Dynamic mitigations

[RFC PATCH 04/56] x86/bugs: Reset spectre_v1 mitigations

Posted by David Kaplan 2 months, 1 week ago

Add function to reset spectre_v1 mitigations back to their boot-time
defaults.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
---
 arch/x86/include/asm/bugs.h |  1 +
 arch/x86/kernel/cpu/bugs.c  | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/arch/x86/include/asm/bugs.h b/arch/x86/include/asm/bugs.h
index f25ca2d709d4..e43b9412645e 100644
--- a/arch/x86/include/asm/bugs.h
+++ b/arch/x86/include/asm/bugs.h
@@ -11,5 +11,6 @@ static inline int ppro_with_ram_bug(void) { return 0; }
 #endif
 
 extern void cpu_bugs_smt_update(void);
+void arch_cpu_reset_mitigations(void);
 
 #endif /* _ASM_X86_BUGS_H */
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 6a526ae1fe99..9d5c6a3e50e1 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -46,6 +46,8 @@
  *				   may want to change based on other choices
  *				   made.  This function is optional.
  *   <vuln>_apply_mitigation() -- Enable the selected mitigation.
+ *   <vuln>_reset_mitigation() -- Undo's the apply_mitigation step, this is used
+ *				  with runtime mitigation patching.
  *
  * The compile-time mitigation in all cases should be AUTO.  An explicit
  * command-line option can override AUTO.  If no such option is
@@ -1247,6 +1249,15 @@ static void __init spectre_v1_apply_mitigation(void)
 	pr_info("%s\n", spectre_v1_strings[spectre_v1_mitigation]);
 }
 
+#ifdef CONFIG_DYNAMIC_MITIGATIONS
+static void spectre_v1_reset_mitigation(void)
+{
+	setup_clear_cpu_cap(X86_FEATURE_FENCE_SWAPGS_USER);
+	setup_clear_cpu_cap(X86_FEATURE_FENCE_SWAPGS_KERNEL);
+	spectre_v1_mitigation = SPECTRE_V1_MITIGATION_AUTO;
+}
+#endif
+
 static int __init nospectre_v1_cmdline(char *str)
 {
 	spectre_v1_mitigation = SPECTRE_V1_MITIGATION_NONE;
@@ -3794,3 +3805,10 @@ void __warn_thunk(void)
 {
 	WARN_ONCE(1, "Unpatched return thunk in use. This should not happen!\n");
 }
+
+#ifdef CONFIG_DYNAMIC_MITIGATIONS
+void arch_cpu_reset_mitigations(void)
+{
+	spectre_v1_reset_mitigation();
+}
+#endif
-- 
2.34.1

Re: [RFC PATCH 04/56] x86/bugs: Reset spectre_v1 mitigations

Posted by Borislav Petkov 1 month, 3 weeks ago

On Mon, Oct 13, 2025 at 09:33:52AM -0500, David Kaplan wrote:
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index 6a526ae1fe99..9d5c6a3e50e1 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -46,6 +46,8 @@
>   *				   may want to change based on other choices
>   *				   made.  This function is optional.
>   *   <vuln>_apply_mitigation() -- Enable the selected mitigation.
> + *   <vuln>_reset_mitigation() -- Undo's the apply_mitigation step, this is used

"Undoes" no?

> + *				  with runtime mitigation patching.
>   *
>   * The compile-time mitigation in all cases should be AUTO.  An explicit
>   * command-line option can override AUTO.  If no such option is
> @@ -1247,6 +1249,15 @@ static void __init spectre_v1_apply_mitigation(void)
>  	pr_info("%s\n", spectre_v1_strings[spectre_v1_mitigation]);
>  }
>  
> +#ifdef CONFIG_DYNAMIC_MITIGATIONS
> +static void spectre_v1_reset_mitigation(void)
> +{
> +	setup_clear_cpu_cap(X86_FEATURE_FENCE_SWAPGS_USER);
> +	setup_clear_cpu_cap(X86_FEATURE_FENCE_SWAPGS_KERNEL);
> +	spectre_v1_mitigation = SPECTRE_V1_MITIGATION_AUTO;
> +}
> +#endif

Right, let's see in the end what is easier: we have the cross-dependencies
between mitigations so having separate "undo" functions might require them to
run in reverse order to the "apply" functions. I can imagine a single "undo"
function would be easier because you have everything in one place.

We'll see.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette