| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250915134706.3201818-6-david.kaplan@amd.com>
Date: Mon, 15 Sep 2025 08:47:04 -0500
From: David Kaplan <david.kaplan@....com>
To: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar
<mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>,
<x86@...nel.org>, "H . Peter Anvin" <hpa@...or.com>
CC: <linux-kernel@...r.kernel.org>
Subject: [PATCH v3 5/7] x86/bugs: Fix spectre_v2 forcing
There were two oddities with spectre_v2 command line options.
First, any option other than 'off' or 'auto' would force spectre_v2
mitigations even if the CPU (hypothetically) wasn't vulnerable to
spectre_v2. That was inconsistent with all the other bugs where
mitigations are ignored unless an explicit 'force' option is specified.
Second, even though spectre_v2 mitigations would be enabled in these cases,
the X86_BUG_SPECTRE_V2 bit wasn't set. This is again inconsistent with the
forcing behavior of other bugs and arguably incorrect as it doesn't make
sense to enable a mitigation if the X86_BUG bit isn't set.
Fix both issues by only forcing spectre_v2 mitigations when the
'spectre_v2=on' option is specified (which was already called
SPECTRE_V2_CMD_FORCE) and setting the relevant X86_BUG_* bits in that case.
This also allows for simplifying bhi_update_mitigation() because
spectre_v2_cmd will now always be SPECTRE_V2_CMD_NONE if the CPU is immune
to spectre_v2.
Signed-off-by: David Kaplan <david.kaplan@....com>
---
arch/x86/kernel/cpu/bugs.c | 36 ++++++++++++++++++------------------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index d52600b89d60..317c26e08827 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -2057,29 +2057,32 @@ static int __init spectre_v2_parse_cmdline(char *str)
if (nospectre_v2)
return 0;
- if (!strcmp(str, "off"))
+ if (!strcmp(str, "off")) {
spectre_v2_cmd = SPECTRE_V2_CMD_NONE;
- else if (!strcmp(str, "on"))
+ } else if (!strcmp(str, "on")) {
spectre_v2_cmd = SPECTRE_V2_CMD_FORCE;
- else if (!strcmp(str, "retpoline"))
+ setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
+ setup_force_cpu_bug(X86_BUG_SPECTRE_V2_USER);
+ } else if (!strcmp(str, "retpoline")) {
spectre_v2_cmd = SPECTRE_V2_CMD_RETPOLINE;
- else if (!strcmp(str, "retpoline,amd") ||
- !strcmp(str, "retpoline,lfence"))
+ } else if (!strcmp(str, "retpoline,amd") ||
+ !strcmp(str, "retpoline,lfence")) {
spectre_v2_cmd = SPECTRE_V2_CMD_RETPOLINE_LFENCE;
- else if (!strcmp(str, "retpoline,generic"))
+ } else if (!strcmp(str, "retpoline,generic")) {
spectre_v2_cmd = SPECTRE_V2_CMD_RETPOLINE_GENERIC;
- else if (!strcmp(str, "eibrs"))
+ } else if (!strcmp(str, "eibrs")) {
spectre_v2_cmd = SPECTRE_V2_CMD_EIBRS;
- else if (!strcmp(str, "eibrs,lfence"))
+ } else if (!strcmp(str, "eibrs,lfence")) {
spectre_v2_cmd = SPECTRE_V2_CMD_EIBRS_LFENCE;
- else if (!strcmp(str, "eibrs,retpoline"))
+ } else if (!strcmp(str, "eibrs,retpoline")) {
spectre_v2_cmd = SPECTRE_V2_CMD_EIBRS_RETPOLINE;
- else if (!strcmp(str, "auto"))
+ } else if (!strcmp(str, "auto")) {
spectre_v2_cmd = SPECTRE_V2_CMD_AUTO;
- else if (!strcmp(str, "ibrs"))
+ } else if (!strcmp(str, "ibrs")) {
spectre_v2_cmd = SPECTRE_V2_CMD_IBRS;
- else
+ } else {
pr_err("Ignoring unknown spectre_v2 option (%s).", str);
+ }
return 0;
}
@@ -2232,10 +2235,6 @@ static void __init bhi_update_mitigation(void)
{
if (spectre_v2_cmd == SPECTRE_V2_CMD_NONE)
bhi_mitigation = BHI_MITIGATION_OFF;
-
- if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2) &&
- spectre_v2_cmd == SPECTRE_V2_CMD_AUTO)
- bhi_mitigation = BHI_MITIGATION_OFF;
}
static void __init bhi_apply_mitigation(void)
@@ -2321,9 +2320,10 @@ static void __init spectre_v2_select_mitigation(void)
{
spectre_v2_check_cmd();
- if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2) &&
- (spectre_v2_cmd == SPECTRE_V2_CMD_NONE || spectre_v2_cmd == SPECTRE_V2_CMD_AUTO))
+ if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2)) {
+ spectre_v2_cmd = SPECTRE_V2_CMD_NONE;
return;
+ }
switch (spectre_v2_cmd) {
case SPECTRE_V2_CMD_NONE:
--
2.34.1
Powered by blists - more mailing lists