From nobody Tue Dec 2 02:19:00 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 64A9C2E719B; Thu, 20 Nov 2025 06:20:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763619609; cv=none; b=d22VtDTHpH7w8tKwr7FMRn0cR793hmscyaR84TaYT9Hg7qFICGLA4ck8PCK1kOWdnHQ8z1htCarbMqncjmg4CUEX/DAR+63hUmbkfNBwT0ySILcYAad/CUCllUK1ENNFd/5nVx//awi81BMFT6gTEZ00ZjNJ1wwVjqiKapvk7NI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763619609; c=relaxed/simple; bh=IO/M7Bwqr9leiXpGsKiN4bu0IMpZ39ScvP/BSECK4QY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=fyZJnuaVfy9M3LKuQIn+e8WxUItg7Y6XPEN2xeQBektlSYW1vyQJdQuAErKG0QJs4qRfzQNWjbPqpxVQlhcYUwQcE7Ax/SSWemIN9idG52sT8zt/7tThUO8a3htS75w1tUsXzpOJoTNsaDYwkphd6J3ZCGdSDMpAhGbc29aqoog= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=pass smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=VkbgvXpE; arc=none smtp.client-ip=198.175.65.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="VkbgvXpE" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1763619608; x=1795155608; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=IO/M7Bwqr9leiXpGsKiN4bu0IMpZ39ScvP/BSECK4QY=; b=VkbgvXpEqaBUD2xG1weRsXbcd80rS9l4UUj8E8pV/iJ1ltq4yg7oEs5x kqHL+Jvc/eYGEZyJDFp5eUHKDVKYQrJluaQTODRmwU8K43dRiLZSnL55B e5dkvk9khYLLVIT/Pg4b/DO2NOjabtvpjz6v1OYkPygoDRJRrhBzcOHd0 Q+YPmXH8AkcMWzk1iP1TBc6fH7o0p9G7VGTzE3NWdSUfWtCcYF6OUQWta d5CyhR+1ND4TuEhbuszBeCD8k641Og8S34axPMnxXoXNKdXEnzLbJXdwY vy+JjxZXJXo11qjH5DY0hSy3FlgG1A3+phVMZHH/Od/8xF4ImAMlIwreI w==; X-CSE-ConnectionGUID: YZBTu1LiRN+/lsYn3rnraw== X-CSE-MsgGUID: rwEuckU4QZyVnySXASCrmg== X-IronPort-AV: E=McAfee;i="6800,10657,11618"; a="69529246" X-IronPort-AV: E=Sophos;i="6.19,317,1754982000"; d="scan'208";a="69529246" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Nov 2025 22:20:07 -0800 X-CSE-ConnectionGUID: EJGWwmTIQROSc6JjREdW9g== X-CSE-MsgGUID: 2PGNOXGsROyYVw5FQugdSQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.19,317,1754982000"; d="scan'208";a="195395121" Received: from guptapa-desk.jf.intel.com (HELO desk) ([10.165.239.46]) by ORVIESA003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Nov 2025 22:20:07 -0800 Date: Wed, 19 Nov 2025 22:20:06 -0800 From: Pawan Gupta To: x86@kernel.org, David Kaplan , Nikolay Borisov , "H. Peter Anvin" , Josh Poimboeuf , Sean Christopherson , Paolo Bonzini , Borislav Petkov , Dave Hansen Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Asit Mallick , Tao Zhang Subject: [PATCH v4 10/11] x86/vmscape: Override conflicting attack-vector controls with =force Message-ID: <20251119-vmscape-bhb-v4-10-1adad4e69ddc@linux.intel.com> X-Mailer: b4 0.14.2 References: <20251119-vmscape-bhb-v4-0-1adad4e69ddc@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20251119-vmscape-bhb-v4-0-1adad4e69ddc@linux.intel.com> Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" vmscape=3Dforce option currently defaults to AUTO mitigation. This is not correct because attack-vector controls override a mitigation when in AUTO mode. This prevents a user from being able to force VMSCAPE mitigation when it conflicts with attack-vector controls. Kernel should deploy a forced mitigation irrespective of attack vectors. Instead of AUTO, use VMSCAPE_MITIGATION_ON that wins over attack-vector controls. Signed-off-by: Pawan Gupta Reviewed-by: Nikolay Borisov --- arch/x86/kernel/cpu/bugs.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index d12c07ccf59479ecf590935607394492c988b2ff..81b0db27f4094c90ebf4704c74f= 5e7e6b809560f 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -3197,6 +3197,7 @@ static void __init srso_apply_mitigation(void) enum vmscape_mitigations { VMSCAPE_MITIGATION_NONE, VMSCAPE_MITIGATION_AUTO, + VMSCAPE_MITIGATION_ON, VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER, VMSCAPE_MITIGATION_IBPB_ON_VMEXIT, VMSCAPE_MITIGATION_BHB_CLEAR_EXIT_TO_USER, @@ -3205,6 +3206,7 @@ enum vmscape_mitigations { static const char * const vmscape_strings[] =3D { [VMSCAPE_MITIGATION_NONE] =3D "Vulnerable", /* [VMSCAPE_MITIGATION_AUTO] */ + /* [VMSCAPE_MITIGATION_ON] */ [VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER] =3D "Mitigation: IBPB before exit= to userspace", [VMSCAPE_MITIGATION_IBPB_ON_VMEXIT] =3D "Mitigation: IBPB on VMEXIT", [VMSCAPE_MITIGATION_BHB_CLEAR_EXIT_TO_USER] =3D "Mitigation: Clear BHB be= fore exit to userspace", @@ -3224,7 +3226,7 @@ static int __init vmscape_parse_cmdline(char *str) vmscape_mitigation =3D VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER; } else if (!strcmp(str, "force")) { setup_force_cpu_bug(X86_BUG_VMSCAPE); - vmscape_mitigation =3D VMSCAPE_MITIGATION_AUTO; + vmscape_mitigation =3D VMSCAPE_MITIGATION_ON; } else { pr_err("Ignoring unknown vmscape=3D%s option.\n", str); } @@ -3259,6 +3261,7 @@ static void __init vmscape_select_mitigation(void) vmscape_mitigation =3D VMSCAPE_MITIGATION_NONE; break; case VMSCAPE_MITIGATION_AUTO: + case VMSCAPE_MITIGATION_ON: /* * CPUs with BHI_CTRL(ADL and newer) can avoid the IBPB and use BHB * clear sequence. These CPUs are only vulnerable to the BHI variant @@ -3381,6 +3384,7 @@ void cpu_bugs_smt_update(void) switch (vmscape_mitigation) { case VMSCAPE_MITIGATION_NONE: case VMSCAPE_MITIGATION_AUTO: + case VMSCAPE_MITIGATION_ON: break; case VMSCAPE_MITIGATION_IBPB_ON_VMEXIT: case VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER: --=20 2.34.1