From nobody Mon Feb 9 12:28:50 2026 Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4C929336EF4 for ; Fri, 14 Nov 2025 17:14:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=65.109.113.108 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763140483; cv=none; b=EU6NBZIbvvYMD+VThHTlMuDdq859yN8cfGW5gMQCwjy3X+lYalvd3ujX/FtC2Ga8QIhVWOxZILhPNgoTfAlHdgtB2qYcLO7plUSSinB95hgOQCYRkDbqBICJKNhbP3G6jsxwd9Dt+wY5csTwWvISGP9KfbqtRGIENhB5LuhF+YA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763140483; c=relaxed/simple; bh=zfdbrIHMhLI/QUbLhjodOoIULoNAMYBPnLb5xHrwBO0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=praINZJFKHkfyQha+6cTFUSpGJ/ODiyZ6ibtF/6O+CbwwrZ+eyi3fn/BPAughoKk7iXd3V7NaFz6jDiQByHAbqZC2q2KRWYfFX5P9a3lmmMFof6cBtmUW41f/P1xUKd4QlgF4cWqvBqorbHu/y5dodYbG2TqQjvR5pTCiBMEBjI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de; spf=pass smtp.mailfrom=alien8.de; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b=CsXInev6; arc=none smtp.client-ip=65.109.113.108 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alien8.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b="CsXInev6" Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 0572D40E024F; Fri, 14 Nov 2025 17:14:39 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id bup70xhTiffG; Fri, 14 Nov 2025 17:14:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1763140473; bh=bB7/vSwJXjczouq+ePAh8XtDrdsRUqF1+2Td0rfoJtM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=CsXInev6vyPnbSRamwRNCtf8GS/6ZYHxfW2Waq3X+mHJySUdNorzkiVxg8t3JRyzq 6Z+UyeKJjj/jy932dbVmG1DqUYrXnx4OSS4IrU7P/208IK215FG1NUHA/PIM2c0a7a /2GN/Pjdh6trEwU5WWGhggRTdcmgXfgAOpravNfYUlbDwt3yn1LOGZOHxaQRIX4yzB 567Mekjx3ntYTrEZmegxN/wRVDISG+o6k0PIY9+Kuwz0uHho+fJopOkiUIJ23lrn/8 dW6eA4X4XGOeiILgCoN6d03rlF0J6vmCUanjGJoyKo/8MrtdPKpbedjJfL+NXJiAhw hk1EnY5eGwK9ecRZpzfPcwqgkuHA+s8HgHZPN8apULWMlnfYFEL2VQ/9nYmEdf4dk6 ylSQqaSxr9yGk/PZQJeXBMOcbvDJ9Ujlqq8Fz9eznS7OUxl3WB6z44k02xRo9mUHZY AHp8/tEPZ42yP0nhJXoB+mQHr5M+HCv2rUK0MgXqvJQ6Mv3dNnV4FLbQmOrK49gSCN ow1HGXTwkjAD54e5l2tJ/cfR3sufv2FTWxbBswpxHpY0yovYAk0EVY1eHpqj/wX8eC hHfCQxzlIxGuqBrL1yfjI8sBD3h//8Lt6gjyVr+jFs1w5M2K30TIpDkeIhcAoU3CaK +pUVDfSEw7TPU5hggFBCRKG4= Received: from zn.tnic (pd9530da1.dip0.t-ipconnect.de [217.83.13.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with UTF8SMTPSA id E797F40E022F; Fri, 14 Nov 2025 17:14:20 +0000 (UTC) Date: Fri, 14 Nov 2025 18:14:14 +0100 From: Borislav Petkov To: Josh Poimboeuf Cc: "Kaplan, David" , Thomas Gleixner , Peter Zijlstra , Pawan Gupta , Ingo Molnar , Dave Hansen , "x86@kernel.org" , "H . Peter Anvin" , Alexander Graf , Boris Ostrovsky , "linux-kernel@vger.kernel.org" Subject: [PATCH] x86/bugs: Get rid of the forward declarations Message-ID: <20251114171414.GEaRdjZsEG9NAA_rLF@fat_crate.local> References: <20251013143444.3999-1-david.kaplan@amd.com> <20251013143444.3999-6-david.kaplan@amd.com> <20251103193130.GQaQkDEquEnEwb_cwC@fat_crate.local> <20251103202811.GMaQkQW54Gml6i1jQy@fat_crate.local> <20251105110318.GAaQsu9vGkzSxGbzzx@fat_crate.local> <20251105200447.GBaQut3w4dLilZrX-z@fat_crate.local> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20251105200447.GBaQut3w4dLilZrX-z@fat_crate.local> Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On Wed, Nov 05, 2025 at 09:04:47PM +0100, Borislav Petkov wrote: > > We should put cpu_select_mitigations() at the bottom too, then all those > > existing forward declarations can go away. >=20 > That's a good idea. We should, if it doesn't get too hairy. That was easier than I expected. Only build-tested. Acked-by: Josh Poimboeuf Reviewed-by: Pawan Gupta Suggested-by: Josh Poimboeuf --- From: "Borislav Petkov (AMD)" Date: Fri, 14 Nov 2025 18:10:04 +0100 Get rid of the forward declarations of the mitigation functions by moving their single caller below them. No functional changes. Suggested-by: Josh Poimboeuf Signed-off-by: Borislav Petkov (AMD) --- arch/x86/kernel/cpu/bugs.c | 233 +++++++++++++++---------------------- 1 file changed, 93 insertions(+), 140 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index d7fa03bf51b4..4fa8284c53a1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -53,53 +53,6 @@ * mitigation option. */ =20 -static void __init spectre_v1_select_mitigation(void); -static void __init spectre_v1_apply_mitigation(void); -static void __init spectre_v2_select_mitigation(void); -static void __init spectre_v2_update_mitigation(void); -static void __init spectre_v2_apply_mitigation(void); -static void __init retbleed_select_mitigation(void); -static void __init retbleed_update_mitigation(void); -static void __init retbleed_apply_mitigation(void); -static void __init spectre_v2_user_select_mitigation(void); -static void __init spectre_v2_user_update_mitigation(void); -static void __init spectre_v2_user_apply_mitigation(void); -static void __init ssb_select_mitigation(void); -static void __init ssb_apply_mitigation(void); -static void __init l1tf_select_mitigation(void); -static void __init l1tf_apply_mitigation(void); -static void __init mds_select_mitigation(void); -static void __init mds_update_mitigation(void); -static void __init mds_apply_mitigation(void); -static void __init taa_select_mitigation(void); -static void __init taa_update_mitigation(void); -static void __init taa_apply_mitigation(void); -static void __init mmio_select_mitigation(void); -static void __init mmio_update_mitigation(void); -static void __init mmio_apply_mitigation(void); -static void __init rfds_select_mitigation(void); -static void __init rfds_update_mitigation(void); -static void __init rfds_apply_mitigation(void); -static void __init srbds_select_mitigation(void); -static void __init srbds_apply_mitigation(void); -static void __init l1d_flush_select_mitigation(void); -static void __init srso_select_mitigation(void); -static void __init srso_update_mitigation(void); -static void __init srso_apply_mitigation(void); -static void __init gds_select_mitigation(void); -static void __init gds_apply_mitigation(void); -static void __init bhi_select_mitigation(void); -static void __init bhi_update_mitigation(void); -static void __init bhi_apply_mitigation(void); -static void __init its_select_mitigation(void); -static void __init its_update_mitigation(void); -static void __init its_apply_mitigation(void); -static void __init tsa_select_mitigation(void); -static void __init tsa_apply_mitigation(void); -static void __init vmscape_select_mitigation(void); -static void __init vmscape_update_mitigation(void); -static void __init vmscape_apply_mitigation(void); - /* The base value of the SPEC_CTRL MSR without task-specific bits set */ u64 x86_spec_ctrl_base; EXPORT_SYMBOL_GPL(x86_spec_ctrl_base); @@ -233,99 +186,6 @@ static void __init cpu_print_attack_vectors(void) } } =20 -void __init cpu_select_mitigations(void) -{ - /* - * Read the SPEC_CTRL MSR to account for reserved bits which may - * have unknown values. AMD64_LS_CFG MSR is cached in the early AMD - * init code as it is not enumerated and depends on the family. - */ - if (cpu_feature_enabled(X86_FEATURE_MSR_SPEC_CTRL)) { - rdmsrq(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base); - - /* - * Previously running kernel (kexec), may have some controls - * turned ON. Clear them and let the mitigations setup below - * rediscover them based on configuration. - */ - x86_spec_ctrl_base &=3D ~SPEC_CTRL_MITIGATIONS_MASK; - } - - x86_arch_cap_msr =3D x86_read_arch_cap_msr(); - - cpu_print_attack_vectors(); - - /* Select the proper CPU mitigations before patching alternatives: */ - spectre_v1_select_mitigation(); - spectre_v2_select_mitigation(); - retbleed_select_mitigation(); - spectre_v2_user_select_mitigation(); - ssb_select_mitigation(); - l1tf_select_mitigation(); - mds_select_mitigation(); - taa_select_mitigation(); - mmio_select_mitigation(); - rfds_select_mitigation(); - srbds_select_mitigation(); - l1d_flush_select_mitigation(); - srso_select_mitigation(); - gds_select_mitigation(); - its_select_mitigation(); - bhi_select_mitigation(); - tsa_select_mitigation(); - vmscape_select_mitigation(); - - /* - * After mitigations are selected, some may need to update their - * choices. - */ - spectre_v2_update_mitigation(); - /* - * retbleed_update_mitigation() relies on the state set by - * spectre_v2_update_mitigation(); specifically it wants to know about - * spectre_v2=3Dibrs. - */ - retbleed_update_mitigation(); - /* - * its_update_mitigation() depends on spectre_v2_update_mitigation() - * and retbleed_update_mitigation(). - */ - its_update_mitigation(); - - /* - * spectre_v2_user_update_mitigation() depends on - * retbleed_update_mitigation(), specifically the STIBP - * selection is forced for UNRET or IBPB. - */ - spectre_v2_user_update_mitigation(); - mds_update_mitigation(); - taa_update_mitigation(); - mmio_update_mitigation(); - rfds_update_mitigation(); - bhi_update_mitigation(); - /* srso_update_mitigation() depends on retbleed_update_mitigation(). */ - srso_update_mitigation(); - vmscape_update_mitigation(); - - spectre_v1_apply_mitigation(); - spectre_v2_apply_mitigation(); - retbleed_apply_mitigation(); - spectre_v2_user_apply_mitigation(); - ssb_apply_mitigation(); - l1tf_apply_mitigation(); - mds_apply_mitigation(); - taa_apply_mitigation(); - mmio_apply_mitigation(); - rfds_apply_mitigation(); - srbds_apply_mitigation(); - srso_apply_mitigation(); - gds_apply_mitigation(); - its_apply_mitigation(); - bhi_apply_mitigation(); - tsa_apply_mitigation(); - vmscape_apply_mitigation(); -} - /* * NOTE: This function is *only* called for SVM, since Intel uses * MSR_IA32_SPEC_CTRL for SSBD. @@ -3371,6 +3231,99 @@ void cpu_bugs_smt_update(void) mutex_unlock(&spec_ctrl_mutex); } =20 +void __init cpu_select_mitigations(void) +{ + /* + * Read the SPEC_CTRL MSR to account for reserved bits which may + * have unknown values. AMD64_LS_CFG MSR is cached in the early AMD + * init code as it is not enumerated and depends on the family. + */ + if (cpu_feature_enabled(X86_FEATURE_MSR_SPEC_CTRL)) { + rdmsrq(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base); + + /* + * Previously running kernel (kexec), may have some controls + * turned ON. Clear them and let the mitigations setup below + * rediscover them based on configuration. + */ + x86_spec_ctrl_base &=3D ~SPEC_CTRL_MITIGATIONS_MASK; + } + + x86_arch_cap_msr =3D x86_read_arch_cap_msr(); + + cpu_print_attack_vectors(); + + /* Select the proper CPU mitigations before patching alternatives: */ + spectre_v1_select_mitigation(); + spectre_v2_select_mitigation(); + retbleed_select_mitigation(); + spectre_v2_user_select_mitigation(); + ssb_select_mitigation(); + l1tf_select_mitigation(); + mds_select_mitigation(); + taa_select_mitigation(); + mmio_select_mitigation(); + rfds_select_mitigation(); + srbds_select_mitigation(); + l1d_flush_select_mitigation(); + srso_select_mitigation(); + gds_select_mitigation(); + its_select_mitigation(); + bhi_select_mitigation(); + tsa_select_mitigation(); + vmscape_select_mitigation(); + + /* + * After mitigations are selected, some may need to update their + * choices. + */ + spectre_v2_update_mitigation(); + /* + * retbleed_update_mitigation() relies on the state set by + * spectre_v2_update_mitigation(); specifically it wants to know about + * spectre_v2=3Dibrs. + */ + retbleed_update_mitigation(); + /* + * its_update_mitigation() depends on spectre_v2_update_mitigation() + * and retbleed_update_mitigation(). + */ + its_update_mitigation(); + + /* + * spectre_v2_user_update_mitigation() depends on + * retbleed_update_mitigation(), specifically the STIBP + * selection is forced for UNRET or IBPB. + */ + spectre_v2_user_update_mitigation(); + mds_update_mitigation(); + taa_update_mitigation(); + mmio_update_mitigation(); + rfds_update_mitigation(); + bhi_update_mitigation(); + /* srso_update_mitigation() depends on retbleed_update_mitigation(). */ + srso_update_mitigation(); + vmscape_update_mitigation(); + + spectre_v1_apply_mitigation(); + spectre_v2_apply_mitigation(); + retbleed_apply_mitigation(); + spectre_v2_user_apply_mitigation(); + ssb_apply_mitigation(); + l1tf_apply_mitigation(); + mds_apply_mitigation(); + taa_apply_mitigation(); + mmio_apply_mitigation(); + rfds_apply_mitigation(); + srbds_apply_mitigation(); + srso_apply_mitigation(); + gds_apply_mitigation(); + its_apply_mitigation(); + bhi_apply_mitigation(); + tsa_apply_mitigation(); + vmscape_apply_mitigation(); +} + #ifdef CONFIG_SYSFS =20 #define L1TF_DEFAULT_MSG "Mitigation: PTE Inversion" --=20 2.51.0 --=20 Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette