Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1709284f authored by Josh Poimboeuf's avatar Josh Poimboeuf Committed by Greg Kroah-Hartman
Browse files

x86/speculation: Support 'mitigations=' cmdline option 



commit d68be4c4d31295ff6ae34a8ddfaa4c1a8ff42812 upstream.

Configure x86 runtime CPU speculation bug mitigations in accordance with
the 'mitigations=' cmdline option.  This affects Meltdown, Spectre v2,
Speculative Store Bypass, and L1TF.

The default behavior is unchanged.

Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Tested-by: Jiri Kosina <jkosina@suse.cz> (on x86)
Reviewed-by: default avatarJiri Kosina <jkosina@suse.cz>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H . Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Jiri Kosina <jikos@kernel.org>
Cc: Waiman Long <longman@redhat.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Jon Masters <jcm@redhat.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: linuxppc-dev@lists.ozlabs.org
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: linux-s390@vger.kernel.org
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-arch@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Steven Price <steven.price@arm.com>
Cc: Phil Auld <pauld@redhat.com>
Link: https://lkml.kernel.org/r/6616d0ae169308516cfdf5216bedd169f8a8291b.1555085500.git.jpoimboe@redhat.com


[bwh: Backported to 4.9: adjust filenames, context]
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent edda9c38

Documentation/kernel-parameters.txt

+11 −5
Original line number Diff line number Diff line
@@ -2474,15 +2474,20 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
			http://repo.or.cz/w/linux-2.6/mini2440.git



	mitigations=

			Control optional mitigations for CPU vulnerabilities.

			This is a set of curated, arch-independent options, each

			of which is an aggregation of existing arch-specific

			options.

			[X86] Control optional mitigations for CPU

			vulnerabilities.  This is a set of curated,

			arch-independent options, each of which is an

			aggregation of existing arch-specific options.



			off

				Disable all optional CPU mitigations.  This

				improves system performance, but it may also

				expose users to several CPU vulnerabilities.

				Equivalent to: nopti [X86]

					       nospectre_v2 [X86]

					       spectre_v2_user=off [X86]

					       spec_store_bypass_disable=off [X86]

					       l1tf=off [X86]



			auto (default)

				Mitigate all CPU vulnerabilities, but leave SMT
@@ -2490,12 +2495,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
				users who don't want to be surprised by SMT

				getting disabled across kernel upgrades, or who

				have other ways of avoiding SMT-based attacks.

				This is the default behavior.

				Equivalent to: (default behavior)



			auto,nosmt

				Mitigate all CPU vulnerabilities, disabling SMT

				if needed.  This is for users who always want to

				be fully mitigated, even if it means losing SMT.

				Equivalent to: l1tf=flush,nosmt [X86]



	mminit_loglevel=

			[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this

arch/x86/kernel/cpu/bugs.c

+9 −2
Original line number Diff line number Diff line
@@ -500,7 +500,8 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) 
	char arg[20];

	int ret, i;



	if (cmdline_find_option_bool(boot_command_line, "nospectre_v2"))

	if (cmdline_find_option_bool(boot_command_line, "nospectre_v2") ||

	    cpu_mitigations_off())

		return SPECTRE_V2_CMD_NONE;



	ret = cmdline_find_option(boot_command_line, "spectre_v2", arg, sizeof(arg));
@@ -764,7 +765,8 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) 
	char arg[20];

	int ret, i;



	if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disable")) {

	if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disable") ||

	    cpu_mitigations_off()) {

		return SPEC_STORE_BYPASS_CMD_NONE;

	} else {

		ret = cmdline_find_option(boot_command_line, "spec_store_bypass_disable",
@@ -1085,6 +1087,11 @@ static void __init l1tf_select_mitigation(void) 
	if (!boot_cpu_has_bug(X86_BUG_L1TF))

		return;



	if (cpu_mitigations_off())

		l1tf_mitigation = L1TF_MITIGATION_OFF;

	else if (cpu_mitigations_auto_nosmt())

		l1tf_mitigation = L1TF_MITIGATION_FLUSH_NOSMT;



	override_cache_bits(&boot_cpu_data);



	switch (l1tf_mitigation) {

arch/x86/mm/kaiser.c

+3 −1
Original line number Diff line number Diff line
@@ -9,6 +9,7 @@ 
#include <linux/spinlock.h>

#include <linux/mm.h>

#include <linux/uaccess.h>

#include <linux/cpu.h>



#undef pr_fmt

#define pr_fmt(fmt)     "Kernel/User page tables isolation: " fmt
@@ -297,7 +298,8 @@ void __init kaiser_check_boottime_disable(void) 
			goto skip;

	}



	if (cmdline_find_option_bool(boot_command_line, "nopti"))

	if (cmdline_find_option_bool(boot_command_line, "nopti") ||

	    cpu_mitigations_off())

		goto disable;



skip: