| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <pl56rfs34temiqmi5guqcnfivrpc7eeq2435btjimtnhaawj7t@2zqh7eufl34c> Date: Thu, 10 Apr 2025 10:08:47 -0700 From: Josh Poimboeuf <jpoimboe@...nel.org> To: David Kaplan <david.kaplan@....com> Cc: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>, Peter Zijlstra <peterz@...radead.org>, Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "H . Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org, Brendan Jackman <jackmanb@...gle.com>, Derek Manwaring <derekmn@...zon.com> Subject: Re: [PATCH v4 13/36] x86/bugs: Restructure spectre_v2 mitigation On Mon, Mar 10, 2025 at 11:40:00AM -0500, David Kaplan wrote: > Restructure spectre_v2 to use select/update/apply functions to create > consistent vulnerability handling. > > The spectre_v2 mitigation may be updated based on the selected retbleed > mitigation. > > Signed-off-by: David Kaplan <david.kaplan@....com> > --- > arch/x86/kernel/cpu/bugs.c | 79 +++++++++++++++++++++++--------------- > 1 file changed, 48 insertions(+), 31 deletions(-) > > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index 96cb2ac70245..b4a72ddf159c 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -56,6 +56,8 @@ > static void __init spectre_v1_select_mitigation(void); > static void __init spectre_v1_apply_mitigation(void); > static void __init spectre_v2_select_mitigation(void); > +static void __init spectre_v2_update_mitigation(void); > +static void __init spectre_v2_apply_mitigation(void); > static void __init retbleed_select_mitigation(void); > static void __init retbleed_update_mitigation(void); > static void __init retbleed_apply_mitigation(void); > @@ -212,7 +214,12 @@ void __init cpu_select_mitigations(void) > /* > * After mitigations are selected, some may need to update their > * choices. > + * > + * Note that retbleed_update_mitigation() relies on the state set by > + * spectre_v2_update_mitigation(); specifically it wants to know about > + * spectre_v2=ibrs. > */ > + spectre_v2_update_mitigation(); > retbleed_update_mitigation(); I'd suggest moving that dependency comment to above retbleed_update_mitigaton() and making it more concise: /* * After mitigations are selected, some may need to update their * choices. */ spectre_v2_update_mitigation(); /* retbleed_update_mitigation() depends on spectre_v2_update_mitigation() */ retbleed_update_mitigation(); -- Josh
Powered by blists - more mailing lists