Re: [PATCH v9 10/14] x86/cpu/keylocker: Check Gather Data Sampling mitigation
From: Pawan Gupta
Date: Fri Mar 29 2024 - 02:57:58 EST
On Thu, Mar 28, 2024 at 06:53:42PM -0700, Chang S. Bae wrote:
> +/*
> + * The mitigation is implemented at a microcode level. Ensure that the
> + * microcode update is applied and the mitigation is locked.
> + */
> +static bool __init have_gds_mitigation(void)
> +{
> + u64 mcu_ctrl;
> +
> + /* GDS_CTRL is set if new microcode is loaded. */
> + if (!(x86_read_arch_cap_msr() & ARCH_CAP_GDS_CTRL))
> + goto vulnerable;
> +
> + /* If GDS_MITG_LOCKED is set, GDS_MITG_DIS is forced to 0. */
> + rdmsrl(MSR_IA32_MCU_OPT_CTRL, mcu_ctrl);
> + if (mcu_ctrl & GDS_MITG_LOCKED)
> + return true;
Similar to RFDS, above checks can be simplified to:
if (gds_mitigation == GDS_MITIGATION_FULL_LOCKED)
return true;
> +
> +vulnerable:
> + pr_warn("x86/keylocker: Susceptible to the GDS vulnerability.\n");
> + return false;
> +}