| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Jun 2023 09:44:16 -0700
From: Breno Leitao <leitao@...ian.org>
To: pawan.kumar.gupta@...ux.intel.com, jpoimboe@...nel.org,
peterz@...radead.org, tglx@...utronix.de, bp@...en8.de,
Ingo Molnar <mingo@...hat.com>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>
Cc: leit@...com, linux-kernel@...r.kernel.org
Subject: [PATCH 1/2] x86/speculation: Disable mitigations if CONFIG says so
There is no way to disable certain mitigations(MDS, TAA, MMIO) today.
They are enabled even when the kernel has
CONFIG_SPECULATION_MITIGATIONS=n.
Create a function that says if the speculative mitigations are enabled
or not. They should use CONFIG_SPECULATION_MITIGATIONS as one source of
information.
Just enable MDS, TAA, MMIO mitigations if speculative mitigations are
enabled.
Signed-off-by: Breno Leitao <leitao@...ian.org>
---
arch/x86/kernel/cpu/bugs.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 182af64387d0..703649a29181 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -87,6 +87,12 @@ void update_spec_ctrl_cond(u64 val)
wrmsrl(MSR_IA32_SPEC_CTRL, val);
}
+static inline bool cpu_speculative_mitigations_off(void)
+{
+ return cpu_mitigations_off() ||
+ !IS_ENABLED(CONFIG_SPECULATION_MITIGATIONS);
+}
+
noinstr u64 spec_ctrl_current(void)
{
return this_cpu_read(x86_spec_ctrl_current);
@@ -278,7 +284,7 @@ static const char * const mds_strings[] = {
static void __init mds_select_mitigation(void)
{
- if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) {
+ if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_speculative_mitigations_off()) {
mds_mitigation = MDS_MITIGATION_OFF;
return;
}
@@ -352,7 +358,7 @@ static void __init taa_select_mitigation(void)
return;
}
- if (cpu_mitigations_off()) {
+ if (cpu_speculative_mitigations_off()) {
taa_mitigation = TAA_MITIGATION_OFF;
return;
}
@@ -443,7 +449,7 @@ static void __init mmio_select_mitigation(void)
if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) ||
boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN) ||
- cpu_mitigations_off()) {
+ cpu_speculative_mitigations_off()) {
mmio_mitigation = MMIO_MITIGATION_OFF;
return;
}
@@ -516,7 +522,7 @@ early_param("mmio_stale_data", mmio_stale_data_parse_cmdline);
static void __init md_clear_update_mitigation(void)
{
- if (cpu_mitigations_off())
+ if (cpu_speculative_mitigations_off())
return;
if (!static_key_enabled(&mds_user_clear))
--
2.34.1
Powered by blists - more mailing lists