[RFC PATCH 07/56] x86/bugs: Reset spectre_v2_user mitigations

Next message: David Kaplan: "[RFC PATCH 00/56] Dynamic mitigations"
Previous message: David Kaplan: "[RFC PATCH 05/56] x86/bugs: Reset spectre_v2 mitigations"
In reply to: David Kaplan: "[RFC PATCH 05/56] x86/bugs: Reset spectre_v2 mitigations"
Next in thread: David Kaplan: "[RFC PATCH 06/56] x86/bugs: Reset retbleed mitigations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Kaplan

Date: Mon Oct 13 2025 - 10:35:24 EST

Add function to reset spectre_v2_user mitigations back to their boot-time
defaults.

Signed-off-by: David Kaplan <david.kaplan@xxxxxxx>
---
arch/x86/kernel/cpu/bugs.c | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 1f56ccb5f641..4ca46f58e384 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -2056,6 +2056,18 @@ static void __init spectre_v2_user_apply_mitigation(void)
}
}

+#ifdef CONFIG_DYNAMIC_MITIGATIONS
+static void spectre_v2_user_reset_mitigation(void)
+{
+ static_branch_disable(&switch_vcpu_ibpb);
+ static_branch_disable(&switch_mm_always_ibpb);
+ static_branch_disable(&switch_mm_cond_ibpb);
+ spectre_v2_user_stibp = SPECTRE_V2_USER_NONE;
+ spectre_v2_user_ibpb = SPECTRE_V2_USER_NONE;
+ spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_AUTO;
+}
+#endif
+
static const char * const spectre_v2_strings[] = {
[SPECTRE_V2_NONE] = "Vulnerable",
[SPECTRE_V2_RETPOLINE] = "Mitigation: Retpolines",
@@ -3844,5 +3856,6 @@ void arch_cpu_reset_mitigations(void)
spectre_v1_reset_mitigation();
spectre_v2_reset_mitigation();
retbleed_reset_mitigation();
+ spectre_v2_user_reset_mitigation();
}
#endif
--
2.34.1