From: Josh Poimboeuf <jpoimboe@kernel.org>
To: x86@kernel.org
Cc: linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Daniel Sneddon <daniel.sneddon@linux.intel.com>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Alexandre Chartre <alexandre.chartre@oracle.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Peter Zijlstra <peterz@infradead.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Sean Christopherson <seanjc@google.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Nikolay Borisov <nik.borisov@suse.com>,
KP Singh <kpsingh@kernel.org>, Waiman Long <longman@redhat.com>,
Borislav Petkov <bp@alien8.de>
Subject: [PATCH 6/7] x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto
Date: Wed, 10 Apr 2024 22:40:50 -0700 [thread overview]
Message-ID: <412e9dc87971b622bbbaf64740ebc1f140bff343.1712813475.git.jpoimboe@kernel.org> (raw)
In-Reply-To: <cover.1712813475.git.jpoimboe@kernel.org>
Unlike most other mitigations' "auto" options, spectre_bhi=auto only
mitigates newer systems, which is confusing and not particularly useful.
Remove it.
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
---
Documentation/admin-guide/hw-vuln/spectre.rst | 4 ----
Documentation/admin-guide/kernel-parameters.txt | 3 ---
arch/x86/Kconfig | 5 -----
arch/x86/kernel/cpu/bugs.c | 10 +---------
4 files changed, 1 insertion(+), 21 deletions(-)
diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
index 5a39acf82483..25a04cda4c2c 100644
--- a/Documentation/admin-guide/hw-vuln/spectre.rst
+++ b/Documentation/admin-guide/hw-vuln/spectre.rst
@@ -669,10 +669,6 @@ kernel command line.
needed.
off
Disable the mitigation.
- auto
- Enable the HW mitigation if needed, but
- *don't* enable the SW mitigation except for KVM.
- The system may be vulnerable.
For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index a3874cc97892..902ecd92a29f 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -6072,9 +6072,6 @@
on - (default) Enable the HW or SW mitigation
as needed.
off - Disable the mitigation.
- auto - Enable the HW mitigation if needed, but
- *don't* enable the SW mitigation except
- for KVM. The system may be vulnerable.
spectre_v2= [X86,EARLY] Control mitigation of Spectre variant 2
(indirect branch speculation) vulnerability.
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 10a6251f58f3..b63b6767a63d 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2651,11 +2651,6 @@ config SPECTRE_BHI_OFF
bool "off"
help
Equivalent to setting spectre_bhi=off command line parameter.
-config SPECTRE_BHI_AUTO
- bool "auto"
- depends on BROKEN
- help
- Equivalent to setting spectre_bhi=auto command line parameter.
endchoice
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index efffd87381b1..74ade6d7caa3 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1625,13 +1625,10 @@ static bool __init spec_ctrl_bhi_dis(void)
enum bhi_mitigations {
BHI_MITIGATION_OFF,
BHI_MITIGATION_ON,
- BHI_MITIGATION_AUTO,
};
static enum bhi_mitigations bhi_mitigation __ro_after_init =
- IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON :
- IS_ENABLED(CONFIG_SPECTRE_BHI_OFF) ? BHI_MITIGATION_OFF :
- BHI_MITIGATION_AUTO;
+ IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
static int __init spectre_bhi_parse_cmdline(char *str)
{
@@ -1642,8 +1639,6 @@ static int __init spectre_bhi_parse_cmdline(char *str)
bhi_mitigation = BHI_MITIGATION_OFF;
else if (!strcmp(str, "on"))
bhi_mitigation = BHI_MITIGATION_ON;
- else if (!strcmp(str, "auto"))
- bhi_mitigation = BHI_MITIGATION_AUTO;
else
pr_err("Ignoring unknown spectre_bhi option (%s)", str);
@@ -1682,9 +1677,6 @@ static void __init bhi_select_mitigation(void)
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT);
pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n");
- if (bhi_mitigation == BHI_MITIGATION_AUTO)
- return;
-
/* Mitigate syscalls when the mitigation is forced =on */
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP);
pr_info("Spectre BHI mitigation: SW BHB clearing on syscall\n");
--
2.44.0
next prev parent reply other threads:[~2024-04-11 5:42 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-11 5:40 [PATCH 0/7] x86/bugs: BHI fixes / improvements Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 1/7] x86/bugs: BHI documentation fixes Josh Poimboeuf
2024-04-11 6:21 ` Nikolay Borisov
2024-04-11 8:40 ` [tip: x86/urgent] x86/bugs: Fix BHI documentation tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 2/7] x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES Josh Poimboeuf
2024-04-11 6:22 ` Nikolay Borisov
2024-04-11 7:32 ` [PATCH 2b/7] x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' Ingo Molnar
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Ingo Molnar
2024-04-11 8:40 ` [tip: x86/urgent] x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 3/7] x86/bugs: Fix BHI handling of RRSBA Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-11 10:02 ` [PATCH 3/7] " Andrew Cooper
2024-04-11 15:34 ` Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 4/7] x86/bugs: Clarify that syscall hardening isn't a BHI mitigation Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 5/7] x86/bugs: Only harden syscalls when needed Josh Poimboeuf
2024-04-11 6:20 ` Nikolay Borisov
2024-04-11 15:08 ` Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-11 10:06 ` [PATCH 5/7] " Andrew Cooper
2024-04-11 15:38 ` Josh Poimboeuf
2024-04-12 10:24 ` Andrew Cooper
2024-04-12 0:15 ` Pawan Gupta
2024-04-12 3:57 ` Josh Poimboeuf
2024-04-12 4:17 ` Josh Poimboeuf
2024-04-12 5:20 ` Josh Poimboeuf
2024-04-12 10:36 ` Andrew Cooper
2024-04-12 20:24 ` Josh Poimboeuf
2024-04-12 5:27 ` Pawan Gupta
2024-04-12 10:07 ` Ingo Molnar
2024-04-12 6:28 ` Pawan Gupta
2024-04-12 6:37 ` Pawan Gupta
2024-04-11 5:40 ` Josh Poimboeuf [this message]
2024-04-11 6:23 ` [PATCH 6/7] x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto Nikolay Borisov
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-12 10:12 ` tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 7/7] x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI Josh Poimboeuf
2024-04-11 7:48 ` Ingo Molnar
2024-04-11 8:18 ` Ingo Molnar
2024-04-17 5:35 ` Reinette Chatre
2024-04-11 15:24 ` Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-12 10:12 ` tip-bot2 for Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=412e9dc87971b622bbbaf64740ebc1f140bff343.1712813475.git.jpoimboe@kernel.org \
--to=jpoimboe@kernel.org \
--cc=alexandre.chartre@oracle.com \
--cc=andrew.cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=daniel.sneddon@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=konrad.wilk@oracle.com \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=longman@redhat.com \
--cc=nik.borisov@suse.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.