?us-ascii?Q?7SHEYwt95ylBRsuWNLQ/U0+z5i72y7NJOdxsJ64437lQtbegr/1Kk2e7sVw3?= =?us-ascii?Q?m/DOgp7mee05lzDDLaI+cyyCyHpoh+9X+zfbq0F1iZzPQURXxlMd1/TEb+Ti?= =?us-ascii?Q?ZQVQL1jpoSaTHsYi0+tXjJtFIAYExAFQUpc5OVYSlyTpCeTCqT8JVWSq0ocD?= =?us-ascii?Q?IcZzRCjqdXFI38j/6G2h1Njl0ZTRGbvo808p1DaxUG20z0MoU/9FWkXVFMXK?= =?us-ascii?Q?2bGb9C4OwjbNhENOSwXOpkzZQjiR42hjVMNUAcNrod8WQxepzqIzOlefQtYO?= =?us-ascii?Q?iJq7ec6EmY8tgZV5Ao/AfndhIccjTC4L96lwPGA1nuMGQehx+nTFt3nFOoKZ?= =?us-ascii?Q?uUjcp7SNPaOx/KX2PCSbOIptdOnNkZYfNffmIafO1jpeHuQsBOvp4fnlzeF6?= =?us-ascii?Q?5ygUDqwuUib6bQyLU5jfkyBId5XiBLrYGBS4595SOs6+MmJcgkZ/ioH7+r21?= =?us-ascii?Q?lPz3D4etjzVLBHiHlDlu9qd98lHv5HL+MGx8NWANfPZ46RwN5mcjxB5LFyDI?= =?us-ascii?Q?Bxw5pomipCed6WUM0yB0YtK33XqdiYt4uawGPKk2jGvTYO7nVE81uWgfHNf9?= =?us-ascii?Q?AKeqwib8QEsniM/+jfU27Q6fw46gW/VJplK45ksx3V2BCubcii3ukDhzpXwe?= =?us-ascii?Q?zEJQx//452R23IF6Bt5A33LtQieSp8CwMELI6+EYZGyRaILvBcQrCAVRs2+3?= =?us-ascii?Q?bQcKprUJLBRUsADJ8rSeMkN45hO8oIAduSDbEbBMMbN7uf29oLWcrYeT99LF?= =?us-ascii?Q?DaevsLTONAPGp0Q1KRhI60sZqNzK4iDqqHNnS1uekI9iTZfgivUZra0eWbVU?= =?us-ascii?Q?w4gDmRc70gYiTJlTHcxQoLMW45fE7Sdkp3MgvZKRCCHRyu6htXb4jsDkEKO8?= =?us-ascii?Q?+/Gl1wvj0I8DnfsNK+mCWZYrj8qHrshx3PAzSaa2aq9QfxrgetYGaijTsb78?= =?us-ascii?Q?2CHTyWmGUdHFut45vzkooXE3J4iCC3KI6/CebcJgb1pMIol6WmBfrgMMmfre?= =?us-ascii?Q?vl9qOmlxcEyRJh/rsS7k9NwumpFgdkhoAZvqxhyHBWg4pyMLb0/+5vXtWvyZ?= =?us-ascii?Q?trvc9u7u8vQDBGRsGqdh21x4IwMqV6GA7BhyxJy16I4DG1STNBMxRT+HsQr+?= =?us-ascii?Q?jjTTpXSbJCxKLY0fnQDZ8aSprjLUA1hcFG4LrFo9mEIYVhl4WsM3lFvtdQCI?= =?us-ascii?Q?LLFnrdeDoSQyXrXYjIM+tElQavrFBbhhP8N0?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(82310400026)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:38.6662 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 26dadfc2-54fe-46b6-7ff5-08dd7e9489bb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4141 Content-Type: text/plain; charset="utf-8" The retbleed=3Dstuff mitigation is only applicable for Intel CPUs affected by retbleed. If this option is selected for another vendor, print a warning and fall back to the AUTO option. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 72e04938fdcb..84d3f6b3d1eb 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1187,6 +1187,10 @@ static void __init retbleed_select_mitigation(void) case RETBLEED_CMD_STUFF: if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && spectre_v2_enabled =3D=3D SPECTRE_V2_RETPOLINE) { + if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_INTEL) { + pr_err("WARNING: retbleed=3Dstuff only supported for Intel CPUs.\n"); + goto do_cmd_auto; + } retbleed_mitigation =3D RETBLEED_MITIGATION_STUFF; =20 } else { --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2048.outbound.protection.outlook.com [40.107.95.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9E03A2253E0 for ; Fri, 18 Apr 2025 16:17:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.95.48 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993068; cv=fail; b=suRMuymDzH8qZchzPZNcwIjymob7e3rQF7yecAuhl9HVC5fNXrkNDR3JxNVQ0Vy4JVzmuYKvTI7tDhHLbUbRDhFRaY/S+qodEIkruLOAuqMeJ3xaexLtYKCDkYSMiSBqqECRjtidBjG3nbZFRdt33kScw86qjYMWtMGHsussHu8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993068; c=relaxed/simple; bh=bajGMSPkB82Z5Zwd7VYwiT/SutgQkxtjxJijRnjSqoY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=m5yQfOl1o1jzevCQErnFZSxW1zjBruwK6Gpd6r5ewzAaqzBOBp+6apA+j4ol8WoXteaFK/VLstOH3+cNtLuVoYjdCkHrzher9h5mIp2CK5BHA2clrD53pFmGSaRnShLRRp0SN0FWI46HGBz0mY67ikJbFkRrebxRhO0aRvl72mI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=zpqnqLy8; arc=fail smtp.client-ip=40.107.95.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="zpqnqLy8" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=MBPL+LhVc8YtjSUpGKVPor9mSq+v1r34v9NGdlWaKBZDYQmp71nMG7LiySmgpM4RkAjj9W5r7qoYWu1fFJAwSb378whtV27FvuYWESSFO6tQKVkHr10v6Q2BNVwSeMFcUOi5rYUw/Syje5/HCEKUEg7dpzU/llDcyq9BUPLVI35k+pANFn9WOIdSVz0/bV58e/wBSTCYgVJPspsbYgvXu9Vz+7FHZV/4Yo8A1KJldxv/E9IU9FqDj9gCtXvueGJ/7eZNaH6VtCL06NYqBbqIClVzJtX8RdYUatUFGLzgmDs4aJkrydRv0Bx9ajlbK85qgDsCYp+DbcTJ1u6iJKeVjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Sgwf0Xphyf4SwcKftlufKjMxIk67YlR37oaO8Ej1oOE=; b=NIikbMty+CFccHu3RkNbncNAbqHo7rrUR8D3bhZmem5vJYRpZTM2yAoDQK9qXtO0spJ5nkl0iwwlLIjU2gvp1eq7MN+AcWe8OCZ9l9EIJj1SUK9mb2Rwg8CpwDtDvh3WpHn/uhF1JRoSrer9tnB3TdNJrj7A0R+R1dMnKdyP9Xh9KjhKtzd57ZHKoC3RQmpsCnPvFpTfklW0IL+sEBx8r1zLwNuu4Kklt9ZR0Jy0OflgGiV7S3nVtQIxBQWSgjCvJtRYba6UYy7mujUIN3VqLLtWkPOa/fgdwIFc4sFS+6ehYObQJtRPEeKDA3k5h72bX7nVEc6Dl6vWrIudeS9R/A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sgwf0Xphyf4SwcKftlufKjMxIk67YlR37oaO8Ej1oOE=; b=zpqnqLy8uyIp+qLfMxznVnzO7LAw3CmvN9ThJAI5oPsJ9RBYnLIX2PmfskxG6LYsN5gYf9qtA2hEIPAmCj7DYAAWGZUf/YIpYmp4/ADPcW7hhwPdPfes8Dp5B7lGxMye7oVr+zFLoPkpUjS7sInAw3iSogR9lIpYQCBeboaLofg= Received: from CH0P220CA0006.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::27) by PH7PR12MB9128.namprd12.prod.outlook.com (2603:10b6:510:2f7::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.22; Fri, 18 Apr 2025 16:17:39 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::53) by CH0P220CA0006.outlook.office365.com (2603:10b6:610:ef::27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:39 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:39 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:36 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 10/16] x86/bugs: Restructure retbleed mitigation Date: Fri, 18 Apr 2025 11:17:15 -0500 Message-ID: <20250418161721.1855190-11-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|PH7PR12MB9128:EE_ X-MS-Office365-Filtering-Correlation-Id: 95d003cd-8043-4bc2-4802-08dd7e948a24 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|82310400026|36860700013|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?oSe8TWE1rPjBbCLDyIAUh7ixB8z1RrTkt+GfLRdtNL0UNHty6Avdi+iQEpL6?= =?us-ascii?Q?UkQAR30uEFhjO/44YD4sYI6mcQRniPIzlJTdcdc2RVZIVlld4xVKh84Wmc4y?= =?us-ascii?Q?lxi5tkmgMUmBfyTV3Cw0AGvmlly7vLrplUSL/W1LVMCosFrTj9X2CM01IkLy?= =?us-ascii?Q?LRdRf0UL0ZkeXeLmZA7/xGZrqRwpAdRsTxNVhZ543wXvPR6e9XUp4YRGZj15?= =?us-ascii?Q?K27SrE+7d/W7VsuTrHu0475TYvyimVxgGG34Dp78PR7W3Kgfj3X5b7ALtmXN?= =?us-ascii?Q?C+MBXWpmLOMxdNqA3LkxNCK7+NslTtmNgMsPBOIJzQxiyEVdL5MnauPDFCYY?= =?us-ascii?Q?5lBDsdB3QPz08yeyPI+oeWyY7cpwesZaL+1xwHOj1Ek9osFl9mX/9VUkorCf?= =?us-ascii?Q?wMtETKiVupHNhPFETQHpfN7IQHZdbPuO24oK8ABbwn5+EznwNixodvz9rm35?= =?us-ascii?Q?vYqEU0r8Kr/LrcrCFdQE5ihVG2RprAinAlETwzCYWQY9Tz9XHPjOd+RXwUlG?= =?us-ascii?Q?TBSk5rq3BqrcQWFoKY+pvKgtu80JgQsbnNflvovmMINtljC+bBzVWwJI4TBT?= =?us-ascii?Q?CP7JDqjtaJzAplwlwgdkmlGuOW0eM1IRikowb2PVLbDbOFdTesuCTZby2avU?= =?us-ascii?Q?bfQaUgdjaaGOPgo7Ck83ohA2MJ25RTyIVIoVsMR00aX6MrwcUFCy9d094qt1?= =?us-ascii?Q?KlhTfdwaYankbYHpB6QsdbwM83y2gBBQK73ztIoRLGIthHETRYKTX3skzDPp?= =?us-ascii?Q?sLWHU0WWIMkRHMWKB45C9j6YDtjh5t5KlC83HdD3rV7IqHAnJ+Eddp/x1POh?= =?us-ascii?Q?F0ByQb3hUNuoZNbIL8vvwcScFMphR4faGAH+AcJm+yDw4mzqetuKOsJYCUtM?= =?us-ascii?Q?eDEyPLJK1yskSovLEqoCMnj/AbYBoHZxW6WJDJtEjTnTdkooXh2PLolbL+uL?= =?us-ascii?Q?Yp9GONnWsR8Tx82ID+AdQEixEKvH5L0eCLxUOfXdm4NG2EbzsItZl8gCW3pY?= =?us-ascii?Q?n40ykSfRF1SRxgt76ve3Gx0y3TlqkxXt3KqDHkH2Mlu0u8e2q1MV0XReXJxm?= =?us-ascii?Q?pfLmePQLX77L/5i7Tl0Z1xT0ESQi79ZzEPmHDFlzpV2uJn8M3AYX58ub/XI6?= =?us-ascii?Q?AEoyuKBuntRkxRvN0RNb2RmcG4KGIBU3pjFW0cdq2BzvvlSA3kFsEnkja9tw?= =?us-ascii?Q?pc+1o5DCXN/w5LWkGRnTNHsQBI8Poc3OyecfKtsc4TRJcWG6VGLc484dqrOd?= =?us-ascii?Q?Lr/LIdos6D8A9ELqBCgJTFM5yB/lj+/CHyWf9R55KV+/gU1LU6SuDZzq1NR+?= =?us-ascii?Q?oMQ1C53dcYQbT/kvLHa97mtoplq3lOsdaNbG3BE+yQACUD6txSqk7uT4dv7B?= =?us-ascii?Q?nv8wan+h/j23pykBXLWWgAQBYjKRh0BflgP8BnyiKb/ASexpaIzx5+gShgxA?= =?us-ascii?Q?63c8O13y2AakZnaM+Cs8/tBk9f5XZFd7wlT6iXI7mDO3NZjy9hr26B5U8C9E?= =?us-ascii?Q?qwtEbJtX9uXFg94LdxEJ9hxA75WdPlGIZ1Rd?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(82310400026)(36860700013)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:39.3530 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 95d003cd-8043-4bc2-4802-08dd7e948a24 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB9128 Content-Type: text/plain; charset="utf-8" Restructure retbleed mitigation to use select/update/apply functions to create consistent vulnerability handling. The retbleed_update_mitigation() simplifies the dependency between spectre_v2 and retbleed. The command line options now directly select a preferred mitigation which simplifies the logic. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 180 ++++++++++++++++++------------------- 1 file changed, 90 insertions(+), 90 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 84d3f6b3d1eb..248b6065f4bc 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -57,6 +57,8 @@ static void __init spectre_v1_select_mitigation(void); static void __init spectre_v1_apply_mitigation(void); static void __init spectre_v2_select_mitigation(void); static void __init retbleed_select_mitigation(void); +static void __init retbleed_update_mitigation(void); +static void __init retbleed_apply_mitigation(void); static void __init spectre_v2_user_select_mitigation(void); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); @@ -187,11 +189,6 @@ void __init cpu_select_mitigations(void) /* Select the proper CPU mitigations before patching alternatives: */ spectre_v1_select_mitigation(); spectre_v2_select_mitigation(); - /* - * retbleed_select_mitigation() relies on the state set by - * spectre_v2_select_mitigation(); specifically it wants to know about - * spectre_v2=3Dibrs. - */ retbleed_select_mitigation(); /* * spectre_v2_user_select_mitigation() relies on the state set by @@ -219,12 +216,14 @@ void __init cpu_select_mitigations(void) * After mitigations are selected, some may need to update their * choices. */ + retbleed_update_mitigation(); mds_update_mitigation(); taa_update_mitigation(); mmio_update_mitigation(); rfds_update_mitigation(); =20 spectre_v1_apply_mitigation(); + retbleed_apply_mitigation(); mds_apply_mitigation(); taa_apply_mitigation(); mmio_apply_mitigation(); @@ -1081,6 +1080,7 @@ enum spectre_v2_mitigation spectre_v2_enabled __ro_af= ter_init =3D SPECTRE_V2_NONE; =20 enum retbleed_mitigation { RETBLEED_MITIGATION_NONE, + RETBLEED_MITIGATION_AUTO, RETBLEED_MITIGATION_UNRET, RETBLEED_MITIGATION_IBPB, RETBLEED_MITIGATION_IBRS, @@ -1088,14 +1088,6 @@ enum retbleed_mitigation { RETBLEED_MITIGATION_STUFF, }; =20 -enum retbleed_mitigation_cmd { - RETBLEED_CMD_OFF, - RETBLEED_CMD_AUTO, - RETBLEED_CMD_UNRET, - RETBLEED_CMD_IBPB, - RETBLEED_CMD_STUFF, -}; - static const char * const retbleed_strings[] =3D { [RETBLEED_MITIGATION_NONE] =3D "Vulnerable", [RETBLEED_MITIGATION_UNRET] =3D "Mitigation: untrained return thunk", @@ -1106,9 +1098,7 @@ static const char * const retbleed_strings[] =3D { }; =20 static enum retbleed_mitigation retbleed_mitigation __ro_after_init =3D - RETBLEED_MITIGATION_NONE; -static enum retbleed_mitigation_cmd retbleed_cmd __ro_after_init =3D - IS_ENABLED(CONFIG_MITIGATION_RETBLEED) ? RETBLEED_CMD_AUTO : RETBLEED_CMD= _OFF; + IS_ENABLED(CONFIG_MITIGATION_RETBLEED) ? RETBLEED_MITIGATION_AUTO : RETBL= EED_MITIGATION_NONE; =20 static int __ro_after_init retbleed_nosmt =3D false; =20 @@ -1125,15 +1115,15 @@ static int __init retbleed_parse_cmdline(char *str) } =20 if (!strcmp(str, "off")) { - retbleed_cmd =3D RETBLEED_CMD_OFF; + retbleed_mitigation =3D RETBLEED_MITIGATION_NONE; } else if (!strcmp(str, "auto")) { - retbleed_cmd =3D RETBLEED_CMD_AUTO; + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; } else if (!strcmp(str, "unret")) { - retbleed_cmd =3D RETBLEED_CMD_UNRET; + retbleed_mitigation =3D RETBLEED_MITIGATION_UNRET; } else if (!strcmp(str, "ibpb")) { - retbleed_cmd =3D RETBLEED_CMD_IBPB; + retbleed_mitigation =3D RETBLEED_MITIGATION_IBPB; } else if (!strcmp(str, "stuff")) { - retbleed_cmd =3D RETBLEED_CMD_STUFF; + retbleed_mitigation =3D RETBLEED_MITIGATION_STUFF; } else if (!strcmp(str, "nosmt")) { retbleed_nosmt =3D true; } else if (!strcmp(str, "force")) { @@ -1154,57 +1144,42 @@ early_param("retbleed", retbleed_parse_cmdline); =20 static void __init retbleed_select_mitigation(void) { - bool mitigate_smt =3D false; - - if (!boot_cpu_has_bug(X86_BUG_RETBLEED) || cpu_mitigations_off()) - return; - - switch (retbleed_cmd) { - case RETBLEED_CMD_OFF: + if (!boot_cpu_has_bug(X86_BUG_RETBLEED) || cpu_mitigations_off()) { + retbleed_mitigation =3D RETBLEED_MITIGATION_NONE; return; + } =20 - case RETBLEED_CMD_UNRET: - if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) { - retbleed_mitigation =3D RETBLEED_MITIGATION_UNRET; - } else { + switch (retbleed_mitigation) { + case RETBLEED_MITIGATION_UNRET: + if (!IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) { + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; pr_err("WARNING: kernel not compiled with MITIGATION_UNRET_ENTRY.\n"); - goto do_cmd_auto; } break; - - case RETBLEED_CMD_IBPB: + case RETBLEED_MITIGATION_IBPB: if (!boot_cpu_has(X86_FEATURE_IBPB)) { pr_err("WARNING: CPU does not support IBPB.\n"); - goto do_cmd_auto; - } else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { - retbleed_mitigation =3D RETBLEED_MITIGATION_IBPB; - } else { + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; + } else if (!IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); - goto do_cmd_auto; + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; } break; - - case RETBLEED_CMD_STUFF: - if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && - spectre_v2_enabled =3D=3D SPECTRE_V2_RETPOLINE) { - if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_INTEL) { - pr_err("WARNING: retbleed=3Dstuff only supported for Intel CPUs.\n"); - goto do_cmd_auto; - } - retbleed_mitigation =3D RETBLEED_MITIGATION_STUFF; - - } else { - if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING)) - pr_err("WARNING: retbleed=3Dstuff depends on spectre_v2=3Dretpoline\n"= ); - else - pr_err("WARNING: kernel not compiled with MITIGATION_CALL_DEPTH_TRACKI= NG.\n"); - - goto do_cmd_auto; + case RETBLEED_MITIGATION_STUFF: + if (!IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING)) { + pr_err("WARNING: kernel not compiled with MITIGATION_CALL_DEPTH_TRACKIN= G.\n"); + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; + } else if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_INTEL) { + pr_err("WARNING: retbleed=3Dstuff only supported for Intel CPUs.\n"); + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; } break; + default: + break; + } =20 -do_cmd_auto: - case RETBLEED_CMD_AUTO: + if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_AUTO) { + /* Intel mitigation selected in retbleed_update_mitigation() */ if (boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_AMD || boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_HYGON) { if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) @@ -1212,18 +1187,65 @@ static void __init retbleed_select_mitigation(void) else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) retbleed_mitigation =3D RETBLEED_MITIGATION_IBPB; + else + retbleed_mitigation =3D RETBLEED_MITIGATION_NONE; } + } +} =20 - /* - * The Intel mitigation (IBRS or eIBRS) was already selected in - * spectre_v2_select_mitigation(). 'retbleed_mitigation' will - * be set accordingly below. - */ +static void __init retbleed_update_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_RETBLEED) || cpu_mitigations_off()) + return; =20 - break; + if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_NONE) + goto out; + + /* + * retbleed=3Dstuff is only allowed on Intel. If stuffing can't be used + * then a different mitigation will be selected below. + */ + if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_STUFF) { + if (spectre_v2_enabled !=3D SPECTRE_V2_RETPOLINE) { + pr_err("WARNING: retbleed=3Dstuff depends on spectre_v2=3Dretpoline\n"); + retbleed_mitigation =3D RETBLEED_MITIGATION_AUTO; + } + } + /* + * Let IBRS trump all on Intel without affecting the effects of the + * retbleed=3D cmdline option except for call depth based stuffing + */ + if (boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL) { + switch (spectre_v2_enabled) { + case SPECTRE_V2_IBRS: + retbleed_mitigation =3D RETBLEED_MITIGATION_IBRS; + break; + case SPECTRE_V2_EIBRS: + case SPECTRE_V2_EIBRS_RETPOLINE: + case SPECTRE_V2_EIBRS_LFENCE: + retbleed_mitigation =3D RETBLEED_MITIGATION_EIBRS; + break; + default: + if (retbleed_mitigation !=3D RETBLEED_MITIGATION_STUFF) + pr_err(RETBLEED_INTEL_MSG); + } + /* If nothing has set the mitigation yet, default to NONE. */ + if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_AUTO) + retbleed_mitigation =3D RETBLEED_MITIGATION_NONE; } +out: + pr_info("%s\n", retbleed_strings[retbleed_mitigation]); +} + + +static void __init retbleed_apply_mitigation(void) +{ + bool mitigate_smt =3D false; =20 switch (retbleed_mitigation) { + case RETBLEED_MITIGATION_NONE: + return; + case RETBLEED_MITIGATION_UNRET: setup_force_cpu_cap(X86_FEATURE_RETHUNK); setup_force_cpu_cap(X86_FEATURE_UNRET); @@ -1273,28 +1295,6 @@ static void __init retbleed_select_mitigation(void) if (mitigate_smt && !boot_cpu_has(X86_FEATURE_STIBP) && (retbleed_nosmt || cpu_mitigations_auto_nosmt())) cpu_smt_disable(false); - - /* - * Let IBRS trump all on Intel without affecting the effects of the - * retbleed=3D cmdline option except for call depth based stuffing - */ - if (boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL) { - switch (spectre_v2_enabled) { - case SPECTRE_V2_IBRS: - retbleed_mitigation =3D RETBLEED_MITIGATION_IBRS; - break; - case SPECTRE_V2_EIBRS: - case SPECTRE_V2_EIBRS_RETPOLINE: - case SPECTRE_V2_EIBRS_LFENCE: - retbleed_mitigation =3D RETBLEED_MITIGATION_EIBRS; - break; - default: - if (retbleed_mitigation !=3D RETBLEED_MITIGATION_STUFF) - pr_err(RETBLEED_INTEL_MSG); - } - } - - pr_info("%s\n", retbleed_strings[retbleed_mitigation]); } =20 #undef pr_fmt @@ -1851,8 +1851,8 @@ static void __init spectre_v2_select_mitigation(void) =20 if (IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY) && boot_cpu_has_bug(X86_BUG_RETBLEED) && - retbleed_cmd !=3D RETBLEED_CMD_OFF && - retbleed_cmd !=3D RETBLEED_CMD_STUFF && + retbleed_mitigation !=3D RETBLEED_MITIGATION_NONE && + retbleed_mitigation !=3D RETBLEED_MITIGATION_STUFF && boot_cpu_has(X86_FEATURE_IBRS) && boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL) { mode =3D SPECTRE_V2_IBRS; @@ -1960,7 +1960,7 @@ static void __init spectre_v2_select_mitigation(void) (boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_AMD || boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_HYGON)) { =20 - if (retbleed_cmd !=3D RETBLEED_CMD_IBPB) { + if (retbleed_mitigation !=3D RETBLEED_MITIGATION_IBPB) { setup_force_cpu_cap(X86_FEATURE_USE_IBPB_FW); pr_info("Enabling Speculation Barrier for firmware calls\n"); } --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2045.outbound.protection.outlook.com [40.107.96.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8899F226D08 for ; Fri, 18 Apr 2025 16:17:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.45 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993069; cv=fail; b=IqWkQy296FMI+oWXnVpYNe7nqZ7MtGnqGcoBKSLlW4S8jCc4mCmFYu134KsXH0th5MMoPqnn8Bvru0sMaHDv+eIsbYL8rl9qGbm6OtD5wLIItIWM53eeSfLfWPNhbYQ+pWvQycy037mRvLrQ6dQg45xdZdhrDXdcoBOPRWRohVY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993069; c=relaxed/simple; bh=fbSoGu1x8VmiQNrpZrzI04kFbgtYxrt7fVg6yAxs9s4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Hj4l2iVxoibh3/bxjda+413M7xLsR4jQZetPDYtX1sMiSZ1Z3lF5W7hNMy/BZrgg9as4jPqyItfaFfXiCTr6PBZ4lGD+uUjTD72UKtkABDl5JJBavZvcrg3nfxUykHQ5cXQtFhlhQb6jEHzPb4KBC4gM3XWNS73ySPrAUFFbys4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=qIyHQcxd; arc=fail smtp.client-ip=40.107.96.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="qIyHQcxd" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=YW6drdkyUkj1mxCxTurRf3AETpxdddua1VktJ5wd20d3idNy2iR5/GdjGPqAcKUs/bU+pmhMbUfXkwX8FjTIkEqJPjwQGqnLmBoiM4QgWU0fFXwdao56MXwytzWuwh3ojoNn2h2I+5GeLLeo1iakgGWtXimjWXm31I2yvFgiHzBgQKmMDNuhwjhar2Ae3GBun/jDAiEFcj9UDJw7cSeFsrFv3CT92OGEKBPst6AV4MN+pQFovTNJQsah7XRSra7iAZo4adA8WrlsMjdRedk13c5jzLt1zlJL/VneNAiHuHeaivhkfuK5WPinx2j83CtsC1TUs90KjTq+fmzZ0k6DLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EuCagIIAaFndumnTZ4HR6LnePAQLWbidfGNVQILKQWI=; b=j358a9HkR11/EL00HLWklR4jnko8vxmooHQIo4p+ROChFXfX5cSUnpZ/mFuTV4ne9SfbM7Z/r9ABiWXswYHUeyVMhQcqmycJHhv3Z3uElCUY3ntS8xNoA45HpV2CQGwSkSrkt5waE+Pogz56nrmbLC7zDqRmIipInPZhGSH5iWduzC0pwPEY8wgikUERfO41jLO76+Wkcsc+nhzZAIiWpy+Z6H+OW9VXVY88D8k5jq91hKkqs9pWym9mjSYEW/HSvlaDW95fuHLwTSG56C1MZzhfqQIdzsW99eM8hv7L4n8QhhLcnCA6QMWnsNkx9LWogNVRUoBamuSdhrRBM+6b6A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EuCagIIAaFndumnTZ4HR6LnePAQLWbidfGNVQILKQWI=; b=qIyHQcxdXVWT7u962x8+PJqGWGWVaHJs++FgI7Q4cjKWpd5PldT8c7YNmHrr2JIqXuJUVl2NthwWur0LqJHwnvaK3te/qZI3Vfou/Msw95+xhkfNX+WJEdOcPY4C5vEJokGUgEAkJF9qfh/YEUcRyuSk4iSJapUheIpwWdXwBxM= Received: from CH0P220CA0001.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::19) by IA0PR12MB8696.namprd12.prod.outlook.com (2603:10b6:208:48f::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.43; Fri, 18 Apr 2025 16:17:40 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::dd) by CH0P220CA0001.outlook.office365.com (2603:10b6:610:ef::19) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:40 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:37 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 11/16] x86/bugs: Restructure spectre_v2_user mitigation Date: Fri, 18 Apr 2025 11:17:16 -0500 Message-ID: <20250418161721.1855190-12-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|IA0PR12MB8696:EE_ X-MS-Office365-Filtering-Correlation-Id: fa3f64fb-2638-471e-7f6b-08dd7e948a90 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|1800799024|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?LG/SHL9RMNgSHe3Ez1uLmydIStVAsOup6u8+RrLcNCWmjVyDErccGwf3rAmq?= =?us-ascii?Q?HPv8yhyAKDo7rZmSRGjXvN3ICsMRXRoAIAqBLNW2In8RQF4ZaqaSwvEn2gHv?= =?us-ascii?Q?Yjs9ZJNvSHoBguH9nxGMZ4XRNYLDVGDriwK3ATt2Zi9eQNCABdaGzxiEWBSr?= =?us-ascii?Q?rWTdXpBXX1A0H5yyWVwYN2/eQ7vtkIXIA3wdfk47VyIB7qQ5E19Du0ZB84Na?= =?us-ascii?Q?vbXpwszyEQ0JYocWq/3EAzm1+1FElSKq01wVRHuX9B4aQIgLHv6tj5TmUgC0?= =?us-ascii?Q?ZfHvCcGx18pJ+Fe6IHypL1+d6V7qnKWrz5mkS2waON+g34k7twT+dfRro+h9?= =?us-ascii?Q?E4lZyuyp2sBc0XgF/xRpqpvKJtiwtOoqrByHpMrKm8BMw//7ebB2EY5HoNMx?= =?us-ascii?Q?S3ahmyvOqBpn+sDlQ4i5bd5IFRWHD08DEN59+GTL3PxYYCSl181Vzn3Y/i0N?= =?us-ascii?Q?692HhTuSH4FuarEv+u/r927+2dr4ctXAB+sJrKK5gCjwirtRoej4NqWZmY7w?= =?us-ascii?Q?0d7o6NTXPxuzUhoJP1A60yy2eCfHAMhXeUMrgW3n/rFP8IWNPzmOQ1Qv4+xc?= =?us-ascii?Q?j0S6HwJ/LkXVSLUP3R0ViFKu2TXKcnNAj3SD7+t+cv2fbkckZ49csBAfQYrc?= =?us-ascii?Q?7jYdGIY279IdCxIZioQuU8GRcRky2lRh1Kf/Dp284dr/iY7hVC7DRH4eYKdT?= =?us-ascii?Q?JDnF2oQKWga/mywVfg03kASqOFYcpgDyZbyKlSPaSCmnn44PZo/oi5QDRYm5?= =?us-ascii?Q?1siKk5ZZl+xhaW7CQbEiLwL8WtxKUy2/BbR4sD+dEnrWnhCH/6PZGGkBlEdh?= =?us-ascii?Q?R4qVh/wt74kEvoP7qJpR+fLxG0nJrYXTHa/0tz4nObffZbVKrbg+UKh9eN8r?= =?us-ascii?Q?0lB4pkVkpZLNYWmiF2OE12X5Tc77aL2druyK0JRxBSyJFJdpyjyPPFhPRzX1?= =?us-ascii?Q?3pq2fXYLyCHt8oABEGvC5e7ozsq7+KkRQ4qmKoCJqaKYr1onhY6Im1s0+HSj?= =?us-ascii?Q?LoJcvavGe1PftUZnnzxnCGdE3j5nN9FszRsooz80cDjXv4LzCyuftgHRNW05?= =?us-ascii?Q?XG5xYJq8we2lyprPq0U4HTY4yMs14sGXBJM2trqN8clyg1szSIma1pUykWpN?= =?us-ascii?Q?M3XaYqIARisbZpgYtGTbFOWE1lJf5RcM3qRSrJIC29991YpVChNNel2WOIeO?= =?us-ascii?Q?bu2HgfZkikrBPzFfyaiGj/+ZBProJLK/7x2WN5h/lvJbcZAZ3siCjcNKgcGj?= =?us-ascii?Q?Q3jSjM/2SObgME479KTD0BcfPv4MdYN/vqFo+EHkE/gyxoQOBrLfxNvoePW8?= =?us-ascii?Q?xhOItNOU/3k9nwXjTqm2tYMbvcxrsIa7DW2VD0TEqIYZ55xlgixNuZzDxMDx?= =?us-ascii?Q?/27DUvGqi9bKv/fXFhgs5wQkMm+psToNHo8MI8kFEgktTHz4B7Qx9POdejcr?= =?us-ascii?Q?HFsvU7rw9GfFlDe3detTZETD/JxxC8+03B8ug6NSB7kqo81KE0hZ02KwYAsd?= =?us-ascii?Q?ScwVFTtgwbk6vgJTl/JSDOszhHrrsyuxqiAO?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(1800799024)(376014)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:40.0626 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fa3f64fb-2638-471e-7f6b-08dd7e948a90 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8696 Content-Type: text/plain; charset="utf-8" Restructure spectre_v2_user to use select/update/apply functions to create consistent vulnerability handling. The IBPB/STIBP choices are first decided based on the spectre_v2_user command line but can be modified by the spectre_v2 command line option as well. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 155 +++++++++++++++++++++---------------- 1 file changed, 89 insertions(+), 66 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 248b6065f4bc..bb20cfb81015 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -60,6 +60,8 @@ static void __init retbleed_select_mitigation(void); static void __init retbleed_update_mitigation(void); static void __init retbleed_apply_mitigation(void); static void __init spectre_v2_user_select_mitigation(void); +static void __init spectre_v2_user_update_mitigation(void); +static void __init spectre_v2_user_apply_mitigation(void); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); @@ -190,11 +192,6 @@ void __init cpu_select_mitigations(void) spectre_v1_select_mitigation(); spectre_v2_select_mitigation(); retbleed_select_mitigation(); - /* - * spectre_v2_user_select_mitigation() relies on the state set by - * retbleed_select_mitigation(); specifically the STIBP selection is - * forced for UNRET or IBPB. - */ spectre_v2_user_select_mitigation(); ssb_select_mitigation(); l1tf_select_mitigation(); @@ -217,6 +214,11 @@ void __init cpu_select_mitigations(void) * choices. */ retbleed_update_mitigation(); + /* + * spectre_v2_user_update_mitigation() depends on + * retbleed_update_mitigation(). + */ + spectre_v2_user_update_mitigation(); mds_update_mitigation(); taa_update_mitigation(); mmio_update_mitigation(); @@ -224,6 +226,7 @@ void __init cpu_select_mitigations(void) =20 spectre_v1_apply_mitigation(); retbleed_apply_mitigation(); + spectre_v2_user_apply_mitigation(); mds_apply_mitigation(); taa_apply_mitigation(); mmio_apply_mitigation(); @@ -1374,6 +1377,8 @@ enum spectre_v2_mitigation_cmd { SPECTRE_V2_CMD_IBRS, }; =20 +static enum spectre_v2_mitigation_cmd spectre_v2_cmd __ro_after_init =3D S= PECTRE_V2_CMD_AUTO; + enum spectre_v2_user_cmd { SPECTRE_V2_USER_CMD_NONE, SPECTRE_V2_USER_CMD_AUTO, @@ -1412,31 +1417,19 @@ static void __init spec_v2_user_print_cond(const ch= ar *reason, bool secure) pr_info("spectre_v2_user=3D%s forced on command line.\n", reason); } =20 -static __ro_after_init enum spectre_v2_mitigation_cmd spectre_v2_cmd; - static enum spectre_v2_user_cmd __init spectre_v2_parse_user_cmdline(void) { - enum spectre_v2_user_cmd mode; char arg[20]; int ret, i; =20 - mode =3D IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? - SPECTRE_V2_USER_CMD_AUTO : SPECTRE_V2_USER_CMD_NONE; - - switch (spectre_v2_cmd) { - case SPECTRE_V2_CMD_NONE: + if (cpu_mitigations_off() || !IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2)) return SPECTRE_V2_USER_CMD_NONE; - case SPECTRE_V2_CMD_FORCE: - return SPECTRE_V2_USER_CMD_FORCE; - default: - break; - } =20 ret =3D cmdline_find_option(boot_command_line, "spectre_v2_user", arg, sizeof(arg)); if (ret < 0) - return mode; + return SPECTRE_V2_USER_CMD_AUTO; =20 for (i =3D 0; i < ARRAY_SIZE(v2_user_options); i++) { if (match_option(arg, ret, v2_user_options[i].option)) { @@ -1447,7 +1440,7 @@ spectre_v2_parse_user_cmdline(void) } =20 pr_err("Unknown user space protection option (%s). Switching to default\n= ", arg); - return mode; + return SPECTRE_V2_USER_CMD_AUTO; } =20 static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode) @@ -1458,7 +1451,6 @@ static inline bool spectre_v2_in_ibrs_mode(enum spect= re_v2_mitigation mode) static void __init spectre_v2_user_select_mitigation(void) { - enum spectre_v2_user_mitigation mode =3D SPECTRE_V2_USER_NONE; enum spectre_v2_user_cmd cmd; =20 if (!boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_STIBP)) @@ -1467,48 +1459,65 @@ spectre_v2_user_select_mitigation(void) cmd =3D spectre_v2_parse_user_cmdline(); switch (cmd) { case SPECTRE_V2_USER_CMD_NONE: - goto set_mode; + return; case SPECTRE_V2_USER_CMD_FORCE: - mode =3D SPECTRE_V2_USER_STRICT; + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_STRICT; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_STRICT; break; case SPECTRE_V2_USER_CMD_AUTO: case SPECTRE_V2_USER_CMD_PRCTL: + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_PRCTL; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_PRCTL; + break; case SPECTRE_V2_USER_CMD_PRCTL_IBPB: - mode =3D SPECTRE_V2_USER_PRCTL; + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_STRICT; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_PRCTL; break; case SPECTRE_V2_USER_CMD_SECCOMP: + if (IS_ENABLED(CONFIG_SECCOMP)) + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_SECCOMP; + else + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_PRCTL; + spectre_v2_user_stibp =3D spectre_v2_user_ibpb; + break; case SPECTRE_V2_USER_CMD_SECCOMP_IBPB: + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_STRICT; if (IS_ENABLED(CONFIG_SECCOMP)) - mode =3D SPECTRE_V2_USER_SECCOMP; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_SECCOMP; else - mode =3D SPECTRE_V2_USER_PRCTL; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_PRCTL; break; } =20 - /* Initialize Indirect Branch Prediction Barrier */ - if (boot_cpu_has(X86_FEATURE_IBPB)) { - static_branch_enable(&switch_vcpu_ibpb); + /* + * At this point, an STIBP mode other than "off" has been set. + * If STIBP support is not being forced, check if STIBP always-on + * is preferred. + */ + if ((spectre_v2_user_stibp =3D=3D SPECTRE_V2_USER_PRCTL || + spectre_v2_user_stibp =3D=3D SPECTRE_V2_USER_SECCOMP) && + boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) + spectre_v2_user_stibp =3D SPECTRE_V2_USER_STRICT_PREFERRED; =20 - spectre_v2_user_ibpb =3D mode; - switch (cmd) { - case SPECTRE_V2_USER_CMD_NONE: - break; - case SPECTRE_V2_USER_CMD_FORCE: - case SPECTRE_V2_USER_CMD_PRCTL_IBPB: - case SPECTRE_V2_USER_CMD_SECCOMP_IBPB: - static_branch_enable(&switch_mm_always_ibpb); - spectre_v2_user_ibpb =3D SPECTRE_V2_USER_STRICT; - break; - case SPECTRE_V2_USER_CMD_PRCTL: - case SPECTRE_V2_USER_CMD_AUTO: - case SPECTRE_V2_USER_CMD_SECCOMP: - static_branch_enable(&switch_mm_cond_ibpb); - break; - } + if (!boot_cpu_has(X86_FEATURE_IBPB)) + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_NONE; =20 - pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n", - static_key_enabled(&switch_mm_always_ibpb) ? - "always-on" : "conditional"); + if (!boot_cpu_has(X86_FEATURE_STIBP)) + spectre_v2_user_stibp =3D SPECTRE_V2_USER_NONE; +} + +static void __init spectre_v2_user_update_mitigation(void) +{ + if (!boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_STIBP)) + return; + + /* The spectre_v2 cmd line can override spectre_v2_user options */ + if (spectre_v2_cmd =3D=3D SPECTRE_V2_CMD_NONE) { + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_NONE; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_NONE; + } else if (spectre_v2_cmd =3D=3D SPECTRE_V2_CMD_FORCE) { + spectre_v2_user_ibpb =3D SPECTRE_V2_USER_STRICT; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_STRICT; } =20 /* @@ -1526,30 +1535,44 @@ spectre_v2_user_select_mitigation(void) if (!boot_cpu_has(X86_FEATURE_STIBP) || !cpu_smt_possible() || (spectre_v2_in_eibrs_mode(spectre_v2_enabled) && - !boot_cpu_has(X86_FEATURE_AUTOIBRS))) + !boot_cpu_has(X86_FEATURE_AUTOIBRS))) { + spectre_v2_user_stibp =3D SPECTRE_V2_USER_NONE; return; + } =20 - /* - * At this point, an STIBP mode other than "off" has been set. - * If STIBP support is not being forced, check if STIBP always-on - * is preferred. - */ - if (mode !=3D SPECTRE_V2_USER_STRICT && - boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) - mode =3D SPECTRE_V2_USER_STRICT_PREFERRED; - - if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_UNRET || - retbleed_mitigation =3D=3D RETBLEED_MITIGATION_IBPB) { - if (mode !=3D SPECTRE_V2_USER_STRICT && - mode !=3D SPECTRE_V2_USER_STRICT_PREFERRED) + if (spectre_v2_user_stibp !=3D SPECTRE_V2_USER_NONE && + (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_UNRET || + retbleed_mitigation =3D=3D RETBLEED_MITIGATION_IBPB)) { + if (spectre_v2_user_stibp !=3D SPECTRE_V2_USER_STRICT && + spectre_v2_user_stibp !=3D SPECTRE_V2_USER_STRICT_PREFERRED) pr_info("Selecting STIBP always-on mode to complement retbleed mitigati= on\n"); - mode =3D SPECTRE_V2_USER_STRICT_PREFERRED; + spectre_v2_user_stibp =3D SPECTRE_V2_USER_STRICT_PREFERRED; } + pr_info("%s\n", spectre_v2_user_strings[spectre_v2_user_stibp]); +} =20 - spectre_v2_user_stibp =3D mode; +static void __init spectre_v2_user_apply_mitigation(void) +{ + /* Initialize Indirect Branch Prediction Barrier */ + if (spectre_v2_user_ibpb !=3D SPECTRE_V2_USER_NONE) { + static_branch_enable(&switch_vcpu_ibpb); =20 -set_mode: - pr_info("%s\n", spectre_v2_user_strings[mode]); + switch (spectre_v2_user_ibpb) { + case SPECTRE_V2_USER_STRICT: + static_branch_enable(&switch_mm_always_ibpb); + break; + case SPECTRE_V2_USER_PRCTL: + case SPECTRE_V2_USER_SECCOMP: + static_branch_enable(&switch_mm_cond_ibpb); + break; + default: + break; + } + + pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n", + static_key_enabled(&switch_mm_always_ibpb) ? + "always-on" : "conditional"); + } } =20 static const char * const spectre_v2_strings[] =3D { --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2080.outbound.protection.outlook.com [40.107.244.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8C3ED2253AB for ; Fri, 18 Apr 2025 16:17:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.80 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993067; cv=fail; b=d2IoFW3EQoSuo9nzTO1LeR4VbICicip8xc6JvNltOrau+E2zZESPvMsNiF1HNsa0H1w0pC6l16Rsxl27R/fQHcPUzlbmJFQx1TvCCQIm59StU2b3YmsttogX71AQ+QSmUf8sHF5QTMKvvWPzKBYdl5PGESjtol7GWAzJyfpl8rE= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993067; c=relaxed/simple; bh=5iRtUnLaQ70eHCpDnnlQSyRBKJbjDLqOD0OwGy3vJ8o=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=CRolcFI1c1yJIbp7TNBq0UVfIAD4j5tcmarzmE4tQy807jGJi5kzsAY1PogxNSLm+6a5HLhIuRAzATCT2G5tXyt2UGDDwvMlFLDutpynKrgPcXIERi/HYX2t1IBlUTgDh0cZIyU1opDfBkpC0oQsr1NiXgWtZzXykEeMCIWsLbY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=lmqGq9GO; arc=fail smtp.client-ip=40.107.244.80 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="lmqGq9GO" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Qkm2nUhirInC4UV4YJ1qkOhn8+rBYnXnH650AtRzWuw6MDv9/XOLINoz1pxwMAhjStXUveZcQg24x/QkfdecNfK/nLMKWZoUroBm9Hhpik4O1fT7blnHstHSC8nLanqpO28vTeCHe8oq8gtuq1uDSHos1oR/twYlGUeUAybqUA+eLV8ju0sOUjZDUqWAwcamvdpDb83/wBkMF+kIEaYwCLyYw6XkRkAsZenxnQcYZec6feYQ1rpprQ3gYfvngJwP5z5Gu0xDJVHRlq4VsaiMxlt53X+gG3mpyWJhD4BKOFCbNbwTaFUXHcvp37AEAYsIOuTEflQvAjs8KYrthRpuAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PFotI3Ihh2pzL62wcKH7sAJGZf5NE5OlW2l1PCUQQ+U=; b=OUnOc4hBEan8k4XBSMweJ2gFaJ5Akn3iZtS4GqY/gwKEVQ+sodtkIiU9a5lqwSGZxizkXtqSSTmWRS8cmHEQDnW2jyMmdzdvEDP2S4cChIZMPPpE0yxt7I+zjJM9GlCnpVUvXD153PSn1T6la3x0JJ8i+m3Yl5BiYO2E4A78XYlFY2bWKL6QTxrRwGuZh+JNOwfpwVikYO/grbE3EAwd02/cqws8ieI+y7JkiumDyE0uzv+Eg2EI2oH7id5pm2Qu39jFJT+HpSAIeSKGSNug7WJdh025zoxOOOLeP6SE6e4aIay+Tp1Fx/8ZBNCQGQt+P2bS2fHhYWnnZ6y9pl4GLw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PFotI3Ihh2pzL62wcKH7sAJGZf5NE5OlW2l1PCUQQ+U=; b=lmqGq9GOagI+OY38TWAertb+ZsHTjNyJSItJmoM5RmmRBs3Z3ZxwNOJ9vGJsm8mNd/Ycn6YgEBhKrU2SUFaM6hoajQVm8vJiLkVXu3b6eJA1hsCGyHySuJeUst2M9HNNLfsyTiEqEas2z9owKRgQuK0TU18mQO0nJf7MCqIt4xw= Received: from CH0P220CA0026.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::22) by IA1PR12MB6209.namprd12.prod.outlook.com (2603:10b6:208:3e7::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.22; Fri, 18 Apr 2025 16:17:41 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::f0) by CH0P220CA0026.outlook.office365.com (2603:10b6:610:ef::22) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:40 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:38 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 12/16] x86/bugs: Restructure BHI mitigation Date: Fri, 18 Apr 2025 11:17:17 -0500 Message-ID: <20250418161721.1855190-13-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|IA1PR12MB6209:EE_ X-MS-Office365-Filtering-Correlation-Id: ce71687a-5f58-424d-91cc-08dd7e948af7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|376014|1800799024|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?sonGZiJVoAdWP3eqBgGXC8bIoTDX7ni6WQVHqPmAR+5zAjVeAYmRT694vq38?= =?us-ascii?Q?tE8Vd1wU+JqfzT+2dPawb/iehz9WXN8FGTE0t8HlgbyTPPAncPXfpM9/2fcu?= =?us-ascii?Q?MvPeQ53ECWeQ3I3ZZP+rS6A7tfobEDZIRNqEOF91Pthng6Yr8jT3Q9k98kcW?= =?us-ascii?Q?r6vnjhwJaXI8EM6SEoBKxp9q1C/KfYbr2Ww4V4KuiU111Zkc1FrB/cws8X4r?= =?us-ascii?Q?NKPEmNnsSj+TOgeY93jBdYh8lktqmI/R6kRyft7WXHx5p3Aqz3vKIhkYaqEy?= =?us-ascii?Q?Q2hBPfES+4JuZuCde6A/TADBqmpJTnHEg+BEAMhQi2Lbt090paWKh6M2PwRC?= =?us-ascii?Q?GzJFy5YgzQSsirbJDNo9Q1fo8Sk91aR03RAAcyamnxkzDsPLpLdvTWF1dznv?= =?us-ascii?Q?vudyKlyj8qfndIFni4y5EXqSnxTbfvZmqRUXJQckiH4377VB+pte+GRpO8s1?= =?us-ascii?Q?FooGC1aYxNMg9XFkUK0byo1XPKSVfK7L75W1X8YS4MYKj3pgcd9jqlGIBWwG?= =?us-ascii?Q?jfkamNX6hezAnYUP0iR0NEyiyF7bpLSo9YorFue9AKeK2E+HPaN/Z+q62cfc?= =?us-ascii?Q?I5ZRPNmmH0zWSc2so8E8skdc/9adDylAQY5uSnhJJUG2E9AoPd7N0SeRuiVP?= =?us-ascii?Q?oY3eSOo2dZiPnptL55rjzOLURNz5YrQEuwEB7xwpeGCUdJREOZyIc4fuDZ+4?= =?us-ascii?Q?qWqBzkixFwmdPkf971ddZs6D/iJoDESLICYPzp//53lXjdeHbfj+WHSWIDy8?= =?us-ascii?Q?ruJE+X/+tdVR0xSYjla3cIT/CrQKv92QllnbDBsfTAFsolMXHE4FJGNx8fSq?= =?us-ascii?Q?y7hzS6xIvAtuOpDUPZQBEPEtFjhA8iHs/mJOW++9pRV15jEYer1ei731PtHU?= =?us-ascii?Q?siqEAKh8OtrNiWq0OweyO05kUgPLILTg1dtVfcP/Np0RkCipCj6JuAulgPGE?= =?us-ascii?Q?g4VJfPgblN9aeNJauHZM0eWoG0HwgMIJDl8qjIq3TPkHRfzGosKlJBlHfaO2?= =?us-ascii?Q?YFPWpPjsOT70ynDF2ocL4/aVYvcwImkqTwlQfsaDHe7AIDUNZ/or4yc8lllu?= =?us-ascii?Q?V4g5sMnL6egioe70tyf6et77S1ZjxpQ93uO69uRQIXqexv4TDs4HljkoXA8k?= =?us-ascii?Q?6qEyDOHVgB1lP+b+l8soiBnkuRYvYiwWcztMXbip2yAyj+6xCSeCOuplKw3q?= =?us-ascii?Q?2xdpXt2iM9sS7K6+chFPaneiUyhFWiO2lLuwou3FWGh8qRwJUPmmajCYdOES?= =?us-ascii?Q?y1EkvZiDka5pdgxXv2ValHu+OnVg0IP89M4+mF3rig+J8Ujspa95jpwZ0Npe?= =?us-ascii?Q?c/ACxI9gX+MBeThz2IWfZIh9aGH77aaILyDNYh38os+TfmPYR52B8hslqJAu?= =?us-ascii?Q?QfYtHXDIbgsX5Maa/yG9QMet2lLJ1Q1n/nr3ThFd/Dz8NpBp2URYGb0fS1R3?= =?us-ascii?Q?39RgRsLIGH4pbF0xWUxnVAipB7GR3c2myurCLl9y5eYtZpc8UwZ6rklda+LZ?= =?us-ascii?Q?02JH5OUFs5yNUx/+brrJGEnqIi66CAbuKXMg?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(376014)(1800799024)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:40.7377 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ce71687a-5f58-424d-91cc-08dd7e948af7 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6209 Content-Type: text/plain; charset="utf-8" Restructure BHI mitigation to use select/update/apply functions to create consistent vulnerability handling. BHI mitigation was previously selected from within spectre_v2_select_mitigation() and now is selected from cpu_select_mitigation() like with all others. Define new AUTO mitigation for BHI. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index bb20cfb81015..b7063f58ae88 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -82,6 +82,9 @@ static void __init l1d_flush_select_mitigation(void); static void __init srso_select_mitigation(void); static void __init gds_select_mitigation(void); static void __init gds_apply_mitigation(void); +static void __init bhi_select_mitigation(void); +static void __init bhi_update_mitigation(void); +static void __init bhi_apply_mitigation(void); =20 /* The base value of the SPEC_CTRL MSR without task-specific bits set */ u64 x86_spec_ctrl_base; @@ -208,6 +211,7 @@ void __init cpu_select_mitigations(void) */ srso_select_mitigation(); gds_select_mitigation(); + bhi_select_mitigation(); =20 /* * After mitigations are selected, some may need to update their @@ -223,6 +227,7 @@ void __init cpu_select_mitigations(void) taa_update_mitigation(); mmio_update_mitigation(); rfds_update_mitigation(); + bhi_update_mitigation(); =20 spectre_v1_apply_mitigation(); retbleed_apply_mitigation(); @@ -233,6 +238,7 @@ void __init cpu_select_mitigations(void) rfds_apply_mitigation(); srbds_apply_mitigation(); gds_apply_mitigation(); + bhi_apply_mitigation(); } =20 /* @@ -1792,12 +1798,13 @@ static bool __init spec_ctrl_bhi_dis(void) =20 enum bhi_mitigations { BHI_MITIGATION_OFF, + BHI_MITIGATION_AUTO, BHI_MITIGATION_ON, BHI_MITIGATION_VMEXIT_ONLY, }; =20 static enum bhi_mitigations bhi_mitigation __ro_after_init =3D - IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI) ? BHI_MITIGATION_ON : BHI_MITIG= ATION_OFF; + IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI) ? BHI_MITIGATION_AUTO : BHI_MIT= IGATION_OFF; =20 static int __init spectre_bhi_parse_cmdline(char *str) { @@ -1818,6 +1825,25 @@ static int __init spectre_bhi_parse_cmdline(char *st= r) early_param("spectre_bhi", spectre_bhi_parse_cmdline); =20 static void __init bhi_select_mitigation(void) +{ + if (!boot_cpu_has(X86_BUG_BHI) || cpu_mitigations_off()) + bhi_mitigation =3D BHI_MITIGATION_OFF; + + if (bhi_mitigation =3D=3D BHI_MITIGATION_AUTO) + bhi_mitigation =3D BHI_MITIGATION_ON; +} + +static void __init bhi_update_mitigation(void) +{ + if (spectre_v2_cmd =3D=3D SPECTRE_V2_CMD_NONE) + bhi_mitigation =3D BHI_MITIGATION_OFF; + + if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2) && + spectre_v2_cmd =3D=3D SPECTRE_V2_CMD_AUTO) + bhi_mitigation =3D BHI_MITIGATION_OFF; +} + +static void __init bhi_apply_mitigation(void) { if (bhi_mitigation =3D=3D BHI_MITIGATION_OFF) return; @@ -1959,9 +1985,6 @@ static void __init spectre_v2_select_mitigation(void) mode =3D=3D SPECTRE_V2_RETPOLINE) spec_ctrl_disable_kernel_rrsba(); =20 - if (boot_cpu_has(X86_BUG_BHI)) - bhi_select_mitigation(); - spectre_v2_enabled =3D mode; pr_info("%s\n", spectre_v2_strings[mode]); =20 --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2052.outbound.protection.outlook.com [40.107.244.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D2D9B22A7FF for ; Fri, 18 Apr 2025 16:17:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.52 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993071; cv=fail; b=uPl/y1OHVjrtct1yduIcXNpNBkPVrN/0FI0KYR3XDGOB1Gv4NDqrEI53nKYAKEDRnmhvxk1BKluSiSqRdb9yMbiEZTmrwYv3SjxedOfwcjLWoeXTCzKS45sJVGpZXH3oq/KQt0Qa2u1YuGkkNMPK6UFs3PCYxI8kdAjo3joAVR4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993071; c=relaxed/simple; bh=r3BCTJ+2VZd4Jwdn19LX/GQFHm7pQOyglZ8tilINqi8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=X+M8b02UZhHG+46Ja/CFUXmb1rUx6zZcKbEFNUCGgKqXrqGHkrowPe08NVIqFooJoxCnMbazzsWPVkiFWGkIE74cWMvKeHKCjcWa9aIcH+BRIc4nmmERjev9SrS8lVuLgtq6EaJm8t52+xcWCxW2hra8PaDtEzgg6xmQRuQKDL4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=msk51bbB; arc=fail smtp.client-ip=40.107.244.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="msk51bbB" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=W+iEJG+mtMlieYkOHaWvqc+XiYoh2ocfda76KaVf3rcpCK7o7qi/jne9I7q4FpjD653VxgPy2ot0TUmN6nPwFp6yC3yRR2Im7QG2ph6ZSf3dAbxwNh+XwyI4MQDjb+xtM9d3Xix6YzSFlykydKckLS+9g73mOajGOYi0SsD9/Xan7xsFaJPTqJQKcx6+wUHg0VhB6vOCtdGdTdl9j8PZ53GiwXOIreYjcHB6+Q4cCOk+Ia0tga2DC7AjkHlr32eqvLYWJuLJr+XC0auHJalVNQQ1OvnQt/j7vU7Rgg/cf53pQF54Qz5QJugKq0JVKVsU9VUa2EoLWgfqhdFIfQjKMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=z/W61BUKgYnO/Dlz9DF4zyVbY8L4XvAa9KHdzYdMvgA=; b=x5IUMCdvTNkC+6G2NCrNvBg4TeX/RRenPVnRgp/z+enbDZl+nPSOPLKdxNX5dbNGLxyPqMvcVcgLiyvz1M2spSDbvqGuoXihem6UUQoXmzRuo2hlYguc0BgwTOUVxhKkek3d8jUNXF9yFSFkGQ/4DVXoOmX4mLYTbL4G6Pku3XL62ggb7dAssNulzhbomeO5z+LOcyyosONYgFUSFBYB1Rwz2sy0PDpGnFxGC2H7gdxhmhrwZnASf39G3DgWADES34IBCDHac38d9hDV7Y3IRr1YjY9iebgsTApKQ4OOg63j/rZAG//5M9YlXbJGT8oZ09yJKj36NT/n2buAIXReDA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z/W61BUKgYnO/Dlz9DF4zyVbY8L4XvAa9KHdzYdMvgA=; b=msk51bbB6iwgoWogSxAxQSvGdILp2enzvXrTiP54Xg9TLdAbwx+rx7OFKi4J0V9rownCt21MVHX6svS20tNICosjeS5hR5B8JNqvv2Cz7G81AUMT5VN4WaYrjWQZAfCYIqcBnKyvks4q1tSwvs4NbBJoLhkDHOQ3Xmlda2FJgWM= Received: from CH0P220CA0015.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::35) by DS0PR12MB7583.namprd12.prod.outlook.com (2603:10b6:8:13f::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.32; Fri, 18 Apr 2025 16:17:42 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::2c) by CH0P220CA0015.outlook.office365.com (2603:10b6:610:ef::35) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:42 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:38 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 13/16] x86/bugs: Restructure spectre_v2 mitigation Date: Fri, 18 Apr 2025 11:17:18 -0500 Message-ID: <20250418161721.1855190-14-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|DS0PR12MB7583:EE_ X-MS-Office365-Filtering-Correlation-Id: a0a24875-b757-4ac0-db30-08dd7e948bcb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|7416014|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?4tzGHt/hLI2eoJVjuYjjRkIDtmBU+hUusiJ8pFZtlrb8Max0mT42x20/HZnC?= =?us-ascii?Q?iSfr8Hns1YSExG5cJ7qX7Um4GAm/fe/UQ7F/wSDhpf+sIrTYsWCCFHwbVoKE?= =?us-ascii?Q?u1+DaiSc2dKSG51awY5nA7wdLGVGBcUsHVgFlG6BDtAN1A2RQQWGcIiWMFA1?= =?us-ascii?Q?zESPRO9pri5ofv4WhljIJNuieptjqKMMnfnRNQoSiBEr/WtxYUxJLEBaDMLD?= =?us-ascii?Q?08T4F0MQaLhqKjDnIJvI88mW9wjex7bOBstalm2RvSANuXKawSCwI1iiG5Cg?= =?us-ascii?Q?7k3MESQVKPkBr5pKjEpQw1GwP3Jm7CPzHIm1dIuBn0pvdnBrVHRv5tgsWrJF?= =?us-ascii?Q?/jTvgU9kugJlT7d1eJS1hFuZhMRICF9/Ko/7vXy4Xtr9mBI/cMcCm2gYHiOA?= =?us-ascii?Q?wtYyVlFqWNhnjnVXGr0iAOdzQ/uBgjpsGMuWQEdKZgzJFHwBlDkyAsFnLC2Y?= =?us-ascii?Q?xeahor5xt7S+4cx3Xx53SjUXxWrHHq7LmePA75o56q92lqEHdUxe/DbVvVD/?= =?us-ascii?Q?ksY4N28ZfQm8nJSl6Xb8l8bUXoF5UJH46gwPd+IgWNRPKoJVUxIHxspKunHY?= =?us-ascii?Q?fRgaf/69J/5i9QcbV9bSWGQlYvPnwFBIEaL0S09PuC+aiZP9E2cHa2W4E0IS?= =?us-ascii?Q?LfgRX8hbQ+ob6ncRVxAfeCbd4ddHdYFPmR/iGtf2YQtDHrYj8WA77YjzlsDS?= =?us-ascii?Q?4UrIt7/qMSqLRCGqPsN4lKFheZUlto2XHWVL6gpuHHZ8mtP9boxozqHEzTAK?= =?us-ascii?Q?WpPRE6vtYEQami6SQe4Z/lGfnrFgrhjSKO+jBsKJwBUqBzjv2IWocmmOSu78?= =?us-ascii?Q?RlQty/AaTQPRs1hrzh8r22cIFn1pmAxQAeU1JWDw+WGr0zEIK8Cp67jARiDA?= =?us-ascii?Q?iyGGn2oWoRHhmHi6rTOgivpoNlTCQcF1tGCZSayb/ch2uA5WnTWrdscjqgft?= =?us-ascii?Q?URdF9Pz1Y8vvl9T+lmkBuvk9KWzV78KF5jFhthVm3vfofMnMdSuZ3r+H5Fay?= =?us-ascii?Q?+NdnBfsthgJBTyGF5ruiYZITCbAHwhLYW59iw7GWZ1TamLuhuMsV7CYjdFmf?= =?us-ascii?Q?D/3AMQXl2lUK6vaL+Pn+/flFRMqqxxcnymMQIS0pR+8pxf9lNUK4tIp2lz+/?= =?us-ascii?Q?dKVlEilb8ayJn8X9s6sAEqwkVNHJaFOT2RDyDebVaM9jVNESiEqIECMtWIFK?= =?us-ascii?Q?+W9JFHgF4TzipUySrL7ZVV6THKd7MT4wNFRyruVdJKXOXS+01MuaDbTNVo1b?= =?us-ascii?Q?Kc5oppmXTBXO4aSX5b7O7Tngk/eqyeA687tgmhuGSBMV8+PIDkG1SZ1Ud8p9?= =?us-ascii?Q?gil5XnSbYoT55tvDXzg4RZyZkWejbrQVsZQxyM5aBvalIXADrRvAHlWL9Dhp?= =?us-ascii?Q?k+SkXH0nAC2bQfOOtlAtcP9LRIiortksudzJsMQO8/cVXKrhcgMzB2qwMbFm?= =?us-ascii?Q?Wru0uFQNXnWI6sPx4JvSHRyNUedoovkuBTpw22QSu5uyppqCf62kabtnpFF8?= =?us-ascii?Q?7J/BZd2EuQeDbqLQKd4MsxSIDJdM0k7Zr+K9?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(1800799024)(7416014)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:42.1292 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a0a24875-b757-4ac0-db30-08dd7e948bcb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7583 Content-Type: text/plain; charset="utf-8" Restructure spectre_v2 to use select/update/apply functions to create consistent vulnerability handling. The spectre_v2 mitigation may be updated based on the selected retbleed mitigation. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 80 +++++++++++++++++++++++--------------- 1 file changed, 49 insertions(+), 31 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b7063f58ae88..8fe00fe987d5 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -56,6 +56,8 @@ static void __init spectre_v1_select_mitigation(void); static void __init spectre_v1_apply_mitigation(void); static void __init spectre_v2_select_mitigation(void); +static void __init spectre_v2_update_mitigation(void); +static void __init spectre_v2_apply_mitigation(void); static void __init retbleed_select_mitigation(void); static void __init retbleed_update_mitigation(void); static void __init retbleed_apply_mitigation(void); @@ -217,6 +219,12 @@ void __init cpu_select_mitigations(void) * After mitigations are selected, some may need to update their * choices. */ + spectre_v2_update_mitigation(); + /* + * retbleed_update_mitigation() relies on the state set by + * spectre_v2_update_mitigation(); specifically it wants to know about + * spectre_v2=3Dibrs. + */ retbleed_update_mitigation(); /* * spectre_v2_user_update_mitigation() depends on @@ -230,6 +238,7 @@ void __init cpu_select_mitigations(void) bhi_update_mitigation(); =20 spectre_v1_apply_mitigation(); + spectre_v2_apply_mitigation(); retbleed_apply_mitigation(); spectre_v2_user_apply_mitigation(); mds_apply_mitigation(); @@ -1876,18 +1885,18 @@ static void __init bhi_apply_mitigation(void) =20 static void __init spectre_v2_select_mitigation(void) { - enum spectre_v2_mitigation_cmd cmd =3D spectre_v2_parse_cmdline(); enum spectre_v2_mitigation mode =3D SPECTRE_V2_NONE; + spectre_v2_cmd =3D spectre_v2_parse_cmdline(); =20 /* * If the CPU is not affected and the command line mode is NONE or AUTO * then nothing to do. */ if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2) && - (cmd =3D=3D SPECTRE_V2_CMD_NONE || cmd =3D=3D SPECTRE_V2_CMD_AUTO)) + (spectre_v2_cmd =3D=3D SPECTRE_V2_CMD_NONE || spectre_v2_cmd =3D=3D S= PECTRE_V2_CMD_AUTO)) return; =20 - switch (cmd) { + switch (spectre_v2_cmd) { case SPECTRE_V2_CMD_NONE: return; =20 @@ -1898,16 +1907,6 @@ static void __init spectre_v2_select_mitigation(void) break; } =20 - if (IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY) && - boot_cpu_has_bug(X86_BUG_RETBLEED) && - retbleed_mitigation !=3D RETBLEED_MITIGATION_NONE && - retbleed_mitigation !=3D RETBLEED_MITIGATION_STUFF && - boot_cpu_has(X86_FEATURE_IBRS) && - boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL) { - mode =3D SPECTRE_V2_IBRS; - break; - } - mode =3D spectre_v2_select_retpoline(); break; =20 @@ -1941,10 +1940,32 @@ static void __init spectre_v2_select_mitigation(voi= d) break; } =20 - if (mode =3D=3D SPECTRE_V2_EIBRS && unprivileged_ebpf_enabled()) + spectre_v2_enabled =3D mode; +} + +static void __init spectre_v2_update_mitigation(void) +{ + if (spectre_v2_cmd =3D=3D SPECTRE_V2_CMD_AUTO) { + if (IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY) && + boot_cpu_has_bug(X86_BUG_RETBLEED) && + retbleed_mitigation !=3D RETBLEED_MITIGATION_NONE && + retbleed_mitigation !=3D RETBLEED_MITIGATION_STUFF && + boot_cpu_has(X86_FEATURE_IBRS) && + boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL) { + spectre_v2_enabled =3D SPECTRE_V2_IBRS; + } + } + + if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2) && !cpu_mitigations_off()) + pr_info("%s\n", spectre_v2_strings[spectre_v2_enabled]); +} + +static void __init spectre_v2_apply_mitigation(void) +{ + if (spectre_v2_enabled =3D=3D SPECTRE_V2_EIBRS && unprivileged_ebpf_enabl= ed()) pr_err(SPECTRE_V2_EIBRS_EBPF_MSG); =20 - if (spectre_v2_in_ibrs_mode(mode)) { + if (spectre_v2_in_ibrs_mode(spectre_v2_enabled)) { if (boot_cpu_has(X86_FEATURE_AUTOIBRS)) { msr_set_bit(MSR_EFER, _EFER_AUTOIBRS); } else { @@ -1953,8 +1974,10 @@ static void __init spectre_v2_select_mitigation(void) } } =20 - switch (mode) { + switch (spectre_v2_enabled) { case SPECTRE_V2_NONE: + return; + case SPECTRE_V2_EIBRS: break; =20 @@ -1980,15 +2003,12 @@ static void __init spectre_v2_select_mitigation(voi= d) * JMPs gets protection against BHI and Intramode-BTI, but RET * prediction from a non-RSB predictor is still a risk. */ - if (mode =3D=3D SPECTRE_V2_EIBRS_LFENCE || - mode =3D=3D SPECTRE_V2_EIBRS_RETPOLINE || - mode =3D=3D SPECTRE_V2_RETPOLINE) + if (spectre_v2_enabled =3D=3D SPECTRE_V2_EIBRS_LFENCE || + spectre_v2_enabled =3D=3D SPECTRE_V2_EIBRS_RETPOLINE || + spectre_v2_enabled =3D=3D SPECTRE_V2_RETPOLINE) spec_ctrl_disable_kernel_rrsba(); =20 - spectre_v2_enabled =3D mode; - pr_info("%s\n", spectre_v2_strings[mode]); - - spectre_v2_select_rsb_mitigation(mode); + spectre_v2_select_rsb_mitigation(spectre_v2_enabled); =20 /* * Retpoline protects the kernel, but doesn't protect firmware. IBRS @@ -1996,10 +2016,10 @@ static void __init spectre_v2_select_mitigation(voi= d) * firmware calls only when IBRS / Enhanced / Automatic IBRS aren't * otherwise enabled. * - * Use "mode" to check Enhanced IBRS instead of boot_cpu_has(), because - * the user might select retpoline on the kernel command line and if - * the CPU supports Enhanced IBRS, kernel might un-intentionally not - * enable IBRS around firmware calls. + * Use "spectre_v2_enabled" to check Enhanced IBRS instead of + * boot_cpu_has(), because the user might select retpoline on the kernel + * command line and if the CPU supports Enhanced IBRS, kernel might + * un-intentionally not enable IBRS around firmware calls. */ if (boot_cpu_has_bug(X86_BUG_RETBLEED) && boot_cpu_has(X86_FEATURE_IBPB) && @@ -2011,13 +2031,11 @@ static void __init spectre_v2_select_mitigation(voi= d) pr_info("Enabling Speculation Barrier for firmware calls\n"); } =20 - } else if (boot_cpu_has(X86_FEATURE_IBRS) && !spectre_v2_in_ibrs_mode(mod= e)) { + } else if (boot_cpu_has(X86_FEATURE_IBRS) && + !spectre_v2_in_ibrs_mode(spectre_v2_enabled)) { setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW); pr_info("Enabling Restricted Speculation for firmware calls\n"); } - - /* Set up IBPB and STIBP depending on the general spectre V2 command */ - spectre_v2_cmd =3D cmd; } =20 static void update_stibp_msr(void * __unused) --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2062.outbound.protection.outlook.com [40.107.94.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E235222ACF1 for ; Fri, 18 Apr 2025 16:17:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993072; cv=fail; b=tHdSEL13VFuqHUTQwA1qEaOu64LyBmbtwZuLLqEIVfN7iREBmLbD2NBgL3HfSsFu6h8WqOBMRv+76hS5sZFSdLOZhSYzfNENMi3BFgSbsUu2Q8DxMkuVgFGX7KgiHo7sTgTxtqe7WmZ7O14bsg69ry1ENNUB9MsaiR0r1yH0yxU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993072; c=relaxed/simple; bh=UeVMmh2ja4RO9mNmVEsOVpR48Sb04UXKKVjqNGW5ZEk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=bzr/BvaGimxOJoPUnHWRHBGITR6FcMrKOL8KZyu2R93NfQ/OppT7pGNQkg6S/OBFeMLA+u61S1ZtJ8TUEpdq05IzvwGAw9GyFFby9sFRswl1z2voNRGT/SOgMONeOLD/UaSljcVez2nKj1X5vRYwgixIs6GIYnmACoh1yxCjeRw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=eX6oZlml; arc=fail smtp.client-ip=40.107.94.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="eX6oZlml" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ceUsUbarMVQAGwEiiDC7Ic76HXzgeS69o/t5E9NP9f+iUnj2HVTvK2qZv8yZIAsOTiMdmK2cOm2TzehYQ/qI/6pyTCONuS7nkeiJhO46z5PkIryctJPQQ1tM5PLxBkdHOEFggfJRXsTm7TM/2caCS49eqx2IFxQxvrWxtU9iwKZkAZQAHKJs9kHW8bP9ANk/bw8ZYOy8z1mkyjXHdISXe5/UhowfbKCDrwuo6r+4KeaXuCoVUQhXw9CMypttOU7Hec/jz8RNYocqtPyexnoVUQqbvfX2u/m/1aKUQaTph0Fgy1o9r+V4sPIOqwUhysC9tqib5feQvdiYLQ/LKqGWVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HlvdF+ilONzqdsZzQvcPbOJAsYxj38KEp2TmYpn6Nmc=; b=EkOui5n9mfuZHPUlzqO9UjWBrER11/V9LTfrn705bBpD+/GwnPTrcxE+IpkAgYFNRblleQiIikeU6+aeP6gIHz2Uf8rv4y5qje4j73ZaT6uWQxnHPsjXmA34YyRFaTD+H370DkLL1/MDlAK+C67ap/qVbPbTr2wDaTDZxQ4d25B8V1plsSaiF2yp6hrjCxLPRRk4G6FmDQH59Bx55GfnmuvG/NKB+NO8Evg7gbxncSmOfOsbnolCeChMcMeeJptHpwHxhKzOX/q+/M2p5Fg4FLa9cCH9rXyEhHVCIO53oPe4877OvUKybBqXpsRjOcTFtU0kwjhxPL4LI9omted5qw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HlvdF+ilONzqdsZzQvcPbOJAsYxj38KEp2TmYpn6Nmc=; b=eX6oZlmlYTLJpMNLB8K03oGm/W8l4/R3GLhjz6qhS8Dmv7U9qmlS6UI5TU8PzFLclp/ModcHyebrn2JPpt0vBkod4Je3cIZvWYyKNTYbn9zi6v1rq6/UYBHYU58q/eBZU/lqUKb5OoZyPg0qdEJa2kYEX545TcvoRqCJMXLrfJo= Received: from CH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::32) by MN0PR12MB5929.namprd12.prod.outlook.com (2603:10b6:208:37c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.22; Fri, 18 Apr 2025 16:17:43 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::fd) by CH0P220CA0016.outlook.office365.com (2603:10b6:610:ef::32) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:42 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:39 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 14/16] x86/bugs: Restructure SSB mitigation Date: Fri, 18 Apr 2025 11:17:19 -0500 Message-ID: <20250418161721.1855190-15-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|MN0PR12MB5929:EE_ X-MS-Office365-Filtering-Correlation-Id: 7051c4da-cf86-4f7b-50df-08dd7e948c15 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|376014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?KJu3uqUUuI/9QLnkbyvVHPLj0SzMFn9gjQnzLJpmsmeO3BxIcJNdXt0dOZAu?= =?us-ascii?Q?lo7edFP6Kbn5FQ8I2iE/mmw7s3KUecaEwSmeznG3GvXqxJ3WgfkJUiQHDh04?= =?us-ascii?Q?goQs6wPHou7kPZUZyH6WtB0H0FVGJpuLxbMtbNFr6tYhaOmf4s/CeLz5bH3y?= =?us-ascii?Q?T/VCqdg4PNrIEyFyPvX2CgLZ576I9zz1HDbaWTaWLHrVL14dm3cYA83nmkoN?= =?us-ascii?Q?J95YD2YFvNStGiyGBZCY9u5vnCsSeTtofzxyr2ytbs+JfARe0RVNwLs4K0wf?= =?us-ascii?Q?5hbtz4iixosHAe74WKjRXlvW/+YoTynByAK2ou3Yo2bvULByGk/tSMkujAYC?= =?us-ascii?Q?UQohk3tFkWrulQP2NC/cia9Cm9eH5tlDHkAL187XesVVjpvQiwVDR4hMMGaW?= =?us-ascii?Q?px6C1urGADjW7sEK62QzU0QZxUExqSTEqxrl+YiT3u5sOwqQOzSMORdBcfm8?= =?us-ascii?Q?R8SautzaFCLJ3o6AsIp44NIWKs7/0z4VtZQdBDpx8F294uTMPh6FhUpPb6zW?= =?us-ascii?Q?BMsc9bny8mBnZ8PHcZRAUjAgKd+wAMHqavC0YG3wdKPNJJ1/8Be16otQanm5?= =?us-ascii?Q?OaCDoKcdeXzPwIxYaLq47/5WVW42SxGo6DzHhEV3+yFpGoI0FhC3zfF5rxM5?= =?us-ascii?Q?y/nF1ezTWUW91OMPgzII+68vnf9dYTHMvyrDCH2+P9+RgVyhoyIviTxVVI9A?= =?us-ascii?Q?bsHBdCZ9EZMBOqzw71UjGrLFmKTBOoQQVGIXw3i+txodQ0QB4Idz+bbkExEa?= =?us-ascii?Q?5MH6eHB7cmL8sP30yzzzhVHLD6yQu6QwvUg59EcRW9d//suCsqdhgXGs3xSH?= =?us-ascii?Q?4aBHuL2QCX5PrVaNhPFNc/MKDAdK0hK9hOPbsI7DhDzDkhhW5rCeddQI/8xf?= =?us-ascii?Q?uOUglFnU+hZtdlLvEAcnlCB8df5cyusJnGyHU/4aUQyPu1rvhns6ifDh49Rs?= =?us-ascii?Q?wSLmluAD6tMbjLIRHDC5Bu+DAgajGFWaDJg/QOujZ1kd2LqsDjCZW/aP950H?= =?us-ascii?Q?vuViuIWm0wXJ7uGWe+6LDUCwe55tkfUkMr170pvR4T6ONE8587tj5MfGsQsr?= =?us-ascii?Q?jI3CqA5qcoBxHid9fdj00+7Jn/T44/TYQXdYa9aBHw0QU8+N1Q57TVsS0gNQ?= =?us-ascii?Q?PDsLykmrujP2xJv9aSHLnJovafvHGbWRyJl59KW43XISgpL/KIMlcLSurWD4?= =?us-ascii?Q?QcGovygSIJeiKDcdADgGOtdGZfHSVxFskU1Eh0c+4etyIhpmCpJ2jGGhKS3J?= =?us-ascii?Q?22LxHbFnn9pGUfJpH8gt9DDQRrV2b1GXa1Gz77zcWZroGvMVNDf3S4AuhozF?= =?us-ascii?Q?jv37/i828N/DQV7wd9BGTHKhUdQKTbXPDu80J+p9JniHzWlZCF+mqW8kgnxo?= =?us-ascii?Q?Tdsf0C3ttRPReQt1j6//F79AvysYY3fSmJ+M8HQZSq4om/tvLiVGAYCd6aiL?= =?us-ascii?Q?2+fAPGJicjWfqO5rB1+9HHPKPMtgQPDp/smMLuLrV5oxvIrV2CXtOtUs9fEy?= =?us-ascii?Q?MDxUQ1bZnHy48/Hh93Wuyup20QC2b//qF/Ks?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:42.6111 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7051c4da-cf86-4f7b-50df-08dd7e948c15 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB5929 Content-Type: text/plain; charset="utf-8" Restructure SSB to use select/apply functions to create consistent vulnerability handling. Remove __ssb_select_mitigation() and split the functionality between the select/apply functions. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 8fe00fe987d5..e526d06171cd 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -65,6 +65,7 @@ static void __init spectre_v2_user_select_mitigation(void= ); static void __init spectre_v2_user_update_mitigation(void); static void __init spectre_v2_user_apply_mitigation(void); static void __init ssb_select_mitigation(void); +static void __init ssb_apply_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); static void __init mds_update_mitigation(void); @@ -241,6 +242,7 @@ void __init cpu_select_mitigations(void) spectre_v2_apply_mitigation(); retbleed_apply_mitigation(); spectre_v2_user_apply_mitigation(); + ssb_apply_mitigation(); mds_apply_mitigation(); taa_apply_mitigation(); mmio_apply_mitigation(); @@ -2224,19 +2226,18 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmd= line(void) return cmd; } =20 -static enum ssb_mitigation __init __ssb_select_mitigation(void) +static void ssb_select_mitigation(void) { - enum ssb_mitigation mode =3D SPEC_STORE_BYPASS_NONE; enum ssb_mitigation_cmd cmd; =20 if (!boot_cpu_has(X86_FEATURE_SSBD)) - return mode; + goto out; =20 cmd =3D ssb_parse_cmdline(); if (!boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS) && (cmd =3D=3D SPEC_STORE_BYPASS_CMD_NONE || cmd =3D=3D SPEC_STORE_BYPASS_CMD_AUTO)) - return mode; + return; =20 switch (cmd) { case SPEC_STORE_BYPASS_CMD_SECCOMP: @@ -2245,28 +2246,35 @@ static enum ssb_mitigation __init __ssb_select_miti= gation(void) * enabled. */ if (IS_ENABLED(CONFIG_SECCOMP)) - mode =3D SPEC_STORE_BYPASS_SECCOMP; + ssb_mode =3D SPEC_STORE_BYPASS_SECCOMP; else - mode =3D SPEC_STORE_BYPASS_PRCTL; + ssb_mode =3D SPEC_STORE_BYPASS_PRCTL; break; case SPEC_STORE_BYPASS_CMD_ON: - mode =3D SPEC_STORE_BYPASS_DISABLE; + ssb_mode =3D SPEC_STORE_BYPASS_DISABLE; break; case SPEC_STORE_BYPASS_CMD_AUTO: case SPEC_STORE_BYPASS_CMD_PRCTL: - mode =3D SPEC_STORE_BYPASS_PRCTL; + ssb_mode =3D SPEC_STORE_BYPASS_PRCTL; break; case SPEC_STORE_BYPASS_CMD_NONE: break; } =20 +out: + if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS)) + pr_info("%s\n", ssb_strings[ssb_mode]); +} + +static void __init ssb_apply_mitigation(void) +{ /* * We have three CPU feature flags that are in play here: * - X86_BUG_SPEC_STORE_BYPASS - CPU is susceptible. * - X86_FEATURE_SSBD - CPU is able to turn off speculative store bypass * - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation */ - if (mode =3D=3D SPEC_STORE_BYPASS_DISABLE) { + if (ssb_mode =3D=3D SPEC_STORE_BYPASS_DISABLE) { setup_force_cpu_cap(X86_FEATURE_SPEC_STORE_BYPASS_DISABLE); /* * Intel uses the SPEC CTRL MSR Bit(2) for this, while AMD may @@ -2280,16 +2288,6 @@ static enum ssb_mitigation __init __ssb_select_mitig= ation(void) update_spec_ctrl(x86_spec_ctrl_base); } } - - return mode; -} - -static void ssb_select_mitigation(void) -{ - ssb_mode =3D __ssb_select_mitigation(); - - if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS)) - pr_info("%s\n", ssb_strings[ssb_mode]); } =20 #undef pr_fmt --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2049.outbound.protection.outlook.com [40.107.94.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E08BA227B9F for ; Fri, 18 Apr 2025 16:17:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.49 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993069; cv=fail; b=OHnNntqRDYXtWmtgdYy6Q2gp92LlwEdUCxex1nPpbPU9rwHD4yKD8q63e8rANInFWD2YihC+oUtjsP36nLexv+KBnZ5DzQeSWULh4gP7cKBlzQZ8TeODk27lykQPT3o0CmOvdy3I/ScgtXvhLJWmImhmr1qTG0+Kj0MZds8YrbA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993069; c=relaxed/simple; bh=1EMTUJCQlg2JFmKioKYUBd1PIUgKF0XpX38xcVeWlWE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=gd+5f2JTtIrmkVcwN3CpNJOlB6FD+4PkpoyxQD8MSHRGgSu8BxT7lVMaQtEra56vbrfun4ZZaitnt11h65wuAoLBQLcBFhwSioRNlSxokuFRweOAORNoLU+i//rprmuW3/b0GhHDCwq44VcNhDRm3fF4KY3iOvYdBLdRkM6Tq14= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=gCzi6F1h; arc=fail smtp.client-ip=40.107.94.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="gCzi6F1h" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=O3huL/cGDWFUXMS0hs7ji8Sj2dr05QR3A3l8X+AINQo6+7zkOnREBzRcrwKaDStX+Ax2uvjPnuJ9fPKbQZMVGUrOaZM2M48KF2teb6NQKUGkmmWVB2yA+08ag3OIj31CrzRHQqW5VZeSHAiAhHQkufFQ8acH+MnNJphS33nUbg3KKSipP/CJIAXcC1Wl48+1cHfZjmiiqdXJG4CSyitk4QD5oouBdRsBAKIZKQ+pXkxzYalKrSH/QfvGrg6/6PWYTQ3khe2fH2TdWejAtiZrx3j7cOBQWFeWdrzaAqmFsxqIHY6feMft7aWc3IUnFs39YjuiEiPUFKnR1GGi1MuKiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=10yYG6gKaUANWGlxJ2IzT+O+5mV1AsInBsVtGWzwogU=; b=fKFSP17grcNkeN0+i86JDdTNO2OFyGXRbqne6stUe09E0rPfu62yfn1LvN21811b3ObTZFUDaVrpDlmdL8l0If1hwjpKV7d2Xch35PGmPVUL1UaL168StgjYWUXNUxoYHntcy4ntvIMCdVlZ6M6yEw7R2hCl03GmYEfclSDhxx1Rm4OQYKkxAjKnw+xfYGibBPRcMsCR4OWlEQZKeEmV6EnmOL1ksk7yNtzaI+YVomGkwpUU4UeVDaOyYhNFd61n1IId6No8G/CjEFTOIYXrohMpEETypKcR6/r+fJfUhtlinLSzq2WIHEcAoGoJfF+Dh44N5h+lUzXCn6qHJ7+41Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=10yYG6gKaUANWGlxJ2IzT+O+5mV1AsInBsVtGWzwogU=; b=gCzi6F1hnlOY/CQiFYvuIVXRH5nZpI3Q8hQx7HckEO/BqSiZKnoQZEFNmkORXOwaw4pTXOdOSVQULqmFKDQnbbDycBXTLqMjSGatNFDTHNRTWl59mePDizNhZvlCokbUNAU+N1RnYSVWxbdRlEwuoO/MioadV42c2gfNBnF7PUc= Received: from CH0P220CA0013.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::9) by IA1PR12MB7614.namprd12.prod.outlook.com (2603:10b6:208:429::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.43; Fri, 18 Apr 2025 16:17:43 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::8a) by CH0P220CA0013.outlook.office365.com (2603:10b6:610:ef::9) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:43 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:39 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 15/16] x86/bugs: Restructure L1TF mitigation Date: Fri, 18 Apr 2025 11:17:20 -0500 Message-ID: <20250418161721.1855190-16-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|IA1PR12MB7614:EE_ X-MS-Office365-Filtering-Correlation-Id: e57001c0-1d57-416a-7d2e-08dd7e948ca2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|36860700013|7416014|82310400026; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?QGvDEPCc8kPktOWDJiRVpkxKBaJkxsv7JfYWLHqjeoR7ttx+bhfAlDq9dE0V?= =?us-ascii?Q?LoF47eBbGhr6Vd6nvdoUyWVSdNvBHUNCZNefFdjCxnoeIZrQ6jlG/oSj0iyw?= =?us-ascii?Q?fHhuUY29wcoOcZRvcJyVUC8UGV+IWr74NyKM/RUF5j3iAg8JYYpMKQ6IzrvZ?= =?us-ascii?Q?QfWKEQGpLrxGbCZN/1du68f1FVX+XnwvWFs486aYhqAw/tSst6yIgWU0wdZd?= =?us-ascii?Q?Ch+jAhQmWtwTfLs4qgCiYRF8PolF3Pkke7MYDP3Ix+djayg9WnUx3v5tDIUz?= =?us-ascii?Q?8aav4l0+R63Xg0CFJR21KrJA13vw3qZiUxbKheA/PfCRWHnZfPmBzIhVd2OQ?= =?us-ascii?Q?xNgNw3GltzHBI0GR5QxarLg83lo7TwWw48Zj8VybGvw7o82CDKeDIX1aGNbK?= =?us-ascii?Q?AONUJ4QHBM0JcTds3Yd2QPaUnwFQ7XPNWImaNisZu0OgkZ2Zsv/E+Pb1ti+7?= =?us-ascii?Q?hmvMfd8IgPiIgl+RGl2wX84tbOEftBDDDfrRhWJzSfGJjNsKaaZU0Ze8GRE+?= =?us-ascii?Q?w0h9gW9fN6sl1cxqHGQ7jFrH3fhrjXkvpaAw3fz4WH9k5YJgptY34UrJ2HLo?= =?us-ascii?Q?PdoQQ1/x4x0FXtvG+d1fOn6UpKWR0ReIQmLi1WAZ/n27c26FdbCHaCwdWIkX?= =?us-ascii?Q?pYWBtDrHP4ptCP5594i1VADxRTcEq69I5zr/Ey6+aCSbVSXD9SGvWqNF4koD?= =?us-ascii?Q?a+AiChayA2ngPMwN4UrgRit5xAqu37+i9uc9rbAppaFd6NUgucf8EIuNWuQ4?= =?us-ascii?Q?dvliHdcXhevF18O7vBHxsN1yK4lBQNKV0yiBTzty/5Wh8XBQeZrD2bAyeAvv?= =?us-ascii?Q?Zg6sM+rtH6NiwPksC0GO1Yej6fl4nPbB62ZGnHFLVgNB00LbyxhkAL7mRY/2?= =?us-ascii?Q?MRlLBkUai/RVuMHt34X1SlOtQmpfUnOZpjMoV2iKxfk1sM3+xzYdM0sBqfgH?= =?us-ascii?Q?32L8HZbuQ0UI1xQ6Il9daNm7KytV3c65eyXzaEaUldzEMP4E3k0Eg+wpSGUd?= =?us-ascii?Q?YFCLB/ViPOt+CvZMEmKIY8+o1erefTl4ELztnpVd8hI+aFLDXD4tfwnaQk4b?= =?us-ascii?Q?B+K3H4Zf2AHmruJ2rlapnvB4vaJrsU7UDbKthS/x2pRYIvZKk92zacdrtV/p?= =?us-ascii?Q?vwuyRkkYbwTD6CjKLI9uwh3FK+9B4LlfkKokbbUeG5UeGG+DkI3r86+Sg+e0?= =?us-ascii?Q?n18Flu37uGPmNveENxt5NCTbOSdWPK+FyieFQoLrVZuKSgC8EiGCxfdtipsL?= =?us-ascii?Q?Kwcazp4pNiF/Ig6+txg04erEDKrX8CQHWsR6rUHBOUA7zPzZQ9PxpzRJI4WV?= =?us-ascii?Q?J+r/Yzlua6ByGKCnEfUgtspR9KpbMVs4nFiWUEvP+aoT6r77WwrbHB/ol2MD?= =?us-ascii?Q?rpKem2xytfeDUdd4G3IkZlb0185pnIul9RAntTOwBP1mXVJhGb7MCIfTFVXL?= =?us-ascii?Q?j3gbPmgq+YilnllPB6vaxGYoVug9Bdep68xMwheb1GFGoxdUCYAf1TYfS0y1?= =?us-ascii?Q?znv6sdHihsOZWE6vbMKBjPhMLHMmhBKEjQGn?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(36860700013)(7416014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:43.5364 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e57001c0-1d57-416a-7d2e-08dd7e948ca2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB7614 Content-Type: text/plain; charset="utf-8" Restructure L1TF to use select/apply functions to create consistent vulnerability handling. Define new AUTO mitigation for L1TF. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/include/asm/processor.h | 1 + arch/x86/kernel/cpu/bugs.c | 25 +++++++++++++++++++------ arch/x86/kvm/vmx/vmx.c | 2 ++ 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/proces= sor.h index eaa7214d6953..62705783ca3c 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -735,6 +735,7 @@ void store_cpu_caps(struct cpuinfo_x86 *info); =20 enum l1tf_mitigations { L1TF_MITIGATION_OFF, + L1TF_MITIGATION_AUTO, L1TF_MITIGATION_FLUSH_NOWARN, L1TF_MITIGATION_FLUSH, L1TF_MITIGATION_FLUSH_NOSMT, diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index e526d06171cd..5f718537ba70 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -67,6 +67,7 @@ static void __init spectre_v2_user_apply_mitigation(void); static void __init ssb_select_mitigation(void); static void __init ssb_apply_mitigation(void); static void __init l1tf_select_mitigation(void); +static void __init l1tf_apply_mitigation(void); static void __init mds_select_mitigation(void); static void __init mds_update_mitigation(void); static void __init mds_apply_mitigation(void); @@ -243,6 +244,7 @@ void __init cpu_select_mitigations(void) retbleed_apply_mitigation(); spectre_v2_user_apply_mitigation(); ssb_apply_mitigation(); + l1tf_apply_mitigation(); mds_apply_mitigation(); taa_apply_mitigation(); mmio_apply_mitigation(); @@ -2543,7 +2545,7 @@ EXPORT_SYMBOL_GPL(itlb_multihit_kvm_mitigation); =20 /* Default mitigation for L1TF-affected CPUs */ enum l1tf_mitigations l1tf_mitigation __ro_after_init =3D - IS_ENABLED(CONFIG_MITIGATION_L1TF) ? L1TF_MITIGATION_FLUSH : L1TF_MITIGAT= ION_OFF; + IS_ENABLED(CONFIG_MITIGATION_L1TF) ? L1TF_MITIGATION_AUTO : L1TF_MITIGATI= ON_OFF; #if IS_ENABLED(CONFIG_KVM_INTEL) EXPORT_SYMBOL_GPL(l1tf_mitigation); #endif @@ -2590,23 +2592,34 @@ static void override_cache_bits(struct cpuinfo_x86 = *c) } =20 static void __init l1tf_select_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_L1TF) || cpu_mitigations_off()) { + l1tf_mitigation =3D L1TF_MITIGATION_OFF; + return; + } + + if (l1tf_mitigation =3D=3D L1TF_MITIGATION_AUTO) { + if (cpu_mitigations_auto_nosmt()) + l1tf_mitigation =3D L1TF_MITIGATION_FLUSH_NOSMT; + else + l1tf_mitigation =3D L1TF_MITIGATION_FLUSH; + } +} + +static void __init l1tf_apply_mitigation(void) { u64 half_pa; =20 if (!boot_cpu_has_bug(X86_BUG_L1TF)) return; =20 - if (cpu_mitigations_off()) - l1tf_mitigation =3D L1TF_MITIGATION_OFF; - else if (cpu_mitigations_auto_nosmt()) - l1tf_mitigation =3D L1TF_MITIGATION_FLUSH_NOSMT; - override_cache_bits(&boot_cpu_data); =20 switch (l1tf_mitigation) { case L1TF_MITIGATION_OFF: case L1TF_MITIGATION_FLUSH_NOWARN: case L1TF_MITIGATION_FLUSH: + case L1TF_MITIGATION_AUTO: break; case L1TF_MITIGATION_FLUSH_NOSMT: case L1TF_MITIGATION_FULL: diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 1547bfacd40f..1b2a783f9ad9 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -273,6 +273,7 @@ static int vmx_setup_l1d_flush(enum vmx_l1d_flush_state= l1tf) case L1TF_MITIGATION_OFF: l1tf =3D VMENTER_L1D_FLUSH_NEVER; break; + case L1TF_MITIGATION_AUTO: case L1TF_MITIGATION_FLUSH_NOWARN: case L1TF_MITIGATION_FLUSH: case L1TF_MITIGATION_FLUSH_NOSMT: @@ -7704,6 +7705,7 @@ int vmx_vm_init(struct kvm *kvm) case L1TF_MITIGATION_FLUSH_NOWARN: /* 'I explicitly don't care' is set */ break; + case L1TF_MITIGATION_AUTO: case L1TF_MITIGATION_FLUSH: case L1TF_MITIGATION_FLUSH_NOSMT: case L1TF_MITIGATION_FULL: --=20 2.34.1 From nobody Sun Dec 14 12:10:41 2025 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2046.outbound.protection.outlook.com [40.107.93.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 427F422A4E6 for ; Fri, 18 Apr 2025 16:17:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.46 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993071; cv=fail; b=NNKP9VkGu61eeu1EyJ8Bl7g0/qobyKaRghnid7/MkFQe/qLJ4BkOpYNoYDG6Bj8DPncLLA3KV6Poz9G3mAoVaIyg6c+s9z+PBoUTlqzXfOqRGPkrukxdzBht/Q6NlnQSpUkzM8fOOXrQjHGrMlEztBYtvL0aMAA+w+GJ0zINAac= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744993071; c=relaxed/simple; bh=DQvOfo8t7TDenDPkFIcVdzXEPG3STtAPnjGvsrkfcp8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=M9o9/gcrqrtGBOUNwERHKxLIs/Cig1rsv54boE59IDe+muaQkuZg8sjEMqDPqkS1UiVWTZUtnX/Bf9/mJTcRyxydcIPriru9u+OBoOq13MkpXF51k1/2qIeuA4TTa696BGjdl5e4WX+AMyCqYfvGI3sQ18XnqG3Vi5lHosJY+Ao= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=rnQpJ84i; arc=fail smtp.client-ip=40.107.93.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="rnQpJ84i" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=GgB2Mr/rEmJnYEzPn7XYIOdRlzgKCJK6oCW74i0SYc04lqDGvpNUqRdWXYmBXzJSyEoNpykn6LFb5Ug+TzWOTPWBHw642KClhGeXEP5Vo+47hyvtx9Hzr1p4qp0YYaMfbrJ38VEFvwfLcRzzlKljhze4V7VeW7NqizkJonoCHaQNa7necqhth45lK7oCd04Wc4MXWE4u3Wp6UFby0afquYKZmUX7gW9nMy8bJY0MgVsnP3s0V3xchXDThhNLY2sO8g8fSnOrR24dBKnPz9alZBRKIzA+YiO8KaAAIk20L6+cHl7J8KBqNH4RxuDZ9HMLY59VIzfYxoVwaqcAZFhlJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=a1HN7Y5qtZzRBQ83vfYgRP67JShEHlYvn+lR4IhYG2s=; b=x+jqnMIAl2A+Pg5Y2ITqaKaSTCvBV1DUdnZOPZ+3vIbXAMoimA/hVfoUSlpemY6Oh+/3Ov4WUkVIttaNTd5I1m9DAzpL03V3GRinyBlcbY2LDRp+zqwB+z7DReeQNdG37oXlmXepuawRtl+zPzxJ46xOpXNP8lET4lhS/vgwb8jXRfSMZ0V2TLkzZ1VfA0NhytHJBLCoCg1pQxeRxzN8szaA5irpwQMHBvU8rpMCOeIuTDQ8GvvjOMkck2NpAbgjYBF/0ZErRR974v+qD9a5zukvsGMU3APFBqG2wbDNbOetiqLKK7hiJxeHUV7wua6QIB/AagCo690EUZc9t4kcAQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linutronix.de smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a1HN7Y5qtZzRBQ83vfYgRP67JShEHlYvn+lR4IhYG2s=; b=rnQpJ84iY5PNTQ3Gwx5JAsDbWK4iHay+q2nrf0r1VcY0SapzE1LF7rcGMUnxjaIaYNUiYy/PK8qQmWClsQoWxsAWLVDgAXsHnTGBAHJV3EeAKvWC9U414wP8eUNbVO38YOFvzWt/vqkhdjZQqNiA5cb5Wti+RqwhssRFo6zWZA4= Received: from CH0P220CA0001.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::19) by DM3PR12MB9434.namprd12.prod.outlook.com (2603:10b6:0:4b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.35; Fri, 18 Apr 2025 16:17:45 +0000 Received: from DS2PEPF0000343E.namprd02.prod.outlook.com (2603:10b6:610:ef:cafe::dd) by CH0P220CA0001.outlook.office365.com (2603:10b6:610:ef::19) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.23 via Frontend Transport; Fri, 18 Apr 2025 16:17:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343E.mail.protection.outlook.com (10.167.18.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Fri, 18 Apr 2025 16:17:45 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 18 Apr 2025 11:17:40 -0500 From: David Kaplan To: Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta , Ingo Molnar , Dave Hansen , , "H . Peter Anvin" CC: Subject: [PATCH v5 16/16] x86/bugs: Restructure SRSO mitigation Date: Fri, 18 Apr 2025 11:17:21 -0500 Message-ID: <20250418161721.1855190-17-david.kaplan@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250418161721.1855190-1-david.kaplan@amd.com> References: <20250418161721.1855190-1-david.kaplan@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343E:EE_|DM3PR12MB9434:EE_ X-MS-Office365-Filtering-Correlation-Id: 70e79413-2245-473c-8dfa-08dd7e948d86 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|1800799024|376014|7416014|82310400026; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?VsalWUfc2TYmQO2uqEATSMkMIepaLU12pltEkRSNWQLUnQi/2zVbhzYpnUXg?= =?us-ascii?Q?+IpVChX5RDkQFtOYue6Lr4ltjodDOnBmTeIaiEin0RD6g+WI4Z146PDXymui?= =?us-ascii?Q?RxOuysw5dogAGEb/EwVZ93InK9dYIK7RY+w/4g5hb6QSexxxPLkNg/nIxwpP?= =?us-ascii?Q?Nn8+U0pKhni579oB/ZRGdaBLULU3a8LfLEMNxwZ0BVNuBHW+pHjIYr7BdIF2?= =?us-ascii?Q?Qpwar3f6naI6MSvdKTMp/a8OldU0YjXoCm1YwEdMUyVlwhS3qnmyI4zL/4tG?= =?us-ascii?Q?uDhK5dSn554Wxlb/fgueBPe396uFGaJ9XRgM/YIcM4ZxacFoqakfgdERa+Xy?= =?us-ascii?Q?GoLnldprmjk8NR6Dx17CJ+WIXUXivL1wAIGEPdhJYTt79AJM4TDEoYmhC0Ug?= =?us-ascii?Q?6PalTTk9uZBIvHJcyfukkqRnlz4AESOk2hFbsDcSE7x9oj93T21zb+erQ+Mr?= =?us-ascii?Q?Jav4+OQjkUIpijqTLyOEEBfuj0lU5WfCFQnO1KSOgh+Gung1pA1+VmKXFNI4?= =?us-ascii?Q?YZV7lCsHPAqQMN4o0jxhq49nM32xpGZNPV8vVoHrcg09nbPymn66xhn6DfIq?= =?us-ascii?Q?PllCyWPMPLTwzZt6dlJZW+Dz8h2CoQx/gLW4H2pbRqfEnVyBflyG423AYuoW?= =?us-ascii?Q?SrPA3z9b0vnCMVADF9zAYKLN5t6ZRCvDA/ROQDt0NIkOt8RDmYbCzhYY2cml?= =?us-ascii?Q?Oxq07Ds8ye3gVJW7+kMv5Hjty+zI1c4hk0x5nUbnvaGi77ZKPVsHjibHCEs0?= =?us-ascii?Q?nsY2OOBcElZiHcB2pARR71mGJfaK8LAaIZi5PPj9wG7L+QOPiCIna9j3x4Lj?= =?us-ascii?Q?XSuTlTkBS97NILyt60McIC7AORf5Fo03YNelKMrqq0DkT2yoMF4XWkOvk33I?= =?us-ascii?Q?hZNaMqrdxR6dQBunpy+3XyJTu3GEA28tvNWggfMFE+06EWD5K1GPcjxP6Bfr?= =?us-ascii?Q?k4E1dEGANNiZKehePHCc9Eq5sZNzBf0MaxkxMj05OSltVSbjqLU43iHb7EWd?= =?us-ascii?Q?l6DSu1zSDOhFA1EHAomDHo5QOpSTt3hx2LcLnIYW92l4Aw94jqxXorfaSHE/?= =?us-ascii?Q?ClevEwH7DGKgJx+CaMwvyHQ+0/M9QryUno/ZAm3hrSa1HCUWu8gEk98UiwmS?= =?us-ascii?Q?20Oclg9MQHjg9XWXTmkby9YnGEkA0cyOAKZk2CkSPmIOXHndbfN5n/1X8UC8?= =?us-ascii?Q?xUHzQD6rTAfMl/x/gLG5xRg8rXtVMX9d1yO1CkYKLtwPL6clpkz2BMjR2vnu?= =?us-ascii?Q?+auZEA/l7NvzsfpbfguoDa0M/AsyT60kCplGgQKT5pm9jkbyj9cX6blrDqvV?= =?us-ascii?Q?LTlXXx5H66N6tzKB0jvF87AIycu3ErVnGMFR8OJl66snamWWDn41QVTFhCeH?= =?us-ascii?Q?WYLepiir1XbDuSk+oepqHTMwvEvb6u2UxiEnPTDyG65Ve5sex91XfbScXpco?= =?us-ascii?Q?d86dX11TDHEE50c9MXJ3c95c0ZOzYCiMRMVZIkfRHAwly7tTAi43j57fW4+4?= =?us-ascii?Q?ednEbCYO6SXIn3+QdAPLgE67wIaLc7LHFpxv?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(376014)(7416014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2025 16:17:45.0299 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 70e79413-2245-473c-8dfa-08dd7e948d86 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3PR12MB9434 Content-Type: text/plain; charset="utf-8" Restructure SRSO to use select/update/apply functions to create consistent vulnerability handling. Like with retbleed, the command line options directly select mitigations which can later be modified. Signed-off-by: David Kaplan Reviewed-by: Josh Poimboeuf --- arch/x86/kernel/cpu/bugs.c | 212 +++++++++++++++++-------------------- 1 file changed, 99 insertions(+), 113 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 5f718537ba70..85d27ba2c83c 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -84,6 +84,8 @@ static void __init srbds_select_mitigation(void); static void __init srbds_apply_mitigation(void); static void __init l1d_flush_select_mitigation(void); static void __init srso_select_mitigation(void); +static void __init srso_update_mitigation(void); +static void __init srso_apply_mitigation(void); static void __init gds_select_mitigation(void); static void __init gds_apply_mitigation(void); static void __init bhi_select_mitigation(void); @@ -208,11 +210,6 @@ void __init cpu_select_mitigations(void) rfds_select_mitigation(); srbds_select_mitigation(); l1d_flush_select_mitigation(); - - /* - * srso_select_mitigation() depends and must run after - * retbleed_select_mitigation(). - */ srso_select_mitigation(); gds_select_mitigation(); bhi_select_mitigation(); @@ -238,6 +235,8 @@ void __init cpu_select_mitigations(void) mmio_update_mitigation(); rfds_update_mitigation(); bhi_update_mitigation(); + /* srso_update_mitigation() depends on retbleed_update_mitigation(). */ + srso_update_mitigation(); =20 spectre_v1_apply_mitigation(); spectre_v2_apply_mitigation(); @@ -250,6 +249,7 @@ void __init cpu_select_mitigations(void) mmio_apply_mitigation(); rfds_apply_mitigation(); srbds_apply_mitigation(); + srso_apply_mitigation(); gds_apply_mitigation(); bhi_apply_mitigation(); } @@ -2679,6 +2679,7 @@ early_param("l1tf", l1tf_cmdline); =20 enum srso_mitigation { SRSO_MITIGATION_NONE, + SRSO_MITIGATION_AUTO, SRSO_MITIGATION_UCODE_NEEDED, SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED, SRSO_MITIGATION_MICROCODE, @@ -2688,14 +2689,6 @@ enum srso_mitigation { SRSO_MITIGATION_BP_SPEC_REDUCE, }; =20 -enum srso_mitigation_cmd { - SRSO_CMD_OFF, - SRSO_CMD_MICROCODE, - SRSO_CMD_SAFE_RET, - SRSO_CMD_IBPB, - SRSO_CMD_IBPB_ON_VMEXIT, -}; - static const char * const srso_strings[] =3D { [SRSO_MITIGATION_NONE] =3D "Vulnerable", [SRSO_MITIGATION_UCODE_NEEDED] =3D "Vulnerable: No microcode", @@ -2707,8 +2700,7 @@ static const char * const srso_strings[] =3D { [SRSO_MITIGATION_BP_SPEC_REDUCE] =3D "Mitigation: Reduced Speculation" }; =20 -static enum srso_mitigation srso_mitigation __ro_after_init =3D SRSO_MITIG= ATION_NONE; -static enum srso_mitigation_cmd srso_cmd __ro_after_init =3D SRSO_CMD_SAFE= _RET; +static enum srso_mitigation srso_mitigation __ro_after_init =3D SRSO_MITIG= ATION_AUTO; =20 static int __init srso_parse_cmdline(char *str) { @@ -2716,15 +2708,15 @@ static int __init srso_parse_cmdline(char *str) return -EINVAL; =20 if (!strcmp(str, "off")) - srso_cmd =3D SRSO_CMD_OFF; + srso_mitigation =3D SRSO_MITIGATION_NONE; else if (!strcmp(str, "microcode")) - srso_cmd =3D SRSO_CMD_MICROCODE; + srso_mitigation =3D SRSO_MITIGATION_MICROCODE; else if (!strcmp(str, "safe-ret")) - srso_cmd =3D SRSO_CMD_SAFE_RET; + srso_mitigation =3D SRSO_MITIGATION_SAFE_RET; else if (!strcmp(str, "ibpb")) - srso_cmd =3D SRSO_CMD_IBPB; + srso_mitigation =3D SRSO_MITIGATION_IBPB; else if (!strcmp(str, "ibpb-vmexit")) - srso_cmd =3D SRSO_CMD_IBPB_ON_VMEXIT; + srso_mitigation =3D SRSO_MITIGATION_IBPB_ON_VMEXIT; else pr_err("Ignoring unknown SRSO option (%s).", str); =20 @@ -2738,130 +2730,80 @@ static void __init srso_select_mitigation(void) { bool has_microcode =3D boot_cpu_has(X86_FEATURE_IBPB_BRTYPE); =20 - if (!boot_cpu_has_bug(X86_BUG_SRSO) || - cpu_mitigations_off() || - srso_cmd =3D=3D SRSO_CMD_OFF) { - if (boot_cpu_has(X86_FEATURE_SBPB)) - x86_pred_cmd =3D PRED_CMD_SBPB; - goto out; - } + if (!boot_cpu_has_bug(X86_BUG_SRSO) || cpu_mitigations_off()) + srso_mitigation =3D SRSO_MITIGATION_NONE; + + if (srso_mitigation =3D=3D SRSO_MITIGATION_NONE) + return; + + if (srso_mitigation =3D=3D SRSO_MITIGATION_AUTO) + srso_mitigation =3D SRSO_MITIGATION_SAFE_RET; =20 if (has_microcode) { /* * Zen1/2 with SMT off aren't vulnerable after the right * IBPB microcode has been applied. - * - * Zen1/2 don't have SBPB, no need to try to enable it here. */ if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) { setup_force_cpu_cap(X86_FEATURE_SRSO_NO); - goto out; - } - - if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_IBPB) { - srso_mitigation =3D SRSO_MITIGATION_IBPB; - goto out; + srso_mitigation =3D SRSO_MITIGATION_NONE; + return; } } else { pr_warn("IBPB-extending microcode not applied!\n"); pr_warn(SRSO_NOTICE); - - /* may be overwritten by SRSO_CMD_SAFE_RET below */ - srso_mitigation =3D SRSO_MITIGATION_UCODE_NEEDED; } =20 - switch (srso_cmd) { - case SRSO_CMD_MICROCODE: - if (has_microcode) { - srso_mitigation =3D SRSO_MITIGATION_MICROCODE; - pr_warn(SRSO_NOTICE); - } - break; - - case SRSO_CMD_SAFE_RET: - if (boot_cpu_has(X86_FEATURE_SRSO_USER_KERNEL_NO)) + switch (srso_mitigation) { + case SRSO_MITIGATION_SAFE_RET: + if (boot_cpu_has(X86_FEATURE_SRSO_USER_KERNEL_NO)) { + srso_mitigation =3D SRSO_MITIGATION_IBPB_ON_VMEXIT; goto ibpb_on_vmexit; + } =20 - if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) { - /* - * Enable the return thunk for generated code - * like ftrace, static_call, etc. - */ - setup_force_cpu_cap(X86_FEATURE_RETHUNK); - setup_force_cpu_cap(X86_FEATURE_UNRET); - - if (boot_cpu_data.x86 =3D=3D 0x19) { - setup_force_cpu_cap(X86_FEATURE_SRSO_ALIAS); - x86_return_thunk =3D srso_alias_return_thunk; - } else { - setup_force_cpu_cap(X86_FEATURE_SRSO); - x86_return_thunk =3D srso_return_thunk; - } - if (has_microcode) - srso_mitigation =3D SRSO_MITIGATION_SAFE_RET; - else - srso_mitigation =3D SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED; - } else { + if (!IS_ENABLED(CONFIG_MITIGATION_SRSO)) { pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n"); + srso_mitigation =3D SRSO_MITIGATION_NONE; } - break; =20 - case SRSO_CMD_IBPB: - if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { - if (has_microcode) { - setup_force_cpu_cap(X86_FEATURE_ENTRY_IBPB); - setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); - srso_mitigation =3D SRSO_MITIGATION_IBPB; - - /* - * IBPB on entry already obviates the need for - * software-based untraining so clear those in case some - * other mitigation like Retbleed has selected them. - */ - setup_clear_cpu_cap(X86_FEATURE_UNRET); - setup_clear_cpu_cap(X86_FEATURE_RETHUNK); - - /* - * There is no need for RSB filling: write_ibpb() ensures - * all predictions, including the RSB, are invalidated, - * regardless of IBPB implementation. - */ - setup_clear_cpu_cap(X86_FEATURE_RSB_VMEXIT); - } - } else { - pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); - } + if (!has_microcode) + srso_mitigation =3D SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED; break; - ibpb_on_vmexit: - case SRSO_CMD_IBPB_ON_VMEXIT: + case SRSO_MITIGATION_IBPB_ON_VMEXIT: if (boot_cpu_has(X86_FEATURE_SRSO_BP_SPEC_REDUCE)) { pr_notice("Reducing speculation to address VM/HV SRSO attack vector.\n"= ); srso_mitigation =3D SRSO_MITIGATION_BP_SPEC_REDUCE; break; } - - if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { - if (has_microcode) { - setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); - srso_mitigation =3D SRSO_MITIGATION_IBPB_ON_VMEXIT; - - /* - * There is no need for RSB filling: write_ibpb() ensures - * all predictions, including the RSB, are invalidated, - * regardless of IBPB implementation. - */ - setup_clear_cpu_cap(X86_FEATURE_RSB_VMEXIT); - } - } else { + fallthrough; + case SRSO_MITIGATION_IBPB: + if (!IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); + srso_mitigation =3D SRSO_MITIGATION_NONE; } + + if (!has_microcode) + srso_mitigation =3D SRSO_MITIGATION_UCODE_NEEDED; break; default: break; } +} =20 -out: +static void __init srso_update_mitigation(void) +{ + /* If retbleed is using IBPB, that works for SRSO as well */ + if (retbleed_mitigation =3D=3D RETBLEED_MITIGATION_IBPB && + boot_cpu_has(X86_FEATURE_IBPB_BRTYPE)) + srso_mitigation =3D SRSO_MITIGATION_IBPB; + + if (boot_cpu_has_bug(X86_BUG_SRSO) && !cpu_mitigations_off()) + pr_info("%s\n", srso_strings[srso_mitigation]); +} + +static void __init srso_apply_mitigation(void) +{ /* * Clear the feature flag if this mitigation is not selected as that * feature flag controls the BpSpecReduce MSR bit toggling in KVM. @@ -2869,8 +2811,52 @@ static void __init srso_select_mitigation(void) if (srso_mitigation !=3D SRSO_MITIGATION_BP_SPEC_REDUCE) setup_clear_cpu_cap(X86_FEATURE_SRSO_BP_SPEC_REDUCE); =20 - if (srso_mitigation !=3D SRSO_MITIGATION_NONE) - pr_info("%s\n", srso_strings[srso_mitigation]); + if (srso_mitigation =3D=3D SRSO_MITIGATION_NONE) { + if (boot_cpu_has(X86_FEATURE_SBPB)) + x86_pred_cmd =3D PRED_CMD_SBPB; + return; + } + + switch (srso_mitigation) { + case SRSO_MITIGATION_SAFE_RET: + case SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED: + /* + * Enable the return thunk for generated code + * like ftrace, static_call, etc. + */ + setup_force_cpu_cap(X86_FEATURE_RETHUNK); + setup_force_cpu_cap(X86_FEATURE_UNRET); + + if (boot_cpu_data.x86 =3D=3D 0x19) { + setup_force_cpu_cap(X86_FEATURE_SRSO_ALIAS); + x86_return_thunk =3D srso_alias_return_thunk; + } else { + setup_force_cpu_cap(X86_FEATURE_SRSO); + x86_return_thunk =3D srso_return_thunk; + } + break; + case SRSO_MITIGATION_IBPB: + setup_force_cpu_cap(X86_FEATURE_ENTRY_IBPB); + /* + * IBPB on entry already obviates the need for + * software-based untraining so clear those in case some + * other mitigation like Retbleed has selected them. + */ + setup_clear_cpu_cap(X86_FEATURE_UNRET); + setup_clear_cpu_cap(X86_FEATURE_RETHUNK); + fallthrough; + case SRSO_MITIGATION_IBPB_ON_VMEXIT: + setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); + /* + * There is no need for RSB filling: entry_ibpb() ensures + * all predictions, including the RSB, are invalidated, + * regardless of IBPB implementation. + */ + setup_clear_cpu_cap(X86_FEATURE_RSB_VMEXIT); + break; + default: + break; + } } =20 #undef pr_fmt --=20 2.34.1