[RFC PATCH 06/34] x86/bugs: Restructure rfds mitigation
From: David Kaplan
Date: Thu Sep 12 2024 - 15:10:33 EST
Restructure rfds mitigation to use select/update/apply functions to
create consistent vulnerability handling.
Signed-off-by: David Kaplan <david.kaplan@xxxxxxx>
---
arch/x86/kernel/cpu/bugs.c | 38 +++++++++++++++++++++++++++++++-------
1 file changed, 31 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 0b93a0f030b7..d3e6ce7238e4 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -70,6 +70,9 @@ static void __init taa_apply_mitigation(void);
static void __init mmio_select_mitigation(void);
static void __init mmio_update_mitigation(void);
static void __init mmio_apply_mitigation(void);
+static void __init rfds_select_mitigation(void);
+static void __init rfds_update_mitigation(void);
+static void __init rfds_apply_mitigation(void);
static void __init srbds_select_mitigation(void);
static void __init l1d_flush_select_mitigation(void);
static void __init srso_select_mitigation(void);
@@ -193,6 +196,7 @@ void __init cpu_select_mitigations(void)
mds_select_mitigation();
taa_select_mitigation();
mmio_select_mitigation();
+ rfds_select_mitigation();
md_clear_select_mitigation();
srbds_select_mitigation();
l1d_flush_select_mitigation();
@@ -211,10 +215,12 @@ void __init cpu_select_mitigations(void)
mds_update_mitigation();
taa_update_mitigation();
mmio_update_mitigation();
+ rfds_update_mitigation();
mds_apply_mitigation();
taa_apply_mitigation();
mmio_apply_mitigation();
+ rfds_apply_mitigation();
}
/*
@@ -595,9 +601,6 @@ static int __init mmio_stale_data_parse_cmdline(char *str)
}
early_param("mmio_stale_data", mmio_stale_data_parse_cmdline);
-#undef pr_fmt
-#define pr_fmt(fmt) "Register File Data Sampling: " fmt
-
static const char * const rfds_strings[] = {
[RFDS_MITIGATION_OFF] = "Vulnerable",
[RFDS_MITIGATION_VERW] = "Mitigation: Clear Register File",
@@ -613,12 +616,34 @@ static void __init rfds_select_mitigation(void)
if (rfds_mitigation == RFDS_MITIGATION_OFF)
return;
- if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)
- setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
- else
+ if (rfds_mitigation == RFDS_MITIGATION_AUTO)
+ rfds_mitigation = RFDS_MITIGATION_VERW;
+
+ if (!(x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR))
rfds_mitigation = RFDS_MITIGATION_UCODE_NEEDED;
}
+static void __init rfds_update_mitigation(void)
+{
+ if (!boot_cpu_has_bug(X86_BUG_RFDS))
+ return;
+
+ if (mds_mitigation != MDS_MITIGATION_OFF ||
+ taa_mitigation != TAA_MITIGATION_OFF ||
+ mmio_mitigation != MMIO_MITIGATION_OFF)
+ rfds_mitigation = RFDS_MITIGATION_VERW;
+
+ pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigation]);
+}
+
+static void __init rfds_apply_mitigation(void)
+{
+ if (rfds_mitigation == RFDS_MITIGATION_VERW) {
+ if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)
+ setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
+ }
+}
+
static __init int rfds_parse_cmdline(char *str)
{
if (!str)
@@ -689,7 +714,6 @@ static void __init md_clear_update_mitigation(void)
static void __init md_clear_select_mitigation(void)
{
- rfds_select_mitigation();
/*
* As these mitigations are inter-related and rely on VERW instruction
--
2.34.1