Re: [PATCH v5 3/3] x86/bugs: Add 'spectre_bhi=vmexit' cmdline option
From: Josh Poimboeuf
Date: Thu May 09 2024 - 01:24:55 EST
On Wed, May 08, 2024 at 06:10:21PM +0300, Nikolay Borisov wrote:
> > @@ -1659,19 +1662,22 @@ static void __init bhi_select_mitigation(void)
> > return;
> > }
> > + /* Mitigate in hardware if supported */
> > if (spec_ctrl_bhi_dis())
> > return;
> > if (!IS_ENABLED(CONFIG_X86_64))
> > return;
> > - /* Mitigate KVM by default */
> > - setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT);
> > - pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n");
> > + if (bhi_mitigation == BHI_MITIGATION_VMEXIT_ONLY) {
> > + pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit only\n");
> > + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT);
> > + return;
> > + }
>
> nit: How about setting CLEAR_BHB_LOOP_ON_VMEXIT unconditionally, then
> afterwards checking if MITIGATION_VMEXIT_ONLY is set and if yes simply
> return, that way you don't duplicate the setup of the VMEXIT code
I think the duplication actually makes it more readable. In both cases
it puts the setting of the features together along with the
corresponding pr_info().
--
Josh