mirrors/linux
2
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-05-14 02:59:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

x86/bugs: Restructure SRBDS mitigation

Browse Source 
Restructure SRBDS to use select/apply functions to create consistent
vulnerability handling.

Define new AUTO mitigation for SRBDS.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Link: https://lore.kernel.org/20250418161721.1855190-7-david.kaplan@amd.com
This commit is contained in:
David Kaplan
2025-04-18 11:17:11 -05:00
committed by Borislav Petkov (AMD)
parent 6f0960a760
commit 2178ac58e1
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
arch/x86/kernel/cpu/bugs.c
View File

@@ -72,6 +72,7 @@ static void __init rfds_select_mitigation(void);
static void __init rfds_update_mitigation(void);
static void __init rfds_apply_mitigation(void);
static void __init srbds_select_mitigation(void);
static void __init srbds_apply_mitigation(void);
static void __init l1d_flush_select_mitigation(void);
static void __init srso_select_mitigation(void);
static void __init gds_select_mitigation(void);
@@ -225,6 +226,7 @@ void __init cpu_select_mitigations(void)
taa_apply_mitigation();
mmio_apply_mitigation();
rfds_apply_mitigation();
srbds_apply_mitigation();
}
/*
@@ -693,6 +695,7 @@ early_param("reg_file_data_sampling", rfds_parse_cmdline);
enum srbds_mitigations {
SRBDS_MITIGATION_OFF,
SRBDS_MITIGATION_AUTO,
SRBDS_MITIGATION_UCODE_NEEDED,
SRBDS_MITIGATION_FULL,
SRBDS_MITIGATION_TSX_OFF,
@@ -700,7 +703,7 @@ enum srbds_mitigations {
};
static enum srbds_mitigations srbds_mitigation __ro_after_init =
IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_FULL : SRBDS_MITIGATION_OFF;
IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_AUTO : SRBDS_MITIGATION_OFF;
static const char * const srbds_strings[] = {
[SRBDS_MITIGATION_OFF] = "Vulnerable",
@@ -751,8 +754,13 @@ void update_srbds_msr(void)
static void __init srbds_select_mitigation(void)
{
if (!boot_cpu_has_bug(X86_BUG_SRBDS))
if (!boot_cpu_has_bug(X86_BUG_SRBDS) || cpu_mitigations_off()) {
srbds_mitigation = SRBDS_MITIGATION_OFF;
return;
}
if (srbds_mitigation == SRBDS_MITIGATION_AUTO)
srbds_mitigation = SRBDS_MITIGATION_FULL;
/*
* Check to see if this is one of the MDS_NO systems supporting TSX that
@@ -766,13 +774,17 @@ static void __init srbds_select_mitigation(void)
srbds_mitigation = SRBDS_MITIGATION_HYPERVISOR;
else if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL))
srbds_mitigation = SRBDS_MITIGATION_UCODE_NEEDED;
else if (cpu_mitigations_off() || srbds_off)
else if (srbds_off)
srbds_mitigation = SRBDS_MITIGATION_OFF;
update_srbds_msr();
pr_info("%s\n", srbds_strings[srbds_mitigation]);
}
static void __init srbds_apply_mitigation(void)
{
update_srbds_msr();
}
static int __init srbds_parse_cmdline(char *str)
{
if (!str)