1. Patchew
  2. linux
  3. [PATCH 0/3] x86/bugs: Cleanup parameter parsing
  4. View patch

[PATCH 1/3] x86/bugs: Use early_param for spectre_v2_user

David Kaplan posted 3 patches 1 month, 3 weeks ago
[PATCH 1/3] x86/bugs: Use early_param for spectre_v2_user
Posted by David Kaplan 1 month, 3 weeks ago 
Most of the mitigations in bugs.c use early_param to parse their command
line options.  Modify spectre_v2_user to use early_param for consistency.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
---
 arch/x86/kernel/cpu/bugs.c | 62 ++++++++++++++++++--------------------
 1 file changed, 30 insertions(+), 32 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index b74bf937cd9f..6bfe199b9f3e 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1829,7 +1829,7 @@ enum spectre_v2_mitigation_cmd {
 
 static enum spectre_v2_mitigation_cmd spectre_v2_cmd __ro_after_init = SPECTRE_V2_CMD_AUTO;
 
-enum spectre_v2_user_cmd {
+enum spectre_v2_user_mitigation_cmd {
 	SPECTRE_V2_USER_CMD_NONE,
 	SPECTRE_V2_USER_CMD_AUTO,
 	SPECTRE_V2_USER_CMD_FORCE,
@@ -1839,6 +1839,9 @@ enum spectre_v2_user_cmd {
 	SPECTRE_V2_USER_CMD_SECCOMP_IBPB,
 };
 
+static enum spectre_v2_user_mitigation_cmd spectre_v2_user_cmd __ro_after_init =
+	SPECTRE_V2_USER_CMD_AUTO;
+
 static const char * const spectre_v2_user_strings[] = {
 	[SPECTRE_V2_USER_NONE]			= "User space: Vulnerable",
 	[SPECTRE_V2_USER_STRICT]		= "User space: Mitigation: STIBP protection",
@@ -1847,50 +1850,45 @@ static const char * const spectre_v2_user_strings[] = {
 	[SPECTRE_V2_USER_SECCOMP]		= "User space: Mitigation: STIBP via seccomp and prctl",
 };
 
-static const struct {
-	const char			*option;
-	enum spectre_v2_user_cmd	cmd;
-	bool				secure;
-} v2_user_options[] __initconst = {
-	{ "auto",		SPECTRE_V2_USER_CMD_AUTO,		false },
-	{ "off",		SPECTRE_V2_USER_CMD_NONE,		false },
-	{ "on",			SPECTRE_V2_USER_CMD_FORCE,		true  },
-	{ "prctl",		SPECTRE_V2_USER_CMD_PRCTL,		false },
-	{ "prctl,ibpb",		SPECTRE_V2_USER_CMD_PRCTL_IBPB,		false },
-	{ "seccomp",		SPECTRE_V2_USER_CMD_SECCOMP,		false },
-	{ "seccomp,ibpb",	SPECTRE_V2_USER_CMD_SECCOMP_IBPB,	false },
-};
-
 static void __init spec_v2_user_print_cond(const char *reason, bool secure)
 {
 	if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2) != secure)
 		pr_info("spectre_v2_user=%s forced on command line.\n", reason);
 }
 
-static enum spectre_v2_user_cmd __init spectre_v2_parse_user_cmdline(void)
+static int __init spectre_v2_parse_user_cmdline(char *str)
 {
-	char arg[20];
-	int ret, i;
+	if (!str)
+		return -EINVAL;
 
 	if (!IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2))
 		return SPECTRE_V2_USER_CMD_NONE;
 
-	ret = cmdline_find_option(boot_command_line, "spectre_v2_user",
-				  arg, sizeof(arg));
-	if (ret < 0)
-		return SPECTRE_V2_USER_CMD_AUTO;
+	if (!strcmp(str, "auto"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_AUTO;
+	else if (!strcmp(str, "off"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_NONE;
+	else if (!strcmp(str, "on"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_FORCE;
+	else if (!strcmp(str, "prctl"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL;
+	else if (!strcmp(str, "prctl,ibpb"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL_IBPB;
+	else if (!strcmp(str, "seccomp"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP;
+	else if (!strcmp(str, "seccomp,ibpb"))
+		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP_IBPB;
+	else
+		pr_err("Ignoring unknown spectre_v2_user option (%s).", str);
 
-	for (i = 0; i < ARRAY_SIZE(v2_user_options); i++) {
-		if (match_option(arg, ret, v2_user_options[i].option)) {
-			spec_v2_user_print_cond(v2_user_options[i].option,
-						v2_user_options[i].secure);
-			return v2_user_options[i].cmd;
-		}
-	}
+	if (spectre_v2_user_cmd == SPECTRE_V2_USER_CMD_FORCE)
+		spec_v2_user_print_cond(str, true);
+	else
+		spec_v2_user_print_cond(str, false);
 
-	pr_err("Unknown user space protection option (%s). Switching to default\n", arg);
-	return SPECTRE_V2_USER_CMD_AUTO;
+	return 0;
 }
+early_param("spectre_v2_user", spectre_v2_parse_user_cmdline);
 
 static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode)
 {
@@ -1902,7 +1900,7 @@ static void __init spectre_v2_user_select_mitigation(void)
 	if (!boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_STIBP))
 		return;
 
-	switch (spectre_v2_parse_user_cmdline()) {
+	switch (spectre_v2_user_cmd) {
 	case SPECTRE_V2_USER_CMD_NONE:
 		return;
 	case SPECTRE_V2_USER_CMD_FORCE:
-- 
2.34.1
Re: [PATCH 1/3] x86/bugs: Use early_param for spectre_v2_user
Posted by Pawan Gupta 1 month, 3 weeks ago 
On Mon, Aug 11, 2025 at 09:26:57AM -0500, David Kaplan wrote:
> Most of the mitigations in bugs.c use early_param to parse their command
> line options.  Modify spectre_v2_user to use early_param for consistency.
> 
> Signed-off-by: David Kaplan <david.kaplan@amd.com>
> ---
>  arch/x86/kernel/cpu/bugs.c | 62 ++++++++++++++++++--------------------
>  1 file changed, 30 insertions(+), 32 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index b74bf937cd9f..6bfe199b9f3e 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -1829,7 +1829,7 @@ enum spectre_v2_mitigation_cmd {
>  
>  static enum spectre_v2_mitigation_cmd spectre_v2_cmd __ro_after_init = SPECTRE_V2_CMD_AUTO;
>  
> -enum spectre_v2_user_cmd {
> +enum spectre_v2_user_mitigation_cmd {
>  	SPECTRE_V2_USER_CMD_NONE,
>  	SPECTRE_V2_USER_CMD_AUTO,
>  	SPECTRE_V2_USER_CMD_FORCE,
> @@ -1839,6 +1839,9 @@ enum spectre_v2_user_cmd {
>  	SPECTRE_V2_USER_CMD_SECCOMP_IBPB,
>  };
>  
> +static enum spectre_v2_user_mitigation_cmd spectre_v2_user_cmd __ro_after_init =
> +	SPECTRE_V2_USER_CMD_AUTO;
> +
>  static const char * const spectre_v2_user_strings[] = {
>  	[SPECTRE_V2_USER_NONE]			= "User space: Vulnerable",
>  	[SPECTRE_V2_USER_STRICT]		= "User space: Mitigation: STIBP protection",
> @@ -1847,50 +1850,45 @@ static const char * const spectre_v2_user_strings[] = {
>  	[SPECTRE_V2_USER_SECCOMP]		= "User space: Mitigation: STIBP via seccomp and prctl",
>  };
>  
> -static const struct {
> -	const char			*option;
> -	enum spectre_v2_user_cmd	cmd;
> -	bool				secure;
> -} v2_user_options[] __initconst = {
> -	{ "auto",		SPECTRE_V2_USER_CMD_AUTO,		false },
> -	{ "off",		SPECTRE_V2_USER_CMD_NONE,		false },
> -	{ "on",			SPECTRE_V2_USER_CMD_FORCE,		true  },
> -	{ "prctl",		SPECTRE_V2_USER_CMD_PRCTL,		false },
> -	{ "prctl,ibpb",		SPECTRE_V2_USER_CMD_PRCTL_IBPB,		false },
> -	{ "seccomp",		SPECTRE_V2_USER_CMD_SECCOMP,		false },
> -	{ "seccomp,ibpb",	SPECTRE_V2_USER_CMD_SECCOMP_IBPB,	false },
> -};
> -
>  static void __init spec_v2_user_print_cond(const char *reason, bool secure)
>  {
>  	if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2) != secure)
>  		pr_info("spectre_v2_user=%s forced on command line.\n", reason);
>  }
>  
> -static enum spectre_v2_user_cmd __init spectre_v2_parse_user_cmdline(void)
> +static int __init spectre_v2_parse_user_cmdline(char *str)
>  {
> -	char arg[20];
> -	int ret, i;
> +	if (!str)
> +		return -EINVAL;
>  
>  	if (!IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2))
>  		return SPECTRE_V2_USER_CMD_NONE;
>  
> -	ret = cmdline_find_option(boot_command_line, "spectre_v2_user",
> -				  arg, sizeof(arg));
> -	if (ret < 0)
> -		return SPECTRE_V2_USER_CMD_AUTO;
> +	if (!strcmp(str, "auto"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_AUTO;
> +	else if (!strcmp(str, "off"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_NONE;
> +	else if (!strcmp(str, "on"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_FORCE;
> +	else if (!strcmp(str, "prctl"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL;
> +	else if (!strcmp(str, "prctl,ibpb"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL_IBPB;
> +	else if (!strcmp(str, "seccomp"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP;
> +	else if (!strcmp(str, "seccomp,ibpb"))
> +		spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP_IBPB;
> +	else
> +		pr_err("Ignoring unknown spectre_v2_user option (%s).", str);

Should return from here? Otherwise, spec_v2_user_print_cond() will print
the unknown option as forced:

	pr_info("spectre_v2_user=%s forced on command line.\n", reason);

>  
> -	for (i = 0; i < ARRAY_SIZE(v2_user_options); i++) {
> -		if (match_option(arg, ret, v2_user_options[i].option)) {
> -			spec_v2_user_print_cond(v2_user_options[i].option,
> -						v2_user_options[i].secure);
> -			return v2_user_options[i].cmd;
> -		}
> -	}
> +	if (spectre_v2_user_cmd == SPECTRE_V2_USER_CMD_FORCE)
> +		spec_v2_user_print_cond(str, true);
> +	else
> +		spec_v2_user_print_cond(str, false);

I don't see the need for spec_v2_user_print_cond(), should it be zapped?

And then just do:

	if (spectre_v2_user_cmd != SPECTRE_V2_USER_CMD_FORCE)
		pr_info("spectre_v2_user=%s forced on command line.\n", str);

I also feel that the original print is a bit confusing (code-wise), because
it prints "forced" when the user opts for anything other than
"on"(CMD_FORCE). I think the intent was to inform the user that a partially
secure option is chosen.

> -	pr_err("Unknown user space protection option (%s). Switching to default\n", arg);
> -	return SPECTRE_V2_USER_CMD_AUTO;
> +	return 0;
>  }

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.