From nobody Mon Nov 25 08:05:43 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4D4881D5171; Mon, 28 Oct 2024 23:50:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730159446; cv=none; b=rb6JGUGtIVwcWBNVC0YbNj2KZGASibJR7btk52Yu+ZtJ2K3QZp7ei60i1rlRXqY3HIkM2Dq2WDh2/p5jm5Zk19+IuNIWUFAce+dpq2XSxiO8I6o79ZLEpYmtpFsXzlMp5DSpU2ZI8fojlZf8EVYY8G6zMo1QnHJ+tT3nRHkdg30= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730159446; c=relaxed/simple; bh=oJqiwSMjDU4oPhhJBVFu9TLet5JypqFREiJbc+59QCw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=FVsmKxeYMa6Bx5R8zGbJyCeblnlS6SDDl3CadsDIbtxcZxDsY/dcc+Cbr3qBu9BgSi+WFWCEc4uurWLT/8dUY+eQXmlf8ohyT77yIT97Dv5jwlnl5yCTdbCvT5NFsKGi9qNBLDM4H9G7ckrHsN1AHQIqGFVFrhSQuLUiQ42zi9U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=ViQmBhi/; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="ViQmBhi/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730159444; x=1761695444; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=oJqiwSMjDU4oPhhJBVFu9TLet5JypqFREiJbc+59QCw=; b=ViQmBhi/0ITSBW+nhNx5dLeGk7lJugXq/8yOx5z/W+KqlG5pV5vXXV2X KHDWCXTmuerW3odFOO6tzFpXTC2J7rZ0fbajybEZgv7zUhhngN9TXQzFJ BOw1VQkak+gSmtqPvtfqrhYPJSAuz/VM32x/4IC8zIr92ro+G+allY3nY rVqj0HDfcZgPsQzyQwDXD0zCrPsoywqutuFsBK50+2gYyEjoS9xhVteU+ PWfaC4PwGZHCv0vxaW6Vohx61pSEsgJid8rd1zPuJbv6omb4dD9B13DGi IK4vvUN7/TR75b28NSHw5N32yxiL1ePQmkraIgp5VE+fweFjVuNhL+Tfv w==; X-CSE-ConnectionGUID: LQU4+TG0RcyVK9XDaxDjpg== X-CSE-MsgGUID: gee+u+bkQvyVZKJKfHGm8Q== X-IronPort-AV: E=McAfee;i="6700,10204,11239"; a="29987680" X-IronPort-AV: E=Sophos;i="6.11,240,1725346800"; d="scan'208";a="29987680" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 16:50:44 -0700 X-CSE-ConnectionGUID: xmV3xEJ4TImjjzyWq3TujA== X-CSE-MsgGUID: UJAXsTOBRvaOJ3c/co5+lw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,240,1725346800"; d="scan'208";a="86381235" Received: from salmansi-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.80.18]) by fmviesa004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 16:50:42 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 1/2] x86/bugs: Check VERW mitigations for consistency Date: Mon, 28 Oct 2024 16:50:34 -0700 Message-Id: <3ed45a10e2f7fbecce31d9964b1da1372e8cb838.1730158506.git.daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" There are currently 4 mitigations that use VERW: MDS, TAA, MMIO Stale Data, and Register File Data Sampling. Because all 4 use the same mitigation path, if any one of them is enabled, they're all enabled. Normally, this is what is wanted. However, if a user wants to disable the mitigation, this can cause problems. If the user misses disabling even one of these mitigations, then none of them will be disabled. This can cause confusion as the user expects to regain the performance lost to the mitigation but isn't seeing any improvement. Since there are already 4 knobs for controlling it, adding a 5th knob that controls all 4 mitigations together would just overcomplicate things. Instead, let the user know their mitigations are out of sync when at least one of these mitigations is disabled but not all 4. Signed-off-by: Daniel Sneddon --- arch/x86/kernel/cpu/bugs.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index d1915427b4ff..b26b3b554330 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -582,8 +582,26 @@ static void __init md_clear_update_mitigation(void) pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigatio= n]); } =20 +static void __init verw_mitigations_check(void) +{ + if (mds_mitigation =3D=3D MDS_MITIGATION_OFF || + taa_mitigation =3D=3D TAA_MITIGATION_OFF || + mmio_mitigation =3D=3D MMIO_MITIGATION_OFF || + rfds_mitigation =3D=3D RFDS_MITIGATION_OFF) { + if (mds_mitigation =3D=3D MDS_MITIGATION_OFF && + taa_mitigation =3D=3D TAA_MITIGATION_OFF && + mmio_mitigation =3D=3D MMIO_MITIGATION_OFF && + rfds_mitigation =3D=3D RFDS_MITIGATION_OFF) + return; + + pr_info("MDS, TAA, MMIO Stale Data, and Register File Data Sampling all = depend on VERW\n"); + pr_info("In order to disable any one of them please ensure all 4 are dis= abled.\n"); + } +} + static void __init md_clear_select_mitigation(void) { + verw_mitigations_check(); mds_select_mitigation(); taa_select_mitigation(); mmio_select_mitigation(); --=20 2.25.1 From nobody Mon Nov 25 08:05:43 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E028C1F8EE8; Mon, 28 Oct 2024 23:50:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730159448; cv=none; b=eET0iMB2eFOZsKZjRN1nvK0mfDa/i9WgejAwzD49i9w6coWViah24JA/zY2Si9C2nPFrklSKZCLsFlldCmz03Ob2ScgtNQ/Mm9f0d+z+DR/5dv8mNbfv/22zgqSbp/pevJMfbiSAsjMtPESHr6r4GuYu3vjENKsjNTkiVHVA0Nw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730159448; c=relaxed/simple; bh=yj7eOyWQkCOKe5C0f2TpWmsXiQumOyQf2sksJQtsO8c=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=VNgMw0RQPwEhaqgqyDtej0REsC4pYwtZi+VQDh/Lsmzos894fut17PK69CInCwMs4EqPJGenqfViRpWeeHQ2rL9wVK0fgoXPq5TK7cFRW1ujt7lDHW77PcGdDyMYLlmsHHeIHwc2cGs/BVtyDkUnb7hFxfZCn6PjoWzEUlnaQ+g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=N0Hgd6vs; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="N0Hgd6vs" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730159446; x=1761695446; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=yj7eOyWQkCOKe5C0f2TpWmsXiQumOyQf2sksJQtsO8c=; b=N0Hgd6vsi/NuNfuHbVrTXDJTm90JhvHW7IZMgn5leMcr9D7EGYYp9uOe +gDoqaSQrHyExwbKRdF/h62q/gU9Vs42ngGlkqfDoJxKM+xGDNriWfhZM QYMh5k60b7WVC0gKpMspMGJvceXixLaIjT8vKAoS1sO2veD/1o5YNHpCB lhGUxzsH+pi6eWpa28PxIzSbReFD5cu77habSVqDvsKKzmpNW36fxKhBS webz9zLlhIukMNgoYLHyI+LsfuHDYGsGAy0Egy0ym2SdhHM1/rGAyxWf+ Vs/ojz+VU6Cbx+isS1n/Bq17eHib+m4CBu2A7l+Y5Np292kSMajHvdmwp g==; X-CSE-ConnectionGUID: 6IP2mNG/RXioFbJTbZUjtQ== X-CSE-MsgGUID: AdjWvq5JScqSgHhfTDao6g== X-IronPort-AV: E=McAfee;i="6700,10204,11239"; a="29987689" X-IronPort-AV: E=Sophos;i="6.11,240,1725346800"; d="scan'208";a="29987689" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 16:50:45 -0700 X-CSE-ConnectionGUID: YtlnV6grRiGe3srZ9R/0Ag== X-CSE-MsgGUID: nEx3GQ5gSoaiJCnw5QZWXA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,240,1725346800"; d="scan'208";a="86381239" Received: from salmansi-mobl.amr.corp.intel.com (HELO dsneddon-desk.sneddon.lan) ([10.125.80.18]) by fmviesa004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 16:50:44 -0700 From: Daniel Sneddon To: Jonathan Corbet , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Josh Poimboeuf , Ingo Molnar , Dave Hansen , x86@kernel.org Cc: hpa@zytor.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com Subject: [PATCH 2/2] x86/bugs: Clean-up verw mitigations Date: Mon, 28 Oct 2024 16:50:35 -0700 Message-Id: <20992658d2c79f27de91a474a7b122782be5f04b.1730158506.git.daniel.sneddon@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The current md_clear routines duplicate a lot of code, and have to be called twice because if one of the mitigations gets enabled they all get enabled since it's the same instruction. This approach leads to code duplication and extra complexity. The only piece that really changes between the first call of *_select_mitigation() and the second is X86_FEATURE_CLEAR_CPU_BUF being set. Determine if this feature should be set prior to calling the _select_mitigation() routines. This not only means those functions only get called once, but it also simplifies them as well. Signed-off-by: Daniel Sneddon Reviewed-by: Nikolay Borisov --- arch/x86/include/asm/processor.h | 2 +- arch/x86/kernel/cpu/bugs.c | 206 ++++++++++++------------------- 2 files changed, 81 insertions(+), 127 deletions(-) diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/proces= sor.h index 4a686f0e5dbf..c855cd1a6d57 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -736,7 +736,7 @@ extern enum l1tf_mitigations l1tf_mitigation; =20 enum mds_mitigations { MDS_MITIGATION_OFF, - MDS_MITIGATION_FULL, + MDS_MITIGATION_VERW, MDS_MITIGATION_VMWERV, }; =20 diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b26b3b554330..bbf3a03435f8 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -41,7 +41,6 @@ static void __init spectre_v2_user_select_mitigation(void= ); static void __init ssb_select_mitigation(void); static void __init l1tf_select_mitigation(void); static void __init mds_select_mitigation(void); -static void __init md_clear_update_mitigation(void); static void __init md_clear_select_mitigation(void); static void __init taa_select_mitigation(void); static void __init mmio_select_mitigation(void); @@ -234,32 +233,23 @@ static void x86_amd_ssb_disable(void) =20 /* Default mitigation for MDS-affected CPUs */ static enum mds_mitigations mds_mitigation __ro_after_init =3D - IS_ENABLED(CONFIG_MITIGATION_MDS) ? MDS_MITIGATION_FULL : MDS_MITIGATION_= OFF; + IS_ENABLED(CONFIG_MITIGATION_MDS) ? MDS_MITIGATION_VERW : MDS_MITIGATION_= OFF; static bool mds_nosmt __ro_after_init =3D false; =20 static const char * const mds_strings[] =3D { [MDS_MITIGATION_OFF] =3D "Vulnerable", - [MDS_MITIGATION_FULL] =3D "Mitigation: Clear CPU buffers", + [MDS_MITIGATION_VERW] =3D "Mitigation: Clear CPU buffers", [MDS_MITIGATION_VMWERV] =3D "Vulnerable: Clear CPU buffers attempted, no = microcode", }; =20 static void __init mds_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) { + if (!boot_cpu_has_bug(X86_BUG_MDS)) mds_mitigation =3D MDS_MITIGATION_OFF; - return; - } - - if (mds_mitigation =3D=3D MDS_MITIGATION_FULL) { - if (!boot_cpu_has(X86_FEATURE_MD_CLEAR)) - mds_mitigation =3D MDS_MITIGATION_VMWERV; - - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - - if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) && - (mds_nosmt || cpu_mitigations_auto_nosmt())) - cpu_smt_disable(false); - } + else if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) + mds_mitigation =3D MDS_MITIGATION_VERW; + else + mds_mitigation =3D MDS_MITIGATION_VMWERV; } =20 static int __init mds_cmdline(char *str) @@ -273,9 +263,9 @@ static int __init mds_cmdline(char *str) if (!strcmp(str, "off")) mds_mitigation =3D MDS_MITIGATION_OFF; else if (!strcmp(str, "full")) - mds_mitigation =3D MDS_MITIGATION_FULL; + mds_mitigation =3D MDS_MITIGATION_VERW; else if (!strcmp(str, "full,nosmt")) { - mds_mitigation =3D MDS_MITIGATION_FULL; + mds_mitigation =3D MDS_MITIGATION_VERW; mds_nosmt =3D true; } =20 @@ -316,25 +306,12 @@ static void __init taa_select_mitigation(void) if (!boot_cpu_has(X86_FEATURE_RTM)) { taa_mitigation =3D TAA_MITIGATION_TSX_DISABLED; return; - } - - if (cpu_mitigations_off()) { - taa_mitigation =3D TAA_MITIGATION_OFF; - return; - } - - /* - * TAA mitigation via VERW is turned off if both - * tsx_async_abort=3Doff and mds=3Doff are specified. - */ - if (taa_mitigation =3D=3D TAA_MITIGATION_OFF && - mds_mitigation =3D=3D MDS_MITIGATION_OFF) + } else if (!boot_cpu_has(X86_FEATURE_MD_CLEAR)) { + taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; return; - - if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) + } else { taa_mitigation =3D TAA_MITIGATION_VERW; - else - taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; + } =20 /* * VERW doesn't clear the CPU buffers when MD_CLEAR=3D1 and MDS_NO=3D1. @@ -348,18 +325,6 @@ static void __init taa_select_mitigation(void) if ( (x86_arch_cap_msr & ARCH_CAP_MDS_NO) && !(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR)) taa_mitigation =3D TAA_MITIGATION_UCODE_NEEDED; - - /* - * TSX is enabled, select alternate mitigation for TAA which is - * the same as MDS. Enable MDS static branch to clear CPU buffers. - * - * For guests that can't determine whether the correct microcode is - * present on host, enable the mitigation for UCODE_NEEDED as well. - */ - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - - if (taa_nosmt || cpu_mitigations_auto_nosmt()) - cpu_smt_disable(false); } =20 static int __init tsx_async_abort_parse_cmdline(char *str) @@ -405,24 +370,11 @@ static const char * const mmio_strings[] =3D { =20 static void __init mmio_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) || - boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN) || - cpu_mitigations_off()) { + if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { mmio_mitigation =3D MMIO_MITIGATION_OFF; return; } =20 - if (mmio_mitigation =3D=3D MMIO_MITIGATION_OFF) - return; - - /* - * Enable CPU buffer clear mitigation for host and VMM, if also affected - * by MDS or TAA. Otherwise, enable mitigation for VMM only. - */ - if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) && - boot_cpu_has(X86_FEATURE_RTM))) - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - /* * X86_FEATURE_CLEAR_CPU_BUF could be enabled by other VERW based * mitigations, disable KVM-only mitigation in that case. @@ -454,9 +406,6 @@ static void __init mmio_select_mitigation(void) mmio_mitigation =3D MMIO_MITIGATION_VERW; else mmio_mitigation =3D MMIO_MITIGATION_UCODE_NEEDED; - - if (mmio_nosmt || cpu_mitigations_auto_nosmt()) - cpu_smt_disable(false); } =20 static int __init mmio_stale_data_parse_cmdline(char *str) @@ -501,17 +450,12 @@ static const char * const rfds_strings[] =3D { =20 static void __init rfds_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_RFDS) || cpu_mitigations_off()) { + if (!boot_cpu_has_bug(X86_BUG_RFDS)) rfds_mitigation =3D RFDS_MITIGATION_OFF; - return; - } - if (rfds_mitigation =3D=3D RFDS_MITIGATION_OFF) - return; - - if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR) - setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); - else + else if (!(x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)) rfds_mitigation =3D RFDS_MITIGATION_UCODE_NEEDED; + else + rfds_mitigation =3D RFDS_MITIGATION_VERW; } =20 static __init int rfds_parse_cmdline(char *str) @@ -534,52 +478,12 @@ early_param("reg_file_data_sampling", rfds_parse_cmdl= ine); #undef pr_fmt #define pr_fmt(fmt) "" fmt =20 -static void __init md_clear_update_mitigation(void) +static bool __init cpu_bug_needs_verw(void) { - if (cpu_mitigations_off()) - return; - - if (!boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF)) - goto out; - - /* - * X86_FEATURE_CLEAR_CPU_BUF is now enabled. Update MDS, TAA and MMIO - * Stale Data mitigation, if necessary. - */ - if (mds_mitigation =3D=3D MDS_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_MDS)) { - mds_mitigation =3D MDS_MITIGATION_FULL; - mds_select_mitigation(); - } - if (taa_mitigation =3D=3D TAA_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_TAA)) { - taa_mitigation =3D TAA_MITIGATION_VERW; - taa_select_mitigation(); - } - /* - * MMIO_MITIGATION_OFF is not checked here so that mmio_stale_data_clear - * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state. - */ - if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { - mmio_mitigation =3D MMIO_MITIGATION_VERW; - mmio_select_mitigation(); - } - if (rfds_mitigation =3D=3D RFDS_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_RFDS)) { - rfds_mitigation =3D RFDS_MITIGATION_VERW; - rfds_select_mitigation(); - } -out: - if (boot_cpu_has_bug(X86_BUG_MDS)) - pr_info("MDS: %s\n", mds_strings[mds_mitigation]); - if (boot_cpu_has_bug(X86_BUG_TAA)) - pr_info("TAA: %s\n", taa_strings[taa_mitigation]); - if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) - pr_info("MMIO Stale Data: %s\n", mmio_strings[mmio_mitigation]); - else if (boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN)) - pr_info("MMIO Stale Data: Unknown: No mitigations\n"); - if (boot_cpu_has_bug(X86_BUG_RFDS)) - pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigatio= n]); + return boot_cpu_has_bug(X86_BUG_MDS) || + boot_cpu_has_bug(X86_BUG_TAA) || + boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) || + boot_cpu_has_bug(X86_BUG_RFDS); } =20 static void __init verw_mitigations_check(void) @@ -599,20 +503,70 @@ static void __init verw_mitigations_check(void) } } =20 -static void __init md_clear_select_mitigation(void) +static bool __init verw_mitigations_disabled(void) { verw_mitigations_check(); + /* + * TODO: Create a single mitigation variable that will allow for setting + * the location of the mitigation, i.e.: + * + * kernel->user + * kvm->guest + * kvm->guest if device passthrough + * kernel->idle + */ + return (mds_mitigation =3D=3D MDS_MITIGATION_OFF && + taa_mitigation =3D=3D TAA_MITIGATION_OFF && + mmio_mitigation =3D=3D MMIO_MITIGATION_OFF && + rfds_mitigation =3D=3D RFDS_MITIGATION_OFF); +} + +static void __init md_clear_select_mitigation(void) +{ + if (verw_mitigations_disabled()) + goto out; + + if (!cpu_bug_needs_verw() || cpu_mitigations_off()) { + mds_mitigation =3D MDS_MITIGATION_OFF; + taa_mitigation =3D TAA_MITIGATION_OFF; + mmio_mitigation =3D MMIO_MITIGATION_OFF; + rfds_mitigation =3D RFDS_MITIGATION_OFF; + goto out; + } + mds_select_mitigation(); taa_select_mitigation(); - mmio_select_mitigation(); rfds_select_mitigation(); =20 + if (mds_mitigation =3D=3D MDS_MITIGATION_VERW || + taa_mitigation =3D=3D TAA_MITIGATION_VERW || + rfds_mitigation =3D=3D RFDS_MITIGATION_VERW) + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + /* - * As these mitigations are inter-related and rely on VERW instruction - * to clear the microarchitural buffers, update and print their status - * after mitigation selection is done for each of these vulnerabilities. + * The MMIO mitigation has a dependency on X86_FEATURE_CLEAR_CPU_BUF so + * this must be called after it gets set */ - md_clear_update_mitigation(); + mmio_select_mitigation(); + + if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) && + (mds_nosmt || cpu_mitigations_auto_nosmt())) + cpu_smt_disable(false); + + if (taa_nosmt || mmio_nosmt || cpu_mitigations_auto_nosmt()) + cpu_smt_disable(false); + +out: + if (boot_cpu_has_bug(X86_BUG_MDS)) + pr_info("MDS: %s\n", mds_strings[mds_mitigation]); + if (boot_cpu_has_bug(X86_BUG_TAA)) + pr_info("TAA: %s\n", taa_strings[taa_mitigation]); + if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) + pr_info("MMIO Stale Data: %s\n", mmio_strings[mmio_mitigation]); + else if (boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN)) + pr_info("MMIO Stale Data: Unknown: No mitigations\n"); + if (boot_cpu_has_bug(X86_BUG_RFDS)) + pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigatio= n]); } =20 #undef pr_fmt @@ -1974,7 +1928,7 @@ void cpu_bugs_smt_update(void) } =20 switch (mds_mitigation) { - case MDS_MITIGATION_FULL: + case MDS_MITIGATION_VERW: case MDS_MITIGATION_VMWERV: if (sched_smt_active() && !boot_cpu_has(X86_BUG_MSBDS_ONLY)) pr_warn_once(MDS_MSG_SMT); --=20 2.25.1