[RFC PATCH 15/34] x86/bugs: Restructure ssb mitigation

From: David Kaplan
Date: Thu Sep 12 2024 - 15:13:16 EST

Next message: David Kaplan: "[RFC PATCH 28/34] x86/bugs: Add attack vector controls for retbleed"
Previous message: David Kaplan: "[RFC PATCH 14/34] x86/bugs: Restructure spectre_v2 mitigation"
In reply to: David Kaplan: "[RFC PATCH 14/34] x86/bugs: Restructure spectre_v2 mitigation"
Next in thread: David Kaplan: "[RFC PATCH 28/34] x86/bugs: Add attack vector controls for retbleed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Restructure ssb to use select/apply functions to create consistent
vulnerability handling.

Signed-off-by: David Kaplan <david.kaplan@xxxxxxx>
---
arch/x86/kernel/cpu/bugs.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 32ebe9e934fe..c996c1521851 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -65,6 +65,7 @@ static void __init spectre_v2_user_select_mitigation(void);
static void __init spectre_v2_user_update_mitigation(void);
static void __init spectre_v2_user_apply_mitigation(void);
static void __init ssb_select_mitigation(void);
+static void __init ssb_apply_mitigation(void);
static void __init l1tf_select_mitigation(void);
static void __init mds_select_mitigation(void);
static void __init mds_update_mitigation(void);
@@ -223,6 +224,7 @@ void __init cpu_select_mitigations(void)
spectre_v2_apply_mitigation();
retbleed_apply_mitigation();
spectre_v2_user_apply_mitigation();
+ ssb_apply_mitigation();
mds_apply_mitigation();
taa_apply_mitigation();
mmio_apply_mitigation();
@@ -2211,13 +2213,26 @@ static enum ssb_mitigation __init __ssb_select_mitigation(void)
break;
}

+ return mode;
+}
+
+static void ssb_select_mitigation(void)
+{
+ ssb_mode = __ssb_select_mitigation();
+
+ if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS))
+ pr_info("%s\n", ssb_strings[ssb_mode]);
+}
+
+static void __init ssb_apply_mitigation(void)
+{
/*
* We have three CPU feature flags that are in play here:
* - X86_BUG_SPEC_STORE_BYPASS - CPU is susceptible.
* - X86_FEATURE_SSBD - CPU is able to turn off speculative store bypass
* - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation
*/
- if (mode == SPEC_STORE_BYPASS_DISABLE) {
+ if (ssb_mode == SPEC_STORE_BYPASS_DISABLE) {
setup_force_cpu_cap(X86_FEATURE_SPEC_STORE_BYPASS_DISABLE);
/*
* Intel uses the SPEC CTRL MSR Bit(2) for this, while AMD may
@@ -2232,15 +2247,6 @@ static enum ssb_mitigation __init __ssb_select_mitigation(void)
}
}

- return mode;
-}
-
-static void ssb_select_mitigation(void)
-{
- ssb_mode = __ssb_select_mitigation();
-
- if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS))
- pr_info("%s\n", ssb_strings[ssb_mode]);
}

#undef pr_fmt
--
2.34.1

Next message: David Kaplan: "[RFC PATCH 28/34] x86/bugs: Add attack vector controls for retbleed"
Previous message: David Kaplan: "[RFC PATCH 14/34] x86/bugs: Restructure spectre_v2 mitigation"
In reply to: David Kaplan: "[RFC PATCH 14/34] x86/bugs: Restructure spectre_v2 mitigation"
Next in thread: David Kaplan: "[RFC PATCH 28/34] x86/bugs: Add attack vector controls for retbleed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]