From nobody Fri Apr  3 05:50:26 2026
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.11])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 585AF22576E;
	Fri,  3 Apr 2026 00:33:08 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=192.198.163.11
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775176389; cv=none;
 b=fY5wUk3yya28gW8CUJqLQnoAm+kvFGzu7aviNeu+FGj1Z3a4GFm5YkDSs6tpSoMqs88/LhfE1dco/OYAKfT1xDpFw0c9GA2RuYPyC+DO2QTkX5aoMnqlw0ODBVPviY0zH3JYm/xrUcRAyhJ69ZTGay+oUtbOpwLj5itrYIqTAfc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775176389; c=relaxed/simple;
	bh=Mae+zoSeH0IjM7IPUjJkYQd/usJgG+IDTrU4CPhalhs=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To;
 b=QbKSMqPc0bERTOjyY7ipEc2igYFu7ZEIJKOKSbSNi0VBPiK71ofCLe5SthioZBG74y/hk9ryX9Vs+YHAqTYsxQbCX8pJ1B+LRMXgxaheNoo3pZ6yzbQuYPMs09YY07tX1Llcj5ZTmJbD0FLsQLoCNff6pI7sUZwt9HLZJUC6ts8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=linux.intel.com;
 spf=pass smtp.mailfrom=linux.intel.com;
 dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
 header.b=g89uFOhs; arc=none smtp.client-ip=192.198.163.11
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=linux.intel.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=linux.intel.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
 header.b="g89uFOhs"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1775176388; x=1806712388;
  h=date:from:to:cc:subject:message-id:references:
   mime-version:in-reply-to;
  bh=Mae+zoSeH0IjM7IPUjJkYQd/usJgG+IDTrU4CPhalhs=;
  b=g89uFOhsbMoEaMZKQ47EKxKcRMpGo/KJalCTM+dR38ZDgVMuNISBNoVk
   ZHVmrRs2bW80A/8m+v1P/zqPrr8JMD4abWUEYDtN6S9MzMxgqcojoeWYD
   U/umEgE6Ym9be0+T8ydMooaP/t0J5duk5Uj8OogaFj9DC9K40FdJCszG1
   JCiH9ScNIzvfRbqG++X5zg9ZH/RMb92aXcCZyCJ0ciBBp413t4FmJktxk
   auOFjZxZJlrsz2KX219rNdESeqvTl55E11H7dWqmWhvcUocFouzpxlE63
   vaWZ6O1FkU3vfyLtvXWfkS2OZJTlsRQwZkdx+TAT/+RYzl7P14/6BXQ6Y
   g==;
X-CSE-ConnectionGUID: JwtsF8gPQaKj4nvhlpqLZw==
X-CSE-MsgGUID: jnJQhLDWTXaH8dgalsXfig==
X-IronPort-AV: E=McAfee;i="6800,10657,11747"; a="86864447"
X-IronPort-AV: E=Sophos;i="6.23,156,1770624000";
   d="scan'208";a="86864447"
Received: from orviesa004.jf.intel.com ([10.64.159.144])
  by fmvoesa105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 02 Apr 2026 17:33:07 -0700
X-CSE-ConnectionGUID: Ytm8/RvNSsC9fG9EKTMx2w==
X-CSE-MsgGUID: H2lsZQBZQdCDfFwjUor96A==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.23,156,1770624000";
   d="scan'208";a="231511379"
Received: from guptapa-desk.jf.intel.com (HELO desk) ([10.165.239.46])
  by orviesa004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 02 Apr 2026 17:33:08 -0700
Date: Thu, 2 Apr 2026 17:33:07 -0700
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
To: x86@kernel.org, Jon Kohler <jon@nutanix.com>,
	Nikolay Borisov <nik.borisov@suse.com>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Josh Poimboeuf <jpoimboe@kernel.org>,
	David Kaplan <david.kaplan@amd.com>,
	Sean Christopherson <seanjc@google.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Andrii Nakryiko <andrii@kernel.org>, KP Singh <kpsingh@kernel.org>,
	Jiri Olsa <jolsa@kernel.org>,
	"David S. Miller" <davem@davemloft.net>,
	David Laight <david.laight.linux@gmail.com>,
	Andy Lutomirski <luto@kernel.org>,
	Thomas Gleixner <tglx@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	David Ahern <dsahern@kernel.org>,
	Martin KaFai Lau <martin.lau@linux.dev>,
	Eduard Zingerman <eddyz87@gmail.com>, Song Liu <song@kernel.org>,
	Yonghong Song <yonghong.song@linux.dev>,
	John Fastabend <john.fastabend@gmail.com>,
	Stanislav Fomichev <sdf@fomichev.me>, Hao Luo <haoluo@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Jonathan Corbet <corbet@lwn.net>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
	Asit Mallick <asit.k.mallick@intel.com>,
	Tao Zhang <tao1.zhang@intel.com>, bpf@vger.kernel.org,
	netdev@vger.kernel.org, linux-doc@vger.kernel.org
Subject: [PATCH v9 10/10] x86/vmscape: Add cmdline vmscape=on to override
 attack vector controls
Message-ID: <20260402-vmscape-bhb-v9-10-94d16bc29774@linux.intel.com>
X-Mailer: b4 0.15-dev
References: <20260402-vmscape-bhb-v9-0-94d16bc29774@linux.intel.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20260402-vmscape-bhb-v9-0-94d16bc29774@linux.intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

In general, individual mitigation knobs override the attack vector
controls. For VMSCAPE, =3Dibpb exists but nothing to select BHB clearing
mitigation. The =3Dforce option would select BHB clearing when supported, b=
ut
with a side-effect of also forcing the bug, hence deploying the mitigation
on unaffected parts too.

Add a new cmdline option vmscape=3Don to enable the mitigation based on the
VMSCAPE variant the CPU is affected by.

Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
Tested-by: Jon Kohler <jon@nutanix.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
---
 Documentation/admin-guide/hw-vuln/vmscape.rst   | 4 ++++
 Documentation/admin-guide/kernel-parameters.txt | 2 ++
 arch/x86/kernel/cpu/bugs.c                      | 2 ++
 3 files changed, 8 insertions(+)

diff --git a/Documentation/admin-guide/hw-vuln/vmscape.rst b/Documentation/=
admin-guide/hw-vuln/vmscape.rst
index 7c40cf70ad7a..2558a5c3d956 100644
--- a/Documentation/admin-guide/hw-vuln/vmscape.rst
+++ b/Documentation/admin-guide/hw-vuln/vmscape.rst
@@ -117,3 +117,7 @@ The mitigation can be controlled via the ``vmscape=3D``=
 command line parameter:
=20
    Choose the mitigation based on the VMSCAPE variant the CPU is affected =
by.
    (default when CONFIG_MITIGATION_VMSCAPE=3Dy)
+
+ * ``vmscape=3Don``:
+
+   Same as ``auto``, except that it overrides attack vector controls.
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio=
n/admin-guide/kernel-parameters.txt
index 3853c7109419..98204d464477 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -8383,6 +8383,8 @@ Kernel parameters
 					  unaffected processors
 			auto		- (default) use IBPB or BHB clear
 					  mitigation based on CPU
+			on		- same as "auto", but override attack
+					  vector control
=20
 	vsyscall=3D	[X86-64,EARLY]
 			Controls the behavior of vsyscalls (i.e. calls to
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index ba8389df467a..366ebe1e1fb9 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -3087,6 +3087,8 @@ static int __init vmscape_parse_cmdline(char *str)
 	} else if (!strcmp(str, "force")) {
 		setup_force_cpu_bug(X86_BUG_VMSCAPE);
 		vmscape_mitigation =3D VMSCAPE_MITIGATION_ON;
+	} else if (!strcmp(str, "on")) {
+		vmscape_mitigation =3D VMSCAPE_MITIGATION_ON;
 	} else if (!strcmp(str, "auto")) {
 		vmscape_mitigation =3D VMSCAPE_MITIGATION_AUTO;
 	} else {

--=20
2.34.1