From: Ingo Molnar <mingo@kernel.org>
To: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Daniel Sneddon <daniel.sneddon@linux.intel.com>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Alexandre Chartre <alexandre.chartre@oracle.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Peter Zijlstra <peterz@infradead.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Sean Christopherson <seanjc@google.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Nikolay Borisov <nik.borisov@suse.com>,
KP Singh <kpsingh@kernel.org>, Waiman Long <longman@redhat.com>,
Borislav Petkov <bp@alien8.de>
Subject: Re: [PATCH 7/7] x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI
Date: Thu, 11 Apr 2024 09:48:42 +0200 [thread overview]
Message-ID: <ZheV2ly/LZjpaVTE@gmail.com> (raw)
In-Reply-To: <3833812ea63e7fdbe36bf8b932e63f70d18e2a2a.1712813475.git.jpoimboe@kernel.org>
* Josh Poimboeuf <jpoimboe@kernel.org> wrote:
> For consistency with the other CONFIG_MITIGATION_* options, replace the
> CONFIG_SPECTRE_BHI_{ON,OFF} options with a single
> CONFIG_MITIGATION_SPECTRE_BHI option.
>
> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
> ---
> arch/x86/Kconfig | 17 +++--------------
> arch/x86/kernel/cpu/bugs.c | 2 +-
> 2 files changed, 4 insertions(+), 15 deletions(-)
>
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index b63b6767a63d..4474bf32d0a4 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -2633,27 +2633,16 @@ config MITIGATION_RFDS
> stored in floating point, vector and integer registers.
> See also <file:Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst>
>
> -choice
> - prompt "Clear branch history"
> +config MITIGATION_SPECTRE_BHI
> + bool "Mitigate Spectre-BHB (Branch History Injection)"
> depends on CPU_SUP_INTEL
> - default SPECTRE_BHI_ON
> + default y
> help
> Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks
> where the branch history buffer is poisoned to speculatively steer
> indirect branches.
> See <file:Documentation/admin-guide/hw-vuln/spectre.rst>
>
> -config SPECTRE_BHI_ON
> - bool "on"
> - help
> - Equivalent to setting spectre_bhi=on command line parameter.
> -config SPECTRE_BHI_OFF
> - bool "off"
> - help
> - Equivalent to setting spectre_bhi=off command line parameter.
> -
> -endchoice
> -
> endif
>
> config ARCH_HAS_ADD_PAGES
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index 74ade6d7caa3..4c46fa2d08c2 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -1628,7 +1628,7 @@ enum bhi_mitigations {
> };
>
> static enum bhi_mitigations bhi_mitigation __ro_after_init =
> - IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
> + IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
Uhm, after this patch there's no CONFIG_MITIGATION_SPECTRE_BHI_ON anymore,
which is kindof nasty, as IS_ENABLED() doesn't generate a build failure for
non-existent Kconfig variables IIRC ...
So AFAICT this patch turns on BHI unconditionally.
I've fixed as per the patch below, but please double check the end result
in tip:x86/urgent once I've pushed it out..
Thanks,
Ingo
=====================>
arch/x86/kernel/cpu/bugs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 80d9018da3d2..25111ad388d9 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1628,7 +1628,7 @@ enum bhi_mitigations {
};
static enum bhi_mitigations bhi_mitigation __ro_after_init =
- IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
+ IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
static int __init spectre_bhi_parse_cmdline(char *str)
{
next prev parent reply other threads:[~2024-04-11 7:48 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-11 5:40 [PATCH 0/7] x86/bugs: BHI fixes / improvements Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 1/7] x86/bugs: BHI documentation fixes Josh Poimboeuf
2024-04-11 6:21 ` Nikolay Borisov
2024-04-11 8:40 ` [tip: x86/urgent] x86/bugs: Fix BHI documentation tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 2/7] x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES Josh Poimboeuf
2024-04-11 6:22 ` Nikolay Borisov
2024-04-11 7:32 ` [PATCH 2b/7] x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' Ingo Molnar
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Ingo Molnar
2024-04-11 8:40 ` [tip: x86/urgent] x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 3/7] x86/bugs: Fix BHI handling of RRSBA Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-11 10:02 ` [PATCH 3/7] " Andrew Cooper
2024-04-11 15:34 ` Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 4/7] x86/bugs: Clarify that syscall hardening isn't a BHI mitigation Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 5/7] x86/bugs: Only harden syscalls when needed Josh Poimboeuf
2024-04-11 6:20 ` Nikolay Borisov
2024-04-11 15:08 ` Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-11 10:06 ` [PATCH 5/7] " Andrew Cooper
2024-04-11 15:38 ` Josh Poimboeuf
2024-04-12 10:24 ` Andrew Cooper
2024-04-12 0:15 ` Pawan Gupta
2024-04-12 3:57 ` Josh Poimboeuf
2024-04-12 4:17 ` Josh Poimboeuf
2024-04-12 5:20 ` Josh Poimboeuf
2024-04-12 10:36 ` Andrew Cooper
2024-04-12 20:24 ` Josh Poimboeuf
2024-04-12 5:27 ` Pawan Gupta
2024-04-12 10:07 ` Ingo Molnar
2024-04-12 6:28 ` Pawan Gupta
2024-04-12 6:37 ` Pawan Gupta
2024-04-11 5:40 ` [PATCH 6/7] x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto Josh Poimboeuf
2024-04-11 6:23 ` Nikolay Borisov
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-12 10:12 ` tip-bot2 for Josh Poimboeuf
2024-04-11 5:40 ` [PATCH 7/7] x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI Josh Poimboeuf
2024-04-11 7:48 ` Ingo Molnar [this message]
2024-04-11 8:18 ` Ingo Molnar
2024-04-17 5:35 ` Reinette Chatre
2024-04-11 15:24 ` Josh Poimboeuf
2024-04-11 8:40 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2024-04-12 10:12 ` tip-bot2 for Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZheV2ly/LZjpaVTE@gmail.com \
--to=mingo@kernel.org \
--cc=alexandre.chartre@oracle.com \
--cc=andrew.cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=daniel.sneddon@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=jpoimboe@kernel.org \
--cc=konrad.wilk@oracle.com \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=longman@redhat.com \
--cc=nik.borisov@suse.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.