mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-04-08 19:56:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

x86/bugs: Use early_param() for spectre_v2_user

Browse Source 
Most of the mitigations in bugs.c use early_param() to parse their command
line options.  Modify spectre_v2_user to use early_param() for consistency.

Remove spec_v2_user_print_cond() because informing a user about their
cmdline choice isn't very interesting and the chosen mitigation is already
printed in spectre_v2_user_update_mitigation().

Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Link: https://lore.kernel.org/r/20250819192200.2003074-2-david.kaplan@amd.com
This commit is contained in:
David Kaplan
2025-09-15 08:47:00 -05:00
committed by Borislav Petkov (AMD)
parent 5799d5d8a6
commit 8edb9e7711
1 changed files with 28 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
arch/x86/kernel/cpu/bugs.c
View File

@@ -1847,7 +1847,7 @@ enum spectre_v2_mitigation_cmd {
static enum spectre_v2_mitigation_cmd spectre_v2_cmd __ro_after_init = SPECTRE_V2_CMD_AUTO;
enum spectre_v2_user_cmd {
enum spectre_v2_user_mitigation_cmd {
SPECTRE_V2_USER_CMD_NONE,
SPECTRE_V2_USER_CMD_AUTO,
SPECTRE_V2_USER_CMD_FORCE,
@@ -1857,6 +1857,9 @@ enum spectre_v2_user_cmd {
SPECTRE_V2_USER_CMD_SECCOMP_IBPB,
};
static enum spectre_v2_user_mitigation_cmd spectre_v2_user_cmd __ro_after_init =
IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? SPECTRE_V2_USER_CMD_AUTO : SPECTRE_V2_USER_CMD_NONE;
static const char * const spectre_v2_user_strings[] = {
[SPECTRE_V2_USER_NONE] = "User space: Vulnerable",
[SPECTRE_V2_USER_STRICT] = "User space: Mitigation: STIBP protection",
@@ -1865,50 +1868,31 @@ static const char * const spectre_v2_user_strings[] = {
[SPECTRE_V2_USER_SECCOMP] = "User space: Mitigation: STIBP via seccomp and prctl",
};
static const struct {
const char *option;
enum spectre_v2_user_cmd cmd;
bool secure;
} v2_user_options[] __initconst = {
{ "auto", SPECTRE_V2_USER_CMD_AUTO, false },
{ "off", SPECTRE_V2_USER_CMD_NONE, false },
{ "on", SPECTRE_V2_USER_CMD_FORCE, true },
{ "prctl", SPECTRE_V2_USER_CMD_PRCTL, false },
{ "prctl,ibpb", SPECTRE_V2_USER_CMD_PRCTL_IBPB, false },
{ "seccomp", SPECTRE_V2_USER_CMD_SECCOMP, false },
{ "seccomp,ibpb", SPECTRE_V2_USER_CMD_SECCOMP_IBPB, false },
};
static void __init spec_v2_user_print_cond(const char *reason, bool secure)
static int __init spectre_v2_user_parse_cmdline(char *str)
{
if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2) != secure)
pr_info("spectre_v2_user=%s forced on command line.\n", reason);
}
static enum spectre_v2_user_cmd __init spectre_v2_parse_user_cmdline(void)
{
char arg[20];
int ret, i;
if (!IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2))
return SPECTRE_V2_USER_CMD_NONE;
ret = cmdline_find_option(boot_command_line, "spectre_v2_user",
arg, sizeof(arg));
if (ret < 0)
return SPECTRE_V2_USER_CMD_AUTO;
for (i = 0; i < ARRAY_SIZE(v2_user_options); i++) {
if (match_option(arg, ret, v2_user_options[i].option)) {
spec_v2_user_print_cond(v2_user_options[i].option,
v2_user_options[i].secure);
return v2_user_options[i].cmd;
}
}
pr_err("Unknown user space protection option (%s). Switching to default\n", arg);
return SPECTRE_V2_USER_CMD_AUTO;
if (!str)
return -EINVAL;
if (!strcmp(str, "auto"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_AUTO;
else if (!strcmp(str, "off"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_NONE;
else if (!strcmp(str, "on"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_FORCE;
else if (!strcmp(str, "prctl"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL;
else if (!strcmp(str, "prctl,ibpb"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL_IBPB;
else if (!strcmp(str, "seccomp"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP;
else if (!strcmp(str, "seccomp,ibpb"))
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP_IBPB;
else
pr_err("Ignoring unknown spectre_v2_user option (%s).", str);
return 0;
}
early_param("spectre_v2_user", spectre_v2_user_parse_cmdline);
static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode)
{
@@ -1920,7 +1904,7 @@ static void __init spectre_v2_user_select_mitigation(void)
if (!boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_STIBP))
return;
switch (spectre_v2_parse_user_cmdline()) {
switch (spectre_v2_user_cmd) {
case SPECTRE_V2_USER_CMD_NONE:
return;
case SPECTRE_V2_USER_CMD_FORCE: