From patchwork Thu Oct 19 18:11:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155672 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp567624vqb; Thu, 19 Oct 2023 11:12:30 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFw9p+e+W3dmOkKHZh9SXqOMKPbMLsB4qlgfub6BbeiI7kHRCmefQQDMCCi0AfUfz/Taecf X-Received: by 2002:a05:6a21:788a:b0:164:e94b:d3ae with SMTP id bf10-20020a056a21788a00b00164e94bd3aemr3185423pzc.54.1697739150625; Thu, 19 Oct 2023 11:12:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697739150; cv=none; d=google.com; s=arc-20160816; b=iLih7P4BXyeN3r2m/bIbU9QKmjB1Hc4IdxK1fbTHshRQ6VQ/qEpB6D4IYd88E7GR6N WX1eo32gz7wDxfqeWqL2PjnKUr3Lq5rDPZLqd/w0Vm7xsLmypvQhMx4tffTEAwW0C6Ts YfRFUWvAT2SgXbK1wRuSfHqYIXNnG97Ag5NKhQ9kQsF1en+0JyjoFTbTWEDuDKIjABW7 UU79vA9KtIONdw7LgPQGLRqfTPPREOXl22Jv6SyXA9P23fGcLB0I3voATIbG20NignUk q1DBIyHdf9kU/t4BhkCpI1cifRgqY5lhmBk2iidz2idIQteSKJeMZjtp4MYRF39rq3gT Dciw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=irECxvruaE2IjUyg8ZiPj7VTaWFMYsTQ4MA7HTrIquI=; fh=T/Na3StdsDt/Vl3W5ovSX6FCLua67DwAek6VvvDgcow=; b=wYZF0CkEvmz1OoYcdBFJ5uvvg6fVhuX4arpykvJ72OfhU+f243zlP+SScrKL9Kc3d6 6WKGOnIDUbzA+rDSjFxhwzXydIGA50FBSoFEiZdk02F7rmFFwVOmkqBC+Qyg34SK6L2Q h6cu5u9ayzR1PCmFqZjgE26kEMDYnAxroB3du+G4/kNguhe9gqpp68QYNjDVziYcuYD8 R7foNJJBY1eQaYRty5t3wTgbUOVH0Dj77QzBKYH5dKRNIY+ltG1eB/n4vYUw2KGtPC82 NT6OXqz3Ogm1trbklQfAcae1jJxEz+qqtk/1YBrQQEa4I4TvTMXTLyFeAI///fOFeVza N6lw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id bz3-20020a056a02060300b00585a5e3039esi147120pgb.113.2023.10.19.11.12.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:12:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id DD1DF827006C; Thu, 19 Oct 2023 11:12:29 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233324AbjJSSMZ (ORCPT + 26 others); Thu, 19 Oct 2023 14:12:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235475AbjJSSMY (ORCPT ); Thu, 19 Oct 2023 14:12:24 -0400 Received: from mail-lj1-f178.google.com (mail-lj1-f178.google.com [209.85.208.178]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D1AA8121 for ; Thu, 19 Oct 2023 11:12:21 -0700 (PDT) Received: by mail-lj1-f178.google.com with SMTP id 38308e7fff4ca-2bb9a063f26so112740831fa.2 for ; Thu, 19 Oct 2023 11:12:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697739140; x=1698343940; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=irECxvruaE2IjUyg8ZiPj7VTaWFMYsTQ4MA7HTrIquI=; b=R9HDS6jaSLgCZbMbUh57zJSwJMqHY5AxVLHEwoRObE4F4PeR7DaSEGUngo2KqTwACT JPYQi9eqKn2/KXTg3Onf+g3eUZE53Ymjeit8wc2mwy4yAoJSgz6J/KOV+uliTIcly6Yd nYNC4gb8jOPYIdaiqzSGvyGDV1YRqkFQ67eHZ4Ds8plEBB7nXbeuO1e2ltHUrtecOIaH 3Rgu7QuU7fKsdclc5EEBxm7UHQ3HVQ2cWM5FGxulKqfHntjwsceTFyBuvpjcHIywwli7 ZWdvFxJDZLXVjJ9d3jILW+vXasWRYlOq3tZLaymxVo2WKg2ONCDch61M4j4EtTh7H94a jlVg== X-Gm-Message-State: AOJu0YwKUjtM1r3kNiVMCSdxuWBcjLXP65MrjJbnkp1q4L9zxHbNGlXC p83xbFJqtwcymiE7GyDc92Q= X-Received: by 2002:ac2:599d:0:b0:507:a671:3231 with SMTP id w29-20020ac2599d000000b00507a6713231mr2048308lfn.52.1697739139709; Thu, 19 Oct 2023 11:12:19 -0700 (PDT) Received: from localhost (fwdproxy-cln-007.fbsv.net. [2a03:2880:31ff:7::face:b00c]) by smtp.gmail.com with ESMTPSA id b22-20020a170906709600b009c3828fec06sm3875301ejk.81.2023.10.19.11.12.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:12:19 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 01/12] x86/bugs: Rename GDS_FORCE_MITIGATION to MITIGATION_GDS_FORCE Date: Thu, 19 Oct 2023 11:11:47 -0700 Message-Id: <20231019181158.1982205-2-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:12:29 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780208527321094328 X-GMAIL-MSGID: 1780208527321094328 CPU mitigations config entries are inconsistent, and names are hard to related[1]. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from GDS_FORCE_MITIGATION to MITIGATION_GDS_FORCE. [1] Link: https://lore.kernel.org/lkml/20231011044252.42bplzjsam3qsasz@treble/ Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/kernel/cpu/bugs.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index d4a73d12780a..d0a9f5a5c8a4 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2566,7 +2566,7 @@ config SLS against straight line speculation. The kernel image might be slightly larger. -config GDS_FORCE_MITIGATION +config MITIGATION_GDS_FORCE bool "Force GDS Mitigation" depends on CPU_SUP_INTEL default n diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index bb0ab8466b91..3c7e27b58f0e 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -671,7 +671,7 @@ enum gds_mitigations { GDS_MITIGATION_HYPERVISOR, }; -#if IS_ENABLED(CONFIG_GDS_FORCE_MITIGATION) +#if IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FORCE; #else static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FULL; From patchwork Thu Oct 19 18:11:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155673 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp567810vqb; Thu, 19 Oct 2023 11:12:52 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFq5iQGl2Q9/lBMcJDRdvQ2ZH35FO4VN4eoO45KDYYUciP2CtZlMVgHOMFpDtqBv5dsuXpW X-Received: by 2002:a05:6a20:4295:b0:17b:1ab9:5790 with SMTP id o21-20020a056a20429500b0017b1ab95790mr3163528pzj.50.1697739171841; Thu, 19 Oct 2023 11:12:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697739171; cv=none; d=google.com; s=arc-20160816; b=XztwWUyLfNHcLbeW16yHw0VsHuxbSsLC7t+Vpv7qcCYpAkF/Ll3m9jG4v7tIZQeF/B CzE66TzTl5SZKbM4mbZXg9SZTqX9gnOVEe8s2Ale+EAh1x0ndCqOjmp+9tYCwnBoWUwa +toATxQ1rSff5fQBBh3HS7B6Qp/ruxvxJL9DyFbFna/6iM3SVZcno5HEzCiNGT0asMWi MvGr7WJF0nvU9BJ/C3xpkt4puNSoKIePl24ZgQYCAaek0l5Fg+WHnnWh36SWhYOzY8E+ hNZ4D5Ur2jyVJmyptoKdzcFzbOYF/whzdGpPgh0tKvEXwy+Avq2rBuHJigbn7ql6Uj7w pH7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=KzUTZ2tVIcLFVmnHYkHPd+CZ+4cvt+7WkUIii7z93Do=; fh=T/Na3StdsDt/Vl3W5ovSX6FCLua67DwAek6VvvDgcow=; b=ZNaS9xtwAmLYu04t3lCAiadiZ+Ibpa3jyluVD8ATSTSkXWVwYNWCWajx35zjErVIPv OvgWF1Ywh2/aqAHzhrVv+FVIjPfueoTO2kImzlFVR/Ad4Icto6b0iSnKlMfkcAuT1UWO fsHmZIYm3ttP7pKMKDCF812wI+4w4W4wUI8w7pN7z7zYsx0RJCl7OFVK3eW1f4M8miqw W5or7/ec44skCcO6iRJY29Oo7UHp83D+cQxDF/TATmfvPbBkOX6EuzAnHlo3XaTvmXqY g4kfafqKmH7Wj5njokTiNsohKzUm4NXLbAxaddlWoE9m1GOvZuI/D2tofCVCIxPAxwt6 EPwA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id m68-20020a633f47000000b005aad7d77608si127028pga.138.2023.10.19.11.12.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:12:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 53172825CEE6; Thu, 19 Oct 2023 11:12:49 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346378AbjJSSM0 (ORCPT + 26 others); Thu, 19 Oct 2023 14:12:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346346AbjJSSMZ (ORCPT ); Thu, 19 Oct 2023 14:12:25 -0400 Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com [209.85.218.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D19E9121 for ; Thu, 19 Oct 2023 11:12:23 -0700 (PDT) Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-9ae2cc4d17eso1332870966b.1 for ; Thu, 19 Oct 2023 11:12:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697739142; x=1698343942; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KzUTZ2tVIcLFVmnHYkHPd+CZ+4cvt+7WkUIii7z93Do=; b=u3dkRZQKwvIunbH7GFtq5EvNFLy9ycDhM9+M0OJjTdb1IhdyEwAv85bQrtFbhyCpuN H8ZJZ4Lrc2uWK5EmfWlFORSNxgxrAhZo1X/cPpFZXy1atx0CVtxYxvDlWsSDxG/pR8fU nROURLL+WsJhMHDyVqMk+d28fh6JD4PCqroH4lMcxASqjjw0OtjvVkKgL3utjBGGs4fS YROmHvrFBEy6o4fzKAopUhjZA410CDTE2To0SrpLz8xMlSsu9X705dGDyZOGvL5VyzCl 1dm75k6bUY3lax6GwK5BB4UwRbKedYH3oQa493tu6c5E+NGBQOPSzbc8L2p10MZX5UiF fj/w== X-Gm-Message-State: AOJu0YyAqxaPExopZPL8a369g8j7HSb2o43c+oV4GsJpUcUhxAX8ni3h cEppB1KrTfljCcaPUQgBV50= X-Received: by 2002:a17:906:6a1b:b0:9ae:5fe1:ef01 with SMTP id qw27-20020a1709066a1b00b009ae5fe1ef01mr2065867ejc.37.1697739142233; Thu, 19 Oct 2023 11:12:22 -0700 (PDT) Received: from localhost (fwdproxy-cln-022.fbsv.net. [2a03:2880:31ff:16::face:b00c]) by smtp.gmail.com with ESMTPSA id u13-20020a170906408d00b009932337747esm3922300ejj.86.2023.10.19.11.12.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:12:21 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 02/12] x86/bugs: Rename CPU_IBPB_ENTRY to MITIGATION_IBPB_ENTRY Date: Thu, 19 Oct 2023 11:11:48 -0700 Message-Id: <20231019181158.1982205-3-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:12:49 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780208549493272563 X-GMAIL-MSGID: 1780208549493272563 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_IBPB_ENTRY to MITIGATION_IBPB_ENTRY. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/include/asm/nospec-branch.h | 2 +- arch/x86/kernel/cpu/bugs.c | 11 ++++++----- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index d0a9f5a5c8a4..b8965bb7443b 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2533,7 +2533,7 @@ config CALL_THUNKS_DEBUG Only enable this when you are debugging call thunks as this creates a noticeable runtime overhead. If unsure say N. -config CPU_IBPB_ENTRY +config MITIGATION_IBPB_ENTRY bool "Enable IBPB on kernel entry" depends on CPU_SUP_AMD && X86_64 default y diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index f93e9b96927a..0676b077207c 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -289,7 +289,7 @@ * where we have a stack but before any RET instruction. */ .macro __UNTRAIN_RET ibpb_feature, call_depth_insns -#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) +#if defined(CONFIG_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 3c7e27b58f0e..1de4791091ca 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -994,10 +994,10 @@ static void __init retbleed_select_mitigation(void) if (!boot_cpu_has(X86_FEATURE_IBPB)) { pr_err("WARNING: CPU does not support IBPB.\n"); goto do_cmd_auto; - } else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { + } else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { retbleed_mitigation = RETBLEED_MITIGATION_IBPB; } else { - pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); goto do_cmd_auto; } break; @@ -1023,7 +1023,8 @@ static void __init retbleed_select_mitigation(void) boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) { if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) retbleed_mitigation = RETBLEED_MITIGATION_UNRET; - else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) + else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) && + boot_cpu_has(X86_FEATURE_IBPB)) retbleed_mitigation = RETBLEED_MITIGATION_IBPB; } @@ -2482,13 +2483,13 @@ static void __init srso_select_mitigation(void) break; case SRSO_CMD_IBPB: - if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { + if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { if (has_microcode) { setup_force_cpu_cap(X86_FEATURE_ENTRY_IBPB); srso_mitigation = SRSO_MITIGATION_IBPB; } } else { - pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); } break; From patchwork Thu Oct 19 18:11:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155678 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp579596vqb; Thu, 19 Oct 2023 11:36:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE98GWvOIyCA+1sOW396ib0g0YjWwM1EIUVT68vhoNl7CZUmQaaXoncRvIt+6pf1PtghoFT X-Received: by 2002:a05:6870:1091:b0:1e9:c2bd:f2e9 with SMTP id 17-20020a056870109100b001e9c2bdf2e9mr3152395oaq.25.1697740575309; Thu, 19 Oct 2023 11:36:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740575; cv=none; d=google.com; s=arc-20160816; b=tmfV6PnTIPaK8CK4Uv/20uOISPF2+7nhwi5df62l9pLnKofNQn/gEZ3UJtWuzmIw6E 66kzBMN/68UqoycOME/ybtfDih3BXaznpQO4BGEkhGqbQ5wuItUK+aO2oJOjWZv9ejmg /DIWlff5O1YI/IxXPl5C+jJ3iS9nlWtbdKvhngAKdoRRxuxNE7cuHPvaaUlPmvgtIZuv 0aIHDEtuiu+ABi0dvaw9Cnd9ONLnEvmRvbQrxzf/B31j8H9G3SJXkI5jsjYxrJLcYln6 ADcrwnlMh1rf1SdAnZ4VO+JiclEYt7PPhKV3QGlr7uVqrako+rHaGTXt5NBdl/juDekY n1mQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=XsnS4a36dsfrPKrQ6qYn/NJN9B6BlESMsP3eWITabwo=; fh=dsxR5a98Q3CeXSg7hkscMG6KzKfpBQxbYGR2VcDOg3Y=; b=KaI8RgAH0TiDzccc9XxJLMglGH6g9REfG2oVfb2pR53WVVMaLlGoe8/kVFTqgWlD9a oRPHdjdX630tLG8I3R8CLEvIwiRcLGbcOFgZfB5UWKIYk+17QNO8DIKd9LFLVuWjbM32 6SlEvni4eYP8OqPKZl6vyznyz93SW6b3w9QZfRPLX7XYeqcBLRwE7MUiLQmr015dtklK 98CjaY0kI0fTDESFAfvm3m58w8Y8M5KyRWB25IFbZ6pU9wD6z+kRMZDstt6zo64E+YG4 Qc1guhr2GUipbuKzSDlUhy9bgY18mM01Bc2N5koh4Po62i5PjnODB5/hSfCjzWt1S1v9 SO3w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id r126-20020a632b84000000b005849fe1d3aesi138214pgr.458.2023.10.19.11.36.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:36:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 0CD03806822F; Thu, 19 Oct 2023 11:35:44 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345214AbjJSSfY (ORCPT + 26 others); Thu, 19 Oct 2023 14:35:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41860 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233250AbjJSSfX (ORCPT ); Thu, 19 Oct 2023 14:35:23 -0400 Received: from mail-ej1-f42.google.com (mail-ej1-f42.google.com [209.85.218.42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A89D0BE for ; Thu, 19 Oct 2023 11:35:20 -0700 (PDT) Received: by mail-ej1-f42.google.com with SMTP id a640c23a62f3a-9bf86b77a2aso4395066b.0 for ; Thu, 19 Oct 2023 11:35:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740519; x=1698345319; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XsnS4a36dsfrPKrQ6qYn/NJN9B6BlESMsP3eWITabwo=; b=WL6irb24fMopcMnyXyzl3E/n9NOpyi7IjS9sOQIGUrsyYZSDZurRR8hkJQsZgop6fc QxNSCDpwB4D7gPcl9gbclnNlP1DQfB4qLIyLMhnMcgVGKxKMEeoPNTd7tjgY3vPVVe9Q Vl2jRKFNB1/7e1kZmXP7vX1vb1Ewa4MNmpuIj3QIFLm3UjsxR/I18XxmWY9wFv0w+R+/ zSfPUaft+ZFFd888QclH09RMCf23uprnvLQI+1UdUhJvtJO7hvglNEQ+AJQg5AEizqxp jGJ+eGsx7/6iWtzpGX0qccDIqNrz/bXe19lLr/qC4ODNbkoEKKqEBMzcEGObRk4GP3hT JeHw== X-Gm-Message-State: AOJu0YzW8AFQkahBbSafAZ9eTVyV2FXCegYcow4woUNwIQLTRdGkrYti bysYNDom4jk/sMxLH6srRE4= X-Received: by 2002:a17:907:318c:b0:9a1:c447:3c62 with SMTP id xe12-20020a170907318c00b009a1c4473c62mr2580445ejb.49.1697740518711; Thu, 19 Oct 2023 11:35:18 -0700 (PDT) Received: from localhost (fwdproxy-cln-013.fbsv.net. [2a03:2880:31ff:d::face:b00c]) by smtp.gmail.com with ESMTPSA id qk2-20020a170906d9c200b009b97aa5a3aesm26052ejb.34.2023.10.19.11.35.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:35:18 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, Rick Edgecombe , Kees Cook , Kim Phillips , "Kirill A. Shutemov" , Juergen Gross , Kai Huang , David Woodhouse , Paolo Bonzini , Brian Gerst , Taehee Yoo , Ingo Molnar , Arnaldo Carvalho de Melo , linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 03/12] x86/bugs: Rename CALL_DEPTH_TRACKING to MITIGATION_CALL_DEPTH_TRACKING Date: Thu, 19 Oct 2023 11:11:49 -0700 Message-Id: <20231019181158.1982205-4-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:35:44 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210021731772674 X-GMAIL-MSGID: 1780210021731772674 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CALL_DEPTH_TRACKING to MITIGATION_CALL_DEPTH_TRACKING. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 4 ++-- arch/x86/include/asm/current.h | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/nospec-branch.h | 10 +++++----- arch/x86/kernel/asm-offsets.c | 2 +- arch/x86/kernel/cpu/bugs.c | 6 +++--- arch/x86/lib/retpoline.S | 6 +++--- scripts/Makefile.lib | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 9 files changed, 18 insertions(+), 18 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index b8965bb7443b..4d64519311c4 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2502,7 +2502,7 @@ config CPU_UNRET_ENTRY help Compile the kernel with support for the retbleed=unret mitigation. -config CALL_DEPTH_TRACKING +config MITIGATION_CALL_DEPTH_TRACKING bool "Mitigate RSB underflow with call depth tracking" depends on CPU_SUP_INTEL && HAVE_CALL_THUNKS select HAVE_DYNAMIC_FTRACE_NO_PATCHABLE @@ -2522,7 +2522,7 @@ config CALL_DEPTH_TRACKING config CALL_THUNKS_DEBUG bool "Enable call thunks and call depth tracking debugging" - depends on CALL_DEPTH_TRACKING + depends on MITIGATION_CALL_DEPTH_TRACKING select FUNCTION_ALIGNMENT_32B default n help diff --git a/arch/x86/include/asm/current.h b/arch/x86/include/asm/current.h index a1168e7b69e5..d4ff517cfbd1 100644 --- a/arch/x86/include/asm/current.h +++ b/arch/x86/include/asm/current.h @@ -17,7 +17,7 @@ struct pcpu_hot { struct task_struct *current_task; int preempt_count; int cpu_number; -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING u64 call_depth; #endif unsigned long top_of_stack; diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 702d93fdd10e..c1d3a5795618 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -69,7 +69,7 @@ # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) #endif -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING # define DISABLE_CALL_DEPTH_TRACKING 0 #else # define DISABLE_CALL_DEPTH_TRACKING (1 << (X86_FEATURE_CALL_DEPTH & 31)) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 0676b077207c..64d9f0e87419 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -73,7 +73,7 @@ # define CALL_THUNKS_DEBUG_INC_CTXSW #endif -#if defined(CONFIG_CALL_DEPTH_TRACKING) && !defined(COMPILE_OFFSETS) +#if defined(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && !defined(COMPILE_OFFSETS) #include @@ -309,7 +309,7 @@ .macro CALL_DEPTH_ACCOUNT -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING ALTERNATIVE "", \ __stringify(ASM_INCREMENT_CALL_DEPTH), X86_FEATURE_CALL_DEPTH #endif @@ -357,7 +357,7 @@ extern void entry_ibpb(void); extern void (*x86_return_thunk)(void); -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING extern void call_depth_return_thunk(void); #define CALL_DEPTH_ACCOUNT \ @@ -371,12 +371,12 @@ DECLARE_PER_CPU(u64, __x86_ret_count); DECLARE_PER_CPU(u64, __x86_stuffs_count); DECLARE_PER_CPU(u64, __x86_ctxsw_count); #endif -#else /* !CONFIG_CALL_DEPTH_TRACKING */ +#else /* !CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ static inline void call_depth_return_thunk(void) {} #define CALL_DEPTH_ACCOUNT "" -#endif /* CONFIG_CALL_DEPTH_TRACKING */ +#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ #ifdef CONFIG_RETPOLINE diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c index 6913b372ccf7..a98020bf31bb 100644 --- a/arch/x86/kernel/asm-offsets.c +++ b/arch/x86/kernel/asm-offsets.c @@ -109,7 +109,7 @@ static void __used common(void) OFFSET(TSS_sp2, tss_struct, x86_tss.sp2); OFFSET(X86_top_of_stack, pcpu_hot, top_of_stack); OFFSET(X86_current_task, pcpu_hot, current_task); -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING OFFSET(X86_call_depth, pcpu_hot, call_depth); #endif #if IS_ENABLED(CONFIG_CRYPTO_ARIA_AESNI_AVX_X86_64) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 1de4791091ca..b906ed4f3091 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1003,15 +1003,15 @@ static void __init retbleed_select_mitigation(void) break; case RETBLEED_CMD_STUFF: - if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING) && + if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && spectre_v2_enabled == SPECTRE_V2_RETPOLINE) { retbleed_mitigation = RETBLEED_MITIGATION_STUFF; } else { - if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING)) + if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING)) pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n"); else - pr_err("WARNING: kernel not compiled with CALL_DEPTH_TRACKING.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_CALL_DEPTH_TRACKING.\n"); goto do_cmd_auto; } diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index db813113e637..910fd231b7d2 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -71,7 +71,7 @@ SYM_CODE_END(__x86_indirect_thunk_array) #include #undef GEN -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING .macro CALL_THUNK reg .align RETPOLINE_THUNK_SIZE @@ -318,7 +318,7 @@ __EXPORT_THUNK(entry_untrain_ret) #endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */ -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING .align 64 SYM_FUNC_START(call_depth_return_thunk) @@ -350,7 +350,7 @@ SYM_FUNC_START(call_depth_return_thunk) int3 SYM_FUNC_END(call_depth_return_thunk) -#endif /* CONFIG_CALL_DEPTH_TRACKING */ +#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ /* * This function name is magical and is used by -mfunction-return=thunk-extern diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 68d0134bdbf9..cc44c95c49cc 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -254,7 +254,7 @@ objtool := $(objtree)/tools/objtool/objtool objtool-args-$(CONFIG_HAVE_JUMP_LABEL_HACK) += --hacks=jump_label objtool-args-$(CONFIG_HAVE_NOINSTR_HACK) += --hacks=noinstr -objtool-args-$(CONFIG_CALL_DEPTH_TRACKING) += --hacks=skylake +objtool-args-$(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) += --hacks=skylake objtool-args-$(CONFIG_X86_KERNEL_IBT) += --ibt objtool-args-$(CONFIG_FINEIBT) += --cfi objtool-args-$(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL) += --mcount diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index fafe9be7a6f4..3d61b2432991 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -69,7 +69,7 @@ # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) #endif -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING # define DISABLE_CALL_DEPTH_TRACKING 0 #else # define DISABLE_CALL_DEPTH_TRACKING (1 << (X86_FEATURE_CALL_DEPTH & 31)) From patchwork Thu Oct 19 18:11:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155679 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp579649vqb; Thu, 19 Oct 2023 11:36:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGIIIrCa2ZvDYF7pdSFFQGH7Lpr+F1Q4hNxXKQxuOEFe6ObpYHnyQly1txPF+gVPT7qM5Tb X-Received: by 2002:a05:6a20:3c93:b0:173:3ef3:236a with SMTP id b19-20020a056a203c9300b001733ef3236amr3591244pzj.21.1697740580493; Thu, 19 Oct 2023 11:36:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740580; cv=none; d=google.com; s=arc-20160816; b=THg2YpMbSn59dbrWdHbnpNjrKq9shCuW7YIo0EfhrkXtY0ojpG5E07ZARoZUwV3ouz JV8I/2lq2sCnd4asWeAIEWt9EkT9Zb/gCpD8gRu5ax9rCbrImAlBQ3777f3w8U1LffRq ESWSkPe0ZZhO53G7pk9yCT7quJWZNeCCkpsKLSC8WmwsXIp/Ir6spPabkrZe1UIJc1HA NoTrzTPMHkO8gnrZYB6nDS47xSFNmnSTu2zZtU8DyY/MKhIBi81Kq5IKxEv6LfpqLYDn FB+MgNH6ZgwU+1JQCox7sjrBunUND1jcmZoE38TBOtohNkF8LOrY0UyM4MEhVlQaRkBp ZGMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=n/4B/+kv0vb26eeqprAtXm5NCQ0XsnOF3dGG9uSv4uU=; fh=XlC7A+7Hqgbvd9/CO/amiA0v129ouVCaSlTESYHskLU=; b=exXsNK1zEUdY4rfqIL6UkNlJ4ToXR1s+F1MhVYiNfhf1SXVB/7Z9Gv7y2VuI6O7I81 qab6XWYX4oVihE4NsFnH+pyT/R94TFZJfZYw825yGI/A4EHJnwURuyHhT9nYC2eFmB+5 oM8Pojy2AZ5GHe4nEWtrjonEZh+/44zGDqG1fWc/uddu8YwzF8Wy+yZZZIqzTjwe2MG7 DKvoQoFHa2My7ncaRyuQsFrwbUC1+pe579JRVAWuFoLFF3HZxL/p+tfTVCiRjtwUzpma pGw/PYSI9OMW4vttdF2rdu2EjvET37EW9HlXFdTaVLQmrgatxSX+nOltUEcpxUUwXBC2 lxcg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id w8-20020a63f508000000b00573f93787e4si168276pgh.103.2023.10.19.11.36.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:36:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 55F4C81B5A9C; Thu, 19 Oct 2023 11:36:16 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346271AbjJSSfy (ORCPT + 26 others); Thu, 19 Oct 2023 14:35:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34856 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235518AbjJSSfw (ORCPT ); Thu, 19 Oct 2023 14:35:52 -0400 Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7993EBE; Thu, 19 Oct 2023 11:35:49 -0700 (PDT) Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-53f9af41444so1535829a12.1; Thu, 19 Oct 2023 11:35:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740548; x=1698345348; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=n/4B/+kv0vb26eeqprAtXm5NCQ0XsnOF3dGG9uSv4uU=; b=v5UN0lkRJ3kYChxl4Jc8PihLLsJDSVpgpinXu0nHM1GzcPruhhE/QCcZQMpRTj37Oe yFQ4sRcSYkyd7tUeyMkn6RKEVxzfOHcik5eNZ6jwbzds8xfoTl4SQWidInA3yq1OezFf HfjlBvfkZlVOwSLUdfeDQd1AGfiS2agqQSHqFIu2z9VvLPauP3vSlh7ywrKhsa7oySxw 6pNv/NpAoEObVxwzhcjbsmIdE6Kk0TSbFJpML6czjATYRYeStN+P+nr3i6wOIbLlhzkU owl37Wl/jBtTv8gA0/YioCRAL1B7J/g6ywiWO8O+hVUmPh6yYBAIkmFv2064044PIdiS Ujtg== X-Gm-Message-State: AOJu0YxPwHMayoMSDLbCQuFu7iSj+d5gf29CwJ+RBBw5YVMqlep+9dYO 2s017loVCBKDVovG305vMHE= X-Received: by 2002:a05:6402:3586:b0:53e:2af1:e966 with SMTP id y6-20020a056402358600b0053e2af1e966mr2638925edc.1.1697740547764; Thu, 19 Oct 2023 11:35:47 -0700 (PDT) Received: from localhost (fwdproxy-cln-011.fbsv.net. [2a03:2880:31ff:b::face:b00c]) by smtp.gmail.com with ESMTPSA id n4-20020a05640205c400b0053f9578ec97sm61253edx.56.2023.10.19.11.35.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:35:47 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Jonathan Corbet , Andy Lutomirski , Peter Zijlstra Cc: leit@meta.com, "Kirill A. Shutemov" , Mike Rapoport , David Hildenbrand , Ingo Molnar , Nikunj A Dadhania , Yu-cheng Yu , Rick Edgecombe , Juergen Gross , Kim Phillips , Andrew Morton , Kemeng Shi , "Matthew Wilcox (Oracle)" , Peter Xu , Guo Ren , Kefeng Wang , Helge Deller , Catalin Marinas , Alexander Potapenko , Masahiro Yamada , Brian Gerst , David Woodhouse , Usama Arif , Ard Biesheuvel , Tom Lendacky , Hugh Dickins , Arnaldo Carvalho de Melo , linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)), linux-doc@vger.kernel.org (open list:DOCUMENTATION) Subject: [PATCH v5 04/12] x86/bugs: Rename PAGE_TABLE_ISOLATION to MITIGATION_PAGE_TABLE_ISOLATION Date: Thu, 19 Oct 2023 11:11:50 -0700 Message-Id: <20231019181158.1982205-5-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:36:16 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210027104139366 X-GMAIL-MSGID: 1780210027104139366 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from PAGE_TABLE_ISOLATION to MITIGATION_PAGE_TABLE_ISOLATION. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- Documentation/arch/x86/pti.rst | 6 +++--- arch/x86/Kconfig | 2 +- arch/x86/boot/compressed/ident_map_64.c | 4 ++-- arch/x86/entry/calling.h | 4 ++-- arch/x86/entry/entry_64.S | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/pgalloc.h | 2 +- arch/x86/include/asm/pgtable-3level.h | 2 +- arch/x86/include/asm/pgtable.h | 18 +++++++++--------- arch/x86/include/asm/pgtable_64.h | 3 ++- arch/x86/include/asm/processor-flags.h | 2 +- arch/x86/include/asm/pti.h | 2 +- arch/x86/kernel/dumpstack.c | 2 +- arch/x86/kernel/head_32.S | 4 ++-- arch/x86/kernel/head_64.S | 2 +- arch/x86/kernel/ldt.c | 8 ++++---- arch/x86/mm/Makefile | 2 +- arch/x86/mm/debug_pagetables.c | 4 ++-- arch/x86/mm/dump_pagetables.c | 4 ++-- arch/x86/mm/pgtable.c | 4 ++-- arch/x86/mm/tlb.c | 10 +++++----- include/linux/pti.h | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 23 files changed, 47 insertions(+), 46 deletions(-) diff --git a/Documentation/arch/x86/pti.rst b/Documentation/arch/x86/pti.rst index 4b858a9bad8d..3241b081f1ad 100644 --- a/Documentation/arch/x86/pti.rst +++ b/Documentation/arch/x86/pti.rst @@ -26,9 +26,9 @@ comments in pti.c). This approach helps to ensure that side-channel attacks leveraging the paging structures do not function when PTI is enabled. It can be -enabled by setting CONFIG_PAGE_TABLE_ISOLATION=y at compile time. -Once enabled at compile-time, it can be disabled at boot with the -'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt). +enabled by setting CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=y at compile +time. Once enabled at compile-time, it can be disabled at boot with +the 'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt). Page Table Management ===================== diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 4d64519311c4..46885150efd2 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2463,7 +2463,7 @@ menuconfig SPECULATION_MITIGATIONS if SPECULATION_MITIGATIONS -config PAGE_TABLE_ISOLATION +config MITIGATION_PAGE_TABLE_ISOLATION bool "Remove the kernel mapping in user mode" default y depends on (X86_64 || X86_PAE) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index 08f93b0401bb..2aa29ef490dc 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -8,8 +8,8 @@ * Copyright (C) 2016 Kees Cook */ -/* No PAGE_TABLE_ISOLATION support needed either: */ -#undef CONFIG_PAGE_TABLE_ISOLATION +/* No MITIGATION_PAGE_TABLE_ISOLATION support needed either: */ +#undef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION #include "error.h" #include "misc.h" diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index f6907627172b..ace89d5c1ddd 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -142,7 +142,7 @@ For 32-bit we have the following conventions - kernel is built with .endif .endm -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * PAGE_TABLE_ISOLATION PGDs are 8k. Flip bit 12 to switch between the two @@ -269,7 +269,7 @@ For 32-bit we have the following conventions - kernel is built with .Lend_\@: .endm -#else /* CONFIG_PAGE_TABLE_ISOLATION=n: */ +#else /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=n: */ .macro SWITCH_TO_KERNEL_CR3 scratch_reg:req .endm diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index 3bdc22d7e78f..9cb225607413 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1134,7 +1134,7 @@ SYM_CODE_END(error_return) * * Registers: * %r14: Used to save/restore the CR3 of the interrupted context - * when PAGE_TABLE_ISOLATION is in use. Do not clobber. + * when MITIGATION_PAGE_TABLE_ISOLATION is in use. Do not clobber. */ SYM_CODE_START(asm_exc_nmi) UNWIND_HINT_IRET_ENTRY diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index c1d3a5795618..fb604ec95a5f 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -44,7 +44,7 @@ # define DISABLE_LA57 (1<<(X86_FEATURE_LA57 & 31)) #endif -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define DISABLE_PTI 0 #else # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h index c7ec5bb88334..dcd836b59beb 100644 --- a/arch/x86/include/asm/pgalloc.h +++ b/arch/x86/include/asm/pgalloc.h @@ -34,7 +34,7 @@ static inline void paravirt_release_p4d(unsigned long pfn) {} */ extern gfp_t __userpte_alloc_gfp; -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * Instead of one PGD, we acquire two PGDs. Being order-1, it is * both 8k in size and 8k-aligned. That lets us just flip bit 12 diff --git a/arch/x86/include/asm/pgtable-3level.h b/arch/x86/include/asm/pgtable-3level.h index 9e7c0b719c3c..dabafba957ea 100644 --- a/arch/x86/include/asm/pgtable-3level.h +++ b/arch/x86/include/asm/pgtable-3level.h @@ -52,7 +52,7 @@ static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd) static inline void native_set_pud(pud_t *pudp, pud_t pud) { -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION pud.p4d.pgd = pti_set_user_pgtbl(&pudp->p4d.pgd, pud.p4d.pgd); #endif pxx_xchg64(pud, pudp, native_pud_val(pud)); diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index 57bab91bbf50..b23d0c162573 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -908,7 +908,7 @@ static inline int is_new_memtype_allowed(u64 paddr, unsigned long size, pmd_t *populate_extra_pmd(unsigned long vaddr); pte_t *populate_extra_pte(unsigned long vaddr); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION pgd_t __pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd); /* @@ -922,12 +922,12 @@ static inline pgd_t pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd) return pgd; return __pti_set_user_pgtbl(pgdp, pgd); } -#else /* CONFIG_PAGE_TABLE_ISOLATION */ +#else /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ static inline pgd_t pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd) { return pgd; } -#endif /* CONFIG_PAGE_TABLE_ISOLATION */ +#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ #endif /* __ASSEMBLY__ */ @@ -1130,7 +1130,7 @@ static inline int p4d_bad(p4d_t p4d) { unsigned long ignore_flags = _KERNPG_TABLE | _PAGE_USER; - if (IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) + if (IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) ignore_flags |= _PAGE_NX; return (p4d_flags(p4d) & ~ignore_flags) != 0; @@ -1176,7 +1176,7 @@ static inline int pgd_bad(pgd_t pgd) if (!pgtable_l5_enabled()) return 0; - if (IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) + if (IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) ignore_flags |= _PAGE_NX; return (pgd_flags(pgd) & ~ignore_flags) != _KERNPG_TABLE; @@ -1421,9 +1421,9 @@ static inline bool pgdp_maps_userspace(void *__ptr) #define pgd_leaf pgd_large static inline int pgd_large(pgd_t pgd) { return 0; } -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* - * All top-level PAGE_TABLE_ISOLATION page tables are order-1 pages + * All top-level MITIGATION_PAGE_TABLE_ISOLATION page tables are order-1 pages * (8k-aligned and 8k in size). The kernel one is at the beginning 4k and * the user one is in the last 4k. To switch between them, you * just need to flip the 12th bit in their addresses. @@ -1468,7 +1468,7 @@ static inline p4d_t *user_to_kernel_p4dp(p4d_t *p4dp) { return ptr_clear_bit(p4dp, PTI_PGTABLE_SWITCH_BIT); } -#endif /* CONFIG_PAGE_TABLE_ISOLATION */ +#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ /* * clone_pgd_range(pgd_t *dst, pgd_t *src, int count); @@ -1483,7 +1483,7 @@ static inline p4d_t *user_to_kernel_p4dp(p4d_t *p4dp) static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count) { memcpy(dst, src, count * sizeof(pgd_t)); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION if (!static_cpu_has(X86_FEATURE_PTI)) return; /* Clone the user space pgd as well */ diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h index a629b1b9f65a..8108d68d146c 100644 --- a/arch/x86/include/asm/pgtable_64.h +++ b/arch/x86/include/asm/pgtable_64.h @@ -143,7 +143,8 @@ static inline void native_set_p4d(p4d_t *p4dp, p4d_t p4d) { pgd_t pgd; - if (pgtable_l5_enabled() || !IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) { + if (pgtable_l5_enabled() || + !IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) { WRITE_ONCE(*p4dp, p4d); return; } diff --git a/arch/x86/include/asm/processor-flags.h b/arch/x86/include/asm/processor-flags.h index d8cccadc83a6..e5f204b9b33d 100644 --- a/arch/x86/include/asm/processor-flags.h +++ b/arch/x86/include/asm/processor-flags.h @@ -51,7 +51,7 @@ #define CR3_NOFLUSH 0 #endif -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define X86_CR3_PTI_PCID_USER_BIT 11 #endif diff --git a/arch/x86/include/asm/pti.h b/arch/x86/include/asm/pti.h index 07375b476c4f..ab167c96b9ab 100644 --- a/arch/x86/include/asm/pti.h +++ b/arch/x86/include/asm/pti.h @@ -3,7 +3,7 @@ #define _ASM_X86_PTI_H #ifndef __ASSEMBLY__ -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION extern void pti_init(void); extern void pti_check_boottime_disable(void); extern void pti_finalize(void); diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c index f18ca44c904b..44a91ef5a23b 100644 --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -410,7 +410,7 @@ static void __die_header(const char *str, struct pt_regs *regs, long err) IS_ENABLED(CONFIG_SMP) ? " SMP" : "", debug_pagealloc_enabled() ? " DEBUG_PAGEALLOC" : "", IS_ENABLED(CONFIG_KASAN) ? " KASAN" : "", - IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION) ? + IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION) ? (boot_cpu_has(X86_FEATURE_PTI) ? " PTI" : " NOPTI") : ""); } NOKPROBE_SYMBOL(__die_header); diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S index b6554212b7c7..1ba091d388f3 100644 --- a/arch/x86/kernel/head_32.S +++ b/arch/x86/kernel/head_32.S @@ -424,7 +424,7 @@ __REFDATA .align 4 SYM_DATA(initial_code, .long i386_start_kernel) -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION #define PGD_ALIGN (2 * PAGE_SIZE) #define PTI_USER_PGD_FILL 1024 #else @@ -484,7 +484,7 @@ SYM_DATA_START(initial_page_table) # endif .align PAGE_SIZE /* needs to be page-sized too */ -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * PTI needs another page so sync_initial_pagetable() works correctly * and does not scribble over the data which is placed behind the diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 086a2c3aaaa0..e23bc2a541cf 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -593,7 +593,7 @@ SYM_CODE_END(vc_no_ghcb) #define SYM_DATA_START_PAGE_ALIGNED(name) \ SYM_START(name, SYM_L_GLOBAL, .balign PAGE_SIZE) -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * Each PGD needs to be 8k long and 8k aligned. We do not * ever go out to userspace with these, so we do not diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c index adc67f98819a..7e6de84b9358 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c @@ -184,7 +184,7 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries) return new_ldt; } -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION static void do_sanity_check(struct mm_struct *mm, bool had_kernel_mapping, @@ -377,7 +377,7 @@ static void unmap_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt) flush_tlb_mm_range(mm, va, va + nr_pages * PAGE_SIZE, PAGE_SHIFT, false); } -#else /* !CONFIG_PAGE_TABLE_ISOLATION */ +#else /* !CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ static int map_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt, int slot) @@ -388,11 +388,11 @@ map_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt, int slot) static void unmap_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt) { } -#endif /* CONFIG_PAGE_TABLE_ISOLATION */ +#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ static void free_ldt_pgtables(struct mm_struct *mm) { -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION struct mmu_gather tlb; unsigned long start = LDT_BASE_ADDR; unsigned long end = LDT_END_ADDR; diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index c80febc44cd2..031cd10ed17f 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -60,7 +60,7 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o -obj-$(CONFIG_PAGE_TABLE_ISOLATION) += pti.o +obj-$(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION) += pti.o obj-$(CONFIG_X86_MEM_ENCRYPT) += mem_encrypt.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_amd.o diff --git a/arch/x86/mm/debug_pagetables.c b/arch/x86/mm/debug_pagetables.c index b43301cb2a80..ae5c213a1cb0 100644 --- a/arch/x86/mm/debug_pagetables.c +++ b/arch/x86/mm/debug_pagetables.c @@ -22,7 +22,7 @@ static int ptdump_curknl_show(struct seq_file *m, void *v) DEFINE_SHOW_ATTRIBUTE(ptdump_curknl); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION static int ptdump_curusr_show(struct seq_file *m, void *v) { if (current->mm->pgd) @@ -54,7 +54,7 @@ static int __init pt_dump_debug_init(void) debugfs_create_file("current_kernel", 0400, dir, NULL, &ptdump_curknl_fops); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION debugfs_create_file("current_user", 0400, dir, NULL, &ptdump_curusr_fops); #endif diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c index e1b599ecbbc2..b7b88c1d91ec 100644 --- a/arch/x86/mm/dump_pagetables.c +++ b/arch/x86/mm/dump_pagetables.c @@ -408,7 +408,7 @@ void ptdump_walk_pgd_level_debugfs(struct seq_file *m, struct mm_struct *mm, bool user) { pgd_t *pgd = mm->pgd; -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION if (user && boot_cpu_has(X86_FEATURE_PTI)) pgd = kernel_to_user_pgdp(pgd); #endif @@ -418,7 +418,7 @@ EXPORT_SYMBOL_GPL(ptdump_walk_pgd_level_debugfs); void ptdump_walk_user_pgd_level_checkwx(void) { -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION pgd_t *pgd = INIT_PGD; if (!(__supported_pte_mask & _PAGE_NX) || diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index 0cbc1b8e8e3d..cceb779d882d 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -293,7 +293,7 @@ static void pgd_mop_up_pmds(struct mm_struct *mm, pgd_t *pgdp) for (i = 0; i < PREALLOCATED_PMDS; i++) mop_up_one_pmd(mm, &pgdp[i]); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION if (!boot_cpu_has(X86_FEATURE_PTI)) return; @@ -325,7 +325,7 @@ static void pgd_prepopulate_pmd(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmds[]) } } -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION static void pgd_prepopulate_user_pmd(struct mm_struct *mm, pgd_t *k_pgd, pmd_t *pmds[]) { diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index 453ea95b667d..77f448e55bf8 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -89,10 +89,10 @@ #define CR3_HW_ASID_BITS 12 /* - * When enabled, PAGE_TABLE_ISOLATION consumes a single bit for + * When enabled, MITIGATION_PAGE_TABLE_ISOLATION consumes a single bit for * user/kernel switches */ -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define PTI_CONSUMED_PCID_BITS 1 #else # define PTI_CONSUMED_PCID_BITS 0 @@ -114,7 +114,7 @@ static inline u16 kern_pcid(u16 asid) { VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * Make sure that the dynamic ASID space does not conflict with the * bit we are using to switch between user and kernel ASIDs. @@ -149,7 +149,7 @@ static inline u16 kern_pcid(u16 asid) static inline u16 user_pcid(u16 asid) { u16 ret = kern_pcid(asid); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION ret |= 1 << X86_CR3_PTI_PCID_USER_BIT; #endif return ret; @@ -262,7 +262,7 @@ static void choose_new_asid(struct mm_struct *next, u64 next_tlb_gen, static inline void invalidate_user_asid(u16 asid) { /* There is no user ASID if address space separation is off */ - if (!IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) + if (!IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) return; /* diff --git a/include/linux/pti.h b/include/linux/pti.h index 1a941efcaa62..1fbf9d6c20ef 100644 --- a/include/linux/pti.h +++ b/include/linux/pti.h @@ -2,7 +2,7 @@ #ifndef _INCLUDE_PTI_H #define _INCLUDE_PTI_H -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION #include #else static inline void pti_init(void) { } diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 3d61b2432991..aeb3fbbbce46 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -44,7 +44,7 @@ # define DISABLE_LA57 (1<<(X86_FEATURE_LA57 & 31)) #endif -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define DISABLE_PTI 0 #else # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) From patchwork Thu Oct 19 18:11:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155682 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580519vqb; Thu, 19 Oct 2023 11:38:04 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG/zbEXSgIbzTdU/SPtQG+I8NxystBlY3NFJnCvNuKjXdhW0CKg7oeOJ0+0C+l1YBSykREG X-Received: by 2002:a05:6a20:9191:b0:13d:d5bd:7593 with SMTP id v17-20020a056a20919100b0013dd5bd7593mr3243382pzd.12.1697740684527; Thu, 19 Oct 2023 11:38:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740684; cv=none; d=google.com; s=arc-20160816; b=Epqp+6Or0XibuPSvHT1spZ+u2KhiREZM/agD2dE3u747mu4p+ruoxs0yXawGdI71ld GTpnBnJxtPofyGkCDpSz9z8rDg1N/6EVDnoj/+0TaHFCPnAT4m8ep3KEC7A+EYK3kiaE KPXPZ285/cQxXSTqx9CU3+KXQ8QOylrj/zo4u/+S8ChEqHVsHiq/tKoKlR9wdNpUrqzS 8NdznxNF+FSKsQQQZFO2mvQEUEqE1Uzq+eHZ/sd6UaIhGz+v/5w5y+z5FhCwAB9lVepY +XvAM2VXTHxmWUmO/r3iBndgDg0D1x5qNgOIJ/QuETJu316xf7YefLsaY/lrS3r34AZC QHAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=8o752NINmN2g+QDhuRXgBzSbFMO5pQfgUezKAbrJd8o=; fh=37t1O7cGOFxwoR63DN2RBWTsR8wF0E0LFhz/mhtJEDI=; b=RkShE7OE45kjjb3BlOogrLqsWs+t6rWNRDr3mlKkdoYmZSQpXf+4ao4ABS2AZQ6UMn tYf9XlDrK9gdRfhMB5J9PArJdzWBMZPNWkSGt0CCcZqF/vjthCekDVDopBHfBqLq8S82 7FO470F6WPN5oayFTmHdHSIlmdoUq0NMitCN9ym3HTUiCrhqg4qddabxFm+IGnKs0ULh vqLg8M8Ae6aawuFoEkQLkG9KkmcucYeGGh9P/L7Xlco82T1QPKwFMOWCODdBbkY43iuI D7Da37p8sAkDGwJm4lAdtPhCRNd0oX9sJYYlA3/hcEGMPCeW/vMnPVEAw8TzuJq44nCc 4cLw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from pete.vger.email (pete.vger.email. [23.128.96.36]) by mx.google.com with ESMTPS id v191-20020a6389c8000000b005649893593dsi129645pgd.880.2023.10.19.11.38.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) client-ip=23.128.96.36; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id C988381D55F0; Thu, 19 Oct 2023 11:37:58 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346540AbjJSSg4 (ORCPT + 26 others); Thu, 19 Oct 2023 14:36:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54792 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346539AbjJSSgq (ORCPT ); Thu, 19 Oct 2023 14:36:46 -0400 Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com [209.85.218.53]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9CC20195; Thu, 19 Oct 2023 11:36:41 -0700 (PDT) Received: by mail-ej1-f53.google.com with SMTP id a640c23a62f3a-9b9faf05f51so1803466b.2; Thu, 19 Oct 2023 11:36:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740600; x=1698345400; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8o752NINmN2g+QDhuRXgBzSbFMO5pQfgUezKAbrJd8o=; b=Jbf39nYX0Mp/cTCEJbnR6XKBe+ZHCT03sXPqaajITXiCBsInCmPcJHhUskCb7MEOPy PmPoLBZ+wmKnazYnLFynG0ylxAbDsB+AuwaSMdYKGj52OclaYG2ROKfxtqirHcBe0pM8 4ZjfkHuAmWk/UbqEUCxtQowzr0opGvPPHZiAltrornMOyItFBZVqJBYALIxaVyFV3wpM 1Yjfsp64rWqkDAsv5VgyStJGXnckN6+r3SE/cXBwA/LE6yH4fUVBSquvZCgNMqWSeZmD O8vD8RsWEuIZaTojySew/AbjVdPUocXYP4xN8qMOLjAj0Qh4YXOolmkecLrABry1Gie7 Z46w== X-Gm-Message-State: AOJu0YykiRVenSjLmIwgYtqxDeTuCPYaT09KoDDqKz94A7L/zw5ZStb6 jkLxt29HDv9RT+jYhIDho8Q= X-Received: by 2002:a17:907:72c8:b0:9be:45b3:1c3d with SMTP id du8-20020a17090772c800b009be45b31c3dmr2614610ejc.48.1697740599468; Thu, 19 Oct 2023 11:36:39 -0700 (PDT) Received: from localhost (fwdproxy-cln-006.fbsv.net. [2a03:2880:31ff:6::face:b00c]) by smtp.gmail.com with ESMTPSA id n13-20020a17090673cd00b009b65a834dd6sm10344ejl.215.2023.10.19.11.36.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:36:39 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Peter Zijlstra , Pawan Gupta , Jonathan Corbet , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andy Lutomirski , Steven Rostedt , Masami Hiramatsu , Mark Rutland , Sean Christopherson , Paolo Bonzini , "David S. Miller" , David Ahern , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Wang YanQing , Luis Chamberlain , Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier , Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl Cc: leit@meta.com, "Paul E. McKenney" , Randy Dunlap , Tejun Heo , Catalin Marinas , "Mike Rapoport (IBM)" , Yu-cheng Yu , Rick Edgecombe , Juergen Gross , Kim Phillips , "Kirill A. Shutemov" , Ingo Molnar , Kees Cook , Jinghao Jia , Vincent Whitchurch , Yang Jihong , Petr Pavlu , Andrew Morton , Sami Tolvanen , Alyssa Ross , Alexander Potapenko , Ricardo Ribalda , Marco Elver , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org (open list:DOCUMENTATION), linux-kernel@vger.kernel.org (open list), linux-trace-kernel@vger.kernel.org (open list:FUNCTION HOOKS (FTRACE)), kvm@vger.kernel.org (open list:KERNEL VIRTUAL MACHINE FOR X86 (KVM/x86)), bpf@vger.kernel.org (open list:BPF [GENERAL] (Safe Dynamic Programs and Tools)), netdev@vger.kernel.org (open list:NETWORKING [IPv4/IPv6]), linux-modules@vger.kernel.org (open list:MODULE SUPPORT), netfilter-devel@vger.kernel.org (open list:NETFILTER), coreteam@netfilter.org (open list:NETFILTER), rust-for-linux@vger.kernel.org (open list:RUST) Subject: [PATCH v5 05/12] x86/bugs: Rename RETPOLINE to MITIGATION_RETPOLINE Date: Thu, 19 Oct 2023 11:11:51 -0700 Message-Id: <20231019181158.1982205-6-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:37:58 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210136096526980 X-GMAIL-MSGID: 1780210136096526980 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from RETPOLINE to MITIGATION_RETPOLINE. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- Documentation/admin-guide/hw-vuln/spectre.rst | 8 ++++---- Documentation/admin-guide/kernel-parameters.txt | 4 ++-- arch/x86/Kconfig | 6 +++--- arch/x86/Makefile | 4 ++-- arch/x86/entry/vdso/Makefile | 4 ++-- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/linkage.h | 8 ++++---- arch/x86/include/asm/nospec-branch.h | 8 ++++---- arch/x86/kernel/alternative.c | 6 +++--- arch/x86/kernel/cpu/bugs.c | 6 +++--- arch/x86/kernel/ftrace.c | 2 +- arch/x86/kernel/kprobes/opt.c | 2 +- arch/x86/kernel/vmlinux.lds.S | 2 +- arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/kvm/mmu/mmu_internal.h | 2 +- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/svm/vmenter.S | 4 ++-- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/lib/Makefile | 2 +- arch/x86/net/bpf_jit_comp.c | 2 +- arch/x86/net/bpf_jit_comp32.c | 2 +- arch/x86/purgatory/Makefile | 2 +- include/linux/compiler-gcc.h | 2 +- include/linux/indirect_call_wrapper.h | 2 +- include/linux/module.h | 2 +- include/net/netfilter/nf_tables_core.h | 2 +- include/net/tc_wrapper.h | 2 +- kernel/trace/ring_buffer.c | 2 +- net/netfilter/Makefile | 2 +- net/netfilter/nf_tables_core.c | 6 +++--- net/netfilter/nft_ct.c | 4 ++-- net/netfilter/nft_lookup.c | 2 +- net/sched/sch_api.c | 2 +- scripts/Makefile.lib | 2 +- scripts/generate_rust_target.rs | 2 +- scripts/mod/modpost.c | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 37 files changed, 59 insertions(+), 59 deletions(-) diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst index 32a8893e5617..cce768afec6b 100644 --- a/Documentation/admin-guide/hw-vuln/spectre.rst +++ b/Documentation/admin-guide/hw-vuln/spectre.rst @@ -473,8 +473,8 @@ Spectre variant 2 -mindirect-branch=thunk-extern -mindirect-branch-register options. If the kernel is compiled with a Clang compiler, the compiler needs to support -mretpoline-external-thunk option. The kernel config - CONFIG_RETPOLINE needs to be turned on, and the CPU needs to run with - the latest updated microcode. + CONFIG_MITIGATION_RETPOLINE needs to be turned on, and the CPU needs + to run with the latest updated microcode. On Intel Skylake-era systems the mitigation covers most, but not all, cases. See :ref:`[3] ` for more details. @@ -609,8 +609,8 @@ kernel command line. Selecting 'on' will, and 'auto' may, choose a mitigation method at run time according to the CPU, the available microcode, the setting of the - CONFIG_RETPOLINE configuration option, and the - compiler with which the kernel was built. + CONFIG_MITIGATION_RETPOLINE configuration option, + and the compiler with which the kernel was built. Selecting 'on' will also enable the mitigation against user space to user space task attacks. diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index ba0f4fbbe57d..60faccd29a34 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5978,8 +5978,8 @@ Selecting 'on' will, and 'auto' may, choose a mitigation method at run time according to the CPU, the available microcode, the setting of the - CONFIG_RETPOLINE configuration option, and the - compiler with which the kernel was built. + CONFIG_MITIGATION_RETPOLINE configuration option, + and the compiler with which the kernel was built. Selecting 'on' will also enable the mitigation against user space to user space task attacks. diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 46885150efd2..f3593461ce35 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2436,7 +2436,7 @@ config CALL_PADDING config FINEIBT def_bool y - depends on X86_KERNEL_IBT && CFI_CLANG && RETPOLINE + depends on X86_KERNEL_IBT && CFI_CLANG && MITIGATION_RETPOLINE select CALL_PADDING config HAVE_CALL_THUNKS @@ -2474,7 +2474,7 @@ config MITIGATION_PAGE_TABLE_ISOLATION See Documentation/arch/x86/pti.rst for more details. -config RETPOLINE +config MITIGATION_RETPOLINE bool "Avoid speculative indirect branches in kernel" select OBJTOOL if HAVE_OBJTOOL default y @@ -2486,7 +2486,7 @@ config RETPOLINE config RETHUNK bool "Enable return-thunks" - depends on RETPOLINE && CC_HAS_RETURN_THUNK + depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK select OBJTOOL if HAVE_OBJTOOL default y if X86_64 help diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 22e41d9dbc23..3053b60f017b 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -191,7 +191,7 @@ KBUILD_CFLAGS += -Wno-sign-compare KBUILD_CFLAGS += -fno-asynchronous-unwind-tables # Avoid indirect branches in kernel to deal with Spectre -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) # Additionally, avoid generating expensive indirect jumps which # are subject to retpolines for small number of switch cases. @@ -299,7 +299,7 @@ vdso_install: archprepare: checkbin checkbin: -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE ifeq ($(RETPOLINE_CFLAGS),) @echo "You are building kernel with non-retpoline compiler." >&2 @echo "Please update your compiler." >&2 diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 6a1821bd7d5e..7605f41a5454 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -86,7 +86,7 @@ CFL := $(PROFILING) -mcmodel=small -fPIC -O2 -fasynchronous-unwind-tables -m64 \ -fno-omit-frame-pointer -foptimize-sibling-calls \ -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE ifneq ($(RETPOLINE_VDSO_CFLAGS),) CFL += $(RETPOLINE_VDSO_CFLAGS) endif @@ -163,7 +163,7 @@ KBUILD_CFLAGS_32 += $(call cc-option, -foptimize-sibling-calls) KBUILD_CFLAGS_32 += -fno-omit-frame-pointer KBUILD_CFLAGS_32 += -DDISABLE_BRANCH_PROFILING -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE ifneq ($(RETPOLINE_VDSO_CFLAGS),) KBUILD_CFLAGS_32 += $(RETPOLINE_VDSO_CFLAGS) endif diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index fb604ec95a5f..24e4010c33b6 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -50,7 +50,7 @@ # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) #endif -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE # define DISABLE_RETPOLINE 0 #else # define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \ diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h index 571fe4d2d232..c5165204c66f 100644 --- a/arch/x86/include/asm/linkage.h +++ b/arch/x86/include/asm/linkage.h @@ -42,25 +42,25 @@ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define RET jmp __x86_return_thunk -#else /* CONFIG_RETPOLINE */ +#else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_SLS #define RET ret; int3 #else #define RET ret #endif -#endif /* CONFIG_RETPOLINE */ +#endif /* CONFIG_MITIGATION_RETPOLINE */ #else /* __ASSEMBLY__ */ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define ASM_RET "jmp __x86_return_thunk\n\t" -#else /* CONFIG_RETPOLINE */ +#else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_SLS #define ASM_RET "ret; int3\n\t" #else #define ASM_RET "ret\n\t" #endif -#endif /* CONFIG_RETPOLINE */ +#endif /* CONFIG_MITIGATION_RETPOLINE */ #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 64d9f0e87419..cab7c937c71b 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -241,7 +241,7 @@ * instruction irrespective of kCFI. */ .macro JMP_NOSPEC reg:req -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE __CS_PREFIX \reg jmp __x86_indirect_thunk_\reg #else @@ -251,7 +251,7 @@ .endm .macro CALL_NOSPEC reg:req -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE __CS_PREFIX \reg call __x86_indirect_thunk_\reg #else @@ -378,7 +378,7 @@ static inline void call_depth_return_thunk(void) {} #endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE #define GEN(reg) \ extern retpoline_thunk_t __x86_indirect_thunk_ ## reg; @@ -399,7 +399,7 @@ static inline void call_depth_return_thunk(void) {} /* * Inline asm uses the %V modifier which is only in newer GCC - * which is ensured when CONFIG_RETPOLINE is defined. + * which is ensured when CONFIG_MITIGATION_RETPOLINE is defined. */ # define CALL_NOSPEC \ ALTERNATIVE_2( \ diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 517ee01503be..8932f524c935 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -460,7 +460,7 @@ static inline bool is_jcc32(struct insn *insn) return insn->opcode.bytes[0] == 0x0f && (insn->opcode.bytes[1] & 0xf0) == 0x80; } -#if defined(CONFIG_RETPOLINE) && defined(CONFIG_OBJTOOL) +#if defined(CONFIG_MITIGATION_RETPOLINE) && defined(CONFIG_OBJTOOL) /* * CALL/JMP *%\reg @@ -760,12 +760,12 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end) void __init_or_module noinline apply_returns(s32 *start, s32 *end) { } #endif /* CONFIG_RETHUNK */ -#else /* !CONFIG_RETPOLINE || !CONFIG_OBJTOOL */ +#else /* !CONFIG_MITIGATION_RETPOLINE || !CONFIG_OBJTOOL */ void __init_or_module noinline apply_retpolines(s32 *start, s32 *end) { } void __init_or_module noinline apply_returns(s32 *start, s32 *end) { } -#endif /* CONFIG_RETPOLINE && CONFIG_OBJTOOL */ +#endif /* CONFIG_MITIGATION_RETPOLINE && CONFIG_OBJTOOL */ #ifdef CONFIG_X86_KERNEL_IBT diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b906ed4f3091..fc46fd6447f9 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1103,7 +1103,7 @@ static enum spectre_v2_user_mitigation spectre_v2_user_stibp __ro_after_init = static enum spectre_v2_user_mitigation spectre_v2_user_ibpb __ro_after_init = SPECTRE_V2_USER_NONE; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE static bool spectre_v2_bad_module; bool retpoline_module_ok(bool has_retpoline) @@ -1416,7 +1416,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) cmd == SPECTRE_V2_CMD_RETPOLINE_GENERIC || cmd == SPECTRE_V2_CMD_EIBRS_LFENCE || cmd == SPECTRE_V2_CMD_EIBRS_RETPOLINE) && - !IS_ENABLED(CONFIG_RETPOLINE)) { + !IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) { pr_err("%s selected but not compiled in. Switching to AUTO select\n", mitigation_options[i].option); return SPECTRE_V2_CMD_AUTO; @@ -1470,7 +1470,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) static enum spectre_v2_mitigation __init spectre_v2_select_retpoline(void) { - if (!IS_ENABLED(CONFIG_RETPOLINE)) { + if (!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) { pr_err("Kernel not compiled with retpoline; no mitigation available!"); return SPECTRE_V2_NONE; } diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 7ed7e8297ba3..0f26758c7a93 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -297,7 +297,7 @@ union ftrace_op_code_union { } __attribute__((packed)); }; -#define RET_SIZE (IS_ENABLED(CONFIG_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS)) +#define RET_SIZE (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS)) static unsigned long create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c index 517821b48391..36d6809c6c9e 100644 --- a/arch/x86/kernel/kprobes/opt.c +++ b/arch/x86/kernel/kprobes/opt.c @@ -324,7 +324,7 @@ static int can_optimize(unsigned long paddr) * However, the kernel built with retpolines or IBT has jump * tables disabled so the check can be skipped altogether. */ - if (!IS_ENABLED(CONFIG_RETPOLINE) && + if (!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && !IS_ENABLED(CONFIG_X86_KERNEL_IBT) && insn_is_indirect_jump(&insn)) return 0; diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 9cdb1a7332c4..68654303c98e 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -277,7 +277,7 @@ SECTIONS __parainstructions_end = .; } -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* * List of instructions that call/jmp/jcc to retpoline thunks * __x86_indirect_thunk_*(). These instructions can be patched along diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 2dea9ec589ce..d4fba1cc3e91 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -263,7 +263,7 @@ static unsigned long get_guest_cr3(struct kvm_vcpu *vcpu) static inline unsigned long kvm_mmu_get_guest_pgd(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu) { - if (IS_ENABLED(CONFIG_RETPOLINE) && mmu->get_guest_pgd == get_guest_cr3) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && mmu->get_guest_pgd == get_guest_cr3) return kvm_read_cr3(vcpu); return mmu->get_guest_pgd(vcpu); diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index decc1f153669..bf73a121c5ef 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -312,7 +312,7 @@ static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, if (!prefetch) vcpu->stat.pf_taken++; - if (IS_ENABLED(CONFIG_RETPOLINE) && fault.is_tdp) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && fault.is_tdp) r = kvm_tdp_page_fault(vcpu, &fault); else r = vcpu->arch.mmu->page_fault(vcpu, &fault); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c2dae8ff9dc4..37295f8badee 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3453,7 +3453,7 @@ int svm_invoke_exit_handler(struct kvm_vcpu *vcpu, u64 exit_code) if (!svm_check_exit_valid(exit_code)) return svm_handle_invalid_exit(vcpu, exit_code); -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE if (exit_code == SVM_EXIT_MSR) return msr_interception(vcpu); else if (exit_code == SVM_EXIT_VINTR) diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S index ef2ebabb059c..b9e08837ab96 100644 --- a/arch/x86/kvm/svm/vmenter.S +++ b/arch/x86/kvm/svm/vmenter.S @@ -207,7 +207,7 @@ SYM_FUNC_START(__svm_vcpu_run) 7: vmload %_ASM_AX 8: -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */ FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE #endif @@ -344,7 +344,7 @@ SYM_FUNC_START(__svm_sev_es_vcpu_run) /* Pop @svm to RDI, guest registers have been saved already. */ pop %_ASM_DI -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */ FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE #endif diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 86ce9efe6c66..c782a4a46198 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6544,7 +6544,7 @@ static int __vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) if (exit_reason.basic >= kvm_vmx_max_exit_handlers) goto unexpected_vmexit; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE if (exit_reason.basic == EXIT_REASON_MSR_WRITE) return kvm_emulate_wrmsr(vcpu); else if (exit_reason.basic == EXIT_REASON_PREEMPTION_TIMER) diff --git a/arch/x86/lib/Makefile b/arch/x86/lib/Makefile index ea3a28e7b613..72cc9c90e9f3 100644 --- a/arch/x86/lib/Makefile +++ b/arch/x86/lib/Makefile @@ -49,7 +49,7 @@ lib-$(CONFIG_ARCH_HAS_COPY_MC) += copy_mc.o copy_mc_64.o lib-$(CONFIG_INSTRUCTION_DECODER) += insn.o inat.o insn-eval.o lib-$(CONFIG_RANDOMIZE_BASE) += kaslr.o lib-$(CONFIG_FUNCTION_ERROR_INJECTION) += error-inject.o -lib-$(CONFIG_RETPOLINE) += retpoline.o +lib-$(CONFIG_MITIGATION_RETPOLINE) += retpoline.o obj-y += msr.o msr-reg.o msr-reg-export.o hweight.o obj-y += iomem.o diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c index 8c10d9abc239..ef732f323926 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -469,7 +469,7 @@ static void emit_indirect_jump(u8 **pprog, int reg, u8 *ip) emit_jump(&prog, &__x86_indirect_thunk_array[reg], ip); } else { EMIT2(0xFF, 0xE0 + reg); /* jmp *%\reg */ - if (IS_ENABLED(CONFIG_RETPOLINE) || IS_ENABLED(CONFIG_SLS)) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_SLS)) EMIT1(0xCC); /* int3 */ } diff --git a/arch/x86/net/bpf_jit_comp32.c b/arch/x86/net/bpf_jit_comp32.c index 429a89c5468b..efca6bd818a3 100644 --- a/arch/x86/net/bpf_jit_comp32.c +++ b/arch/x86/net/bpf_jit_comp32.c @@ -1273,7 +1273,7 @@ static int emit_jmp_edx(u8 **pprog, u8 *ip) u8 *prog = *pprog; int cnt = 0; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE EMIT1_off32(0xE9, (u8 *)__x86_indirect_thunk_edx - (ip + 5)); #else EMIT2(0xFF, 0xE2); diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile index 08aa0f25f12a..bc31863c5ee6 100644 --- a/arch/x86/purgatory/Makefile +++ b/arch/x86/purgatory/Makefile @@ -61,7 +61,7 @@ ifdef CONFIG_STACKPROTECTOR_STRONG PURGATORY_CFLAGS_REMOVE += -fstack-protector-strong endif -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE PURGATORY_CFLAGS_REMOVE += $(RETPOLINE_CFLAGS) endif diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index 2ceba3fe4ec1..d24f29091f4b 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -35,7 +35,7 @@ (typeof(ptr)) (__ptr + (off)); \ }) -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE #define __noretpoline __attribute__((__indirect_branch__("keep"))) #endif diff --git a/include/linux/indirect_call_wrapper.h b/include/linux/indirect_call_wrapper.h index c1c76a70a6ce..fe050dab55a3 100644 --- a/include/linux/indirect_call_wrapper.h +++ b/include/linux/indirect_call_wrapper.h @@ -2,7 +2,7 @@ #ifndef _LINUX_INDIRECT_CALL_WRAPPER_H #define _LINUX_INDIRECT_CALL_WRAPPER_H -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* * INDIRECT_CALL_$NR - wrapper for indirect calls with $NR known builtin diff --git a/include/linux/module.h b/include/linux/module.h index a98e188cf37b..d45e17fa7f98 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -883,7 +883,7 @@ static inline void module_bug_finalize(const Elf_Ehdr *hdr, static inline void module_bug_cleanup(struct module *mod) {} #endif /* CONFIG_GENERIC_BUG */ -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE extern bool retpoline_module_ok(bool has_retpoline); #else static inline bool retpoline_module_ok(bool has_retpoline) diff --git a/include/net/netfilter/nf_tables_core.h b/include/net/netfilter/nf_tables_core.h index 780a5f6ad4a6..ff27cb2e1662 100644 --- a/include/net/netfilter/nf_tables_core.h +++ b/include/net/netfilter/nf_tables_core.h @@ -93,7 +93,7 @@ extern const struct nft_set_type nft_set_bitmap_type; extern const struct nft_set_type nft_set_pipapo_type; extern const struct nft_set_type nft_set_pipapo_avx2_type; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE bool nft_rhash_lookup(const struct net *net, const struct nft_set *set, const u32 *key, const struct nft_set_ext **ext); bool nft_rbtree_lookup(const struct net *net, const struct nft_set *set, diff --git a/include/net/tc_wrapper.h b/include/net/tc_wrapper.h index a6d481b5bcbc..a13ba0326d5e 100644 --- a/include/net/tc_wrapper.h +++ b/include/net/tc_wrapper.h @@ -4,7 +4,7 @@ #include -#if IS_ENABLED(CONFIG_RETPOLINE) +#if IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) #include #include diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 515cafdb18d9..b1098ec2e7d7 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -1193,7 +1193,7 @@ static inline u64 rb_time_stamp(struct trace_buffer *buffer) u64 ts; /* Skip retpolines :-( */ - if (IS_ENABLED(CONFIG_RETPOLINE) && likely(buffer->clock == trace_clock_local)) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && likely(buffer->clock == trace_clock_local)) ts = trace_clock_local(); else ts = buffer->clock(); diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile index d4958e7e7631..614815a3ed73 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile @@ -101,7 +101,7 @@ endif endif ifdef CONFIG_NFT_CT -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE nf_tables-objs += nft_ct_fast.o endif endif diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c index 4d0ce12221f6..54f7c96b7dd9 100644 --- a/net/netfilter/nf_tables_core.c +++ b/net/netfilter/nf_tables_core.c @@ -21,7 +21,7 @@ #include #include -#if defined(CONFIG_RETPOLINE) && defined(CONFIG_X86) +#if defined(CONFIG_MITIGATION_RETPOLINE) && defined(CONFIG_X86) static struct static_key_false nf_tables_skip_direct_calls; @@ -207,7 +207,7 @@ static void expr_call_ops_eval(const struct nft_expr *expr, struct nft_regs *regs, struct nft_pktinfo *pkt) { -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE unsigned long e; if (nf_skip_indirect_calls()) @@ -236,7 +236,7 @@ static void expr_call_ops_eval(const struct nft_expr *expr, X(e, nft_objref_map_eval); #undef X indirect_call: -#endif /* CONFIG_RETPOLINE */ +#endif /* CONFIG_MITIGATION_RETPOLINE */ expr->ops->eval(expr, regs, pkt); } diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 86bb9d7797d9..d3e66bcb2a91 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c @@ -751,7 +751,7 @@ static bool nft_ct_set_reduce(struct nft_regs_track *track, return false; } -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE static const struct nft_expr_ops nft_ct_get_fast_ops = { .type = &nft_ct_type, .size = NFT_EXPR_SIZE(sizeof(struct nft_ct)), @@ -796,7 +796,7 @@ nft_ct_select_ops(const struct nft_ctx *ctx, return ERR_PTR(-EINVAL); if (tb[NFTA_CT_DREG]) { -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE u32 k = ntohl(nla_get_be32(tb[NFTA_CT_KEY])); switch (k) { diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c index 870e5b113d13..a0055f510e31 100644 --- a/net/netfilter/nft_lookup.c +++ b/net/netfilter/nft_lookup.c @@ -24,7 +24,7 @@ struct nft_lookup { struct nft_set_binding binding; }; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE bool nft_set_do_lookup(const struct net *net, const struct nft_set *set, const u32 *key, const struct nft_set_ext **ext) { diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c index e9eaf637220e..d577c9e1cb42 100644 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@ -2353,7 +2353,7 @@ static struct pernet_operations psched_net_ops = { .exit = psched_net_exit, }; -#if IS_ENABLED(CONFIG_RETPOLINE) +#if IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) DEFINE_STATIC_KEY_FALSE(tc_skip_wrapper); #endif diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index cc44c95c49cc..d6e157938b5f 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -262,7 +262,7 @@ ifdef CONFIG_FTRACE_MCOUNT_USE_OBJTOOL objtool-args-$(CONFIG_HAVE_OBJTOOL_NOP_MCOUNT) += --mnop endif objtool-args-$(CONFIG_UNWINDER_ORC) += --orc -objtool-args-$(CONFIG_RETPOLINE) += --retpoline +objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline objtool-args-$(CONFIG_RETHUNK) += --rethunk objtool-args-$(CONFIG_SLS) += --sls objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval diff --git a/scripts/generate_rust_target.rs b/scripts/generate_rust_target.rs index 3c6cbe2b278d..eaf524603796 100644 --- a/scripts/generate_rust_target.rs +++ b/scripts/generate_rust_target.rs @@ -155,7 +155,7 @@ fn main() { "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128", ); let mut features = "-3dnow,-3dnowa,-mmx,+soft-float".to_string(); - if cfg.has("RETPOLINE") { + if cfg.has("MITIGATION_RETPOLINE") { features += ",+retpoline-external-thunk"; } ts.push("features", features); diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index 2f3b0fe6f68d..55dde62c07c2 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1886,7 +1886,7 @@ static void add_header(struct buffer *b, struct module *mod) buf_printf(b, "\n" - "#ifdef CONFIG_RETPOLINE\n" + "#ifdef CONFIG_MITIGATION_RETPOLINE\n" "MODULE_INFO(retpoline, \"Y\");\n" "#endif\n"); diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index aeb3fbbbce46..d05158d8fe5f 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -50,7 +50,7 @@ # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) #endif -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE # define DISABLE_RETPOLINE 0 #else # define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \ From patchwork Thu Oct 19 18:11:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155680 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580313vqb; Thu, 19 Oct 2023 11:37:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG/1cp95/apX7JIP8qhHy85YKcX9Q+sdr+XA2cQMVN0Y20kbD+3kaT8QSONtRcZbb21e/Ju X-Received: by 2002:a17:903:2288:b0:1c6:e1d:8be0 with SMTP id b8-20020a170903228800b001c60e1d8be0mr4265371plh.2.1697740659025; Thu, 19 Oct 2023 11:37:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740659; cv=none; d=google.com; s=arc-20160816; b=SmOQHoOZsPOTB37iFcLhbGaK4GY/R5tIdvZEVOQAwnKkIzHhh4rTohaNhQ6szxLhtF uZ4idu0wBA/sgCzRP8DzQzL3kReSSU77jgXkfK3zEkA77NMxw17xx/MErimMpm4WEilr w4HxI016e8AwFbpaLzHDHN4wMt6Nkv/rqQjB6Jzsf1RT+lVg8CmpilV8VquKFOmMEEtN +70ZNflwjGum9V5ksvjUM7SgrsO85tpws0tQ9q6JVjNoKpLR4zZ54B3mBr+WTZ9JESDf lhvYNdSuh5oMlVkFvCGh7Q9cHOoNHfvAJtUgjUQnOuI+a/kZnjFJaZ4Edoa/WtK5hvv2 F+nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=FpAc9JR2llpI5jbz/4KyEoDjDKwVg7PxCT40QCvua5I=; fh=egepbPU8yzJD4Jf91kzzsS2MdgCpsut8zzOwbCkVpQM=; b=Qpf0pibksqpVz0/7kTmMe3i4AevfbAhJH4J46WRi/QLY5UxW2Ty88smDUrR6jTM/AX 3G9nD3sEk2Ol/v+JQFLnmFoyPpPhMwBHBYrf4wSe/JwXAws4ny1lvqkU7jFya5J7DJLN UxcnJvIZ/gYS8kRyVMUgeB0F+WpupZLfdxfSxDBrYWYc1vE9kbfJ2SE2UbEZYMSzHFUQ JGvTeXrqtacI1Jj8G3ntod6rv/d3vb/oYTKJyWAWtzjZohsXxKVotsqhnjUyt7xxF3Em 589ZEvBcPArizVLFheRXv1fU6B4bj0VyQhLL2wu9EJKWAgyjNzmyaqst1Yoe5ag2hc5K ykBg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id t9-20020a170902e84900b001b5589848absi73945plg.234.2023.10.19.11.37.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 62A7081B5AB4; Thu, 19 Oct 2023 11:37:33 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346458AbjJSShL (ORCPT + 26 others); Thu, 19 Oct 2023 14:37:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55312 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346490AbjJSSg5 (ORCPT ); Thu, 19 Oct 2023 14:36:57 -0400 Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EDB38196; Thu, 19 Oct 2023 11:36:54 -0700 (PDT) Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-53e07db272cso13123661a12.3; Thu, 19 Oct 2023 11:36:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740613; x=1698345413; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FpAc9JR2llpI5jbz/4KyEoDjDKwVg7PxCT40QCvua5I=; b=sZKZlls9FjrlXZG8l3YYDwdt1fS0tbCDa3vOKS/MXDlitc4UHV2/BtBDTaDBSRfG2z 2kl6ozcE01biBe5zt3bOk8DgwSXszVxAdoWjX2N0CVtLXitexekuhJAH8xHIcoameOXe /PSA2yndIAsAd4wFeLaYYRqABXWlNn+XSLCHmbSfCOLNfgH1VWfvhrl0C7rQFzZA50Y5 t3ylOREg1LAnV66swyWYV6Uw6SpWeJWq+VL3TjDSWFlE9oDSFKI8O4juBKIUuf8dMael Mj7+1lbRWHoPF3CXlM+VAXsfZCqzrGWSC/7SpSPBIWWDfMtM8QdLzIyhISwQGRfOtZHY iw7Q== X-Gm-Message-State: AOJu0Yy5Cora7JMDLbN0Vyw0rLb4WMM9pek9VjHvJ914GFWCzKBf2Aaz UleAvqRBgo3w/AW6bWjU80E= X-Received: by 2002:a17:907:928b:b0:9bf:3c7d:5f53 with SMTP id bw11-20020a170907928b00b009bf3c7d5f53mr2290910ejc.45.1697740613060; Thu, 19 Oct 2023 11:36:53 -0700 (PDT) Received: from localhost (fwdproxy-cln-020.fbsv.net. [2a03:2880:31ff:14::face:b00c]) by smtp.gmail.com with ESMTPSA id a6-20020a1709064a4600b009ae05f9eab3sm24469ejv.65.2023.10.19.11.36.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:36:52 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Steven Rostedt , Masami Hiramatsu , Mark Rutland , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , "David S. Miller" , David Ahern , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, Peter Zijlstra , Ingo Molnar , Vincent Whitchurch , Jinghao Jia , Kees Cook , linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)), linux-trace-kernel@vger.kernel.org (open list:FUNCTION HOOKS (FTRACE)), bpf@vger.kernel.org (open list:BPF [GENERAL] (Safe Dynamic Programs and Tools)), netdev@vger.kernel.org (open list:NETWORKING [IPv4/IPv6]) Subject: [PATCH v5 06/12] x86/bugs: Rename SLS to CONFIG_MITIGATION_SLS Date: Thu, 19 Oct 2023 11:11:52 -0700 Message-Id: <20231019181158.1982205-7-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:37:33 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210109065699724 X-GMAIL-MSGID: 1780210109065699724 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from SLS to MITIGATION_SLS. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/Makefile | 2 +- arch/x86/include/asm/linkage.h | 4 ++-- arch/x86/kernel/alternative.c | 4 ++-- arch/x86/kernel/ftrace.c | 3 ++- arch/x86/net/bpf_jit_comp.c | 4 ++-- scripts/Makefile.lib | 2 +- 7 files changed, 11 insertions(+), 10 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index f3593461ce35..9dd2fb555973 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2556,7 +2556,7 @@ config CPU_SRSO help Enable the SRSO mitigation needed on AMD Zen1-4 machines. -config SLS +config MITIGATION_SLS bool "Mitigate Straight-Line-Speculation" depends on CC_HAS_SLS && X86_64 select OBJTOOL if HAVE_OBJTOOL diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 3053b60f017b..1ac5d6002f5f 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -204,7 +204,7 @@ ifdef CONFIG_MITIGATION_RETPOLINE endif endif -ifdef CONFIG_SLS +ifdef CONFIG_MITIGATION_SLS KBUILD_CFLAGS += -mharden-sls=all endif diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h index c5165204c66f..09e2d026df33 100644 --- a/arch/x86/include/asm/linkage.h +++ b/arch/x86/include/asm/linkage.h @@ -43,7 +43,7 @@ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define RET jmp __x86_return_thunk #else /* CONFIG_MITIGATION_RETPOLINE */ -#ifdef CONFIG_SLS +#ifdef CONFIG_MITIGATION_SLS #define RET ret; int3 #else #define RET ret @@ -55,7 +55,7 @@ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define ASM_RET "jmp __x86_return_thunk\n\t" #else /* CONFIG_MITIGATION_RETPOLINE */ -#ifdef CONFIG_SLS +#ifdef CONFIG_MITIGATION_SLS #define ASM_RET "ret; int3\n\t" #else #define ASM_RET "ret\n\t" diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 8932f524c935..ea9652eb455b 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -624,8 +624,8 @@ static int patch_retpoline(void *addr, struct insn *insn, u8 *bytes) /* * The compiler is supposed to EMIT an INT3 after every unconditional * JMP instruction due to AMD BTC. However, if the compiler is too old - * or SLS isn't enabled, we still need an INT3 after indirect JMPs - * even on Intel. + * or MITIGATION_SLS isn't enabled, we still need an INT3 after + * indirect JMPs even on Intel. */ if (op == JMP32_INSN_OPCODE && i < insn->length) bytes[i++] = INT3_INSN_OPCODE; diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 0f26758c7a93..b000158b781a 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -297,7 +297,8 @@ union ftrace_op_code_union { } __attribute__((packed)); }; -#define RET_SIZE (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS)) +#define RET_SIZE \ + (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_MITIGATION_SLS)) static unsigned long create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c index ef732f323926..96a63c4386a9 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -469,7 +469,7 @@ static void emit_indirect_jump(u8 **pprog, int reg, u8 *ip) emit_jump(&prog, &__x86_indirect_thunk_array[reg], ip); } else { EMIT2(0xFF, 0xE0 + reg); /* jmp *%\reg */ - if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_SLS)) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_MITIGATION_SLS)) EMIT1(0xCC); /* int3 */ } @@ -484,7 +484,7 @@ static void emit_return(u8 **pprog, u8 *ip) emit_jump(&prog, x86_return_thunk, ip); } else { EMIT1(0xC3); /* ret */ - if (IS_ENABLED(CONFIG_SLS)) + if (IS_ENABLED(CONFIG_MITIGATION_SLS)) EMIT1(0xCC); /* int3 */ } diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index d6e157938b5f..0d5461276179 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -264,7 +264,7 @@ endif objtool-args-$(CONFIG_UNWINDER_ORC) += --orc objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline objtool-args-$(CONFIG_RETHUNK) += --rethunk -objtool-args-$(CONFIG_SLS) += --sls +objtool-args-$(CONFIG_MITIGATION_SLS) += --sls objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval objtool-args-$(CONFIG_HAVE_STATIC_CALL_INLINE) += --static-call objtool-args-$(CONFIG_HAVE_UACCESS_VALIDATION) += --uaccess From patchwork Thu Oct 19 18:11:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155685 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580760vqb; Thu, 19 Oct 2023 11:38:27 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH4FtbHtcX+U9lZwDpSru6sARwKxLp0T6O32buD+3wTIOfycMTpS24Igp9lDA//UHW7H6ZL X-Received: by 2002:a05:6870:a70c:b0:1e9:919d:83ec with SMTP id g12-20020a056870a70c00b001e9919d83ecmr3514653oam.28.1697740707533; Thu, 19 Oct 2023 11:38:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740707; cv=none; d=google.com; s=arc-20160816; b=bdLw2Bb932e4QpdyPrJar2vIp5wkt0ufyAStAkvzNHmDZuMXkXBzfVEsVjuDC6Dj57 VVSs8SF3UjEXTGqOq6+SwT11aKZ4Bdb8T5WuNaR/iOo8QSG29NOhESjELAoBw5261a09 TzSPIYzTiEFKvdXXIwF3sfgwTPMh9vT792tAmceaZul1uSm/o6LYx/HALS1w1CZE7+f4 HvwAelOJLToLOkMEwELhQJK1qNT3tKugh9nmj0/G5e07TCECstlhhgwxhOIZ5pB/HfG0 ID1e+JTXJIg7C6tq873+NAJODaf/QKR4YfmL5a2B5SkPh8R6EHsFSod9kPLpkSlzPEMQ nKsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=XkoW5aQMoYpr1B6dX9DBsDIJXLRfmJm42oJji+E7lfc=; fh=K/Ww6OHMc4jxgHxNrl9uJZWFUnz0wG3T5hSES9AYi/g=; b=q24s5+SHYHXIJkdFUwPiZDQrBI9Slv4q2Fh7/4lu5o4I3W3B8OWg4UGQQKLqDEZ0Dm /nqzydDeOsS2VQxtpLjMi1kUFNLKUPlysq1pe1rKmL6ZKRjC1JlefwijAv5q6jd9iJco ebFQLPePMPcQr7ZO0wuxiq7aNpSJFUyU6MqRMXc4ijiEq8KHj6ntB/Nv1gia6e0udi9x vO3aTA3WnRMtx1OucCu1rWB+4pydTs+BLSa3SmEla4LC9AqRs1teIv78w03aw9/Op0UV aUb4jFPXzfxYxyBMSBR9CznkvAw+XOFwc1V6BquJQGFJ321RfewY2FQDxXgvMHE+7OP5 cKcQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id h184-20020a6383c1000000b005b7d9aace9dsi165854pge.46.2023.10.19.11.38.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 9BE4A82C515F; Thu, 19 Oct 2023 11:38:19 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346254AbjJSShc (ORCPT + 26 others); Thu, 19 Oct 2023 14:37:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54612 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233372AbjJSSh1 (ORCPT ); Thu, 19 Oct 2023 14:37:27 -0400 Received: from mail-ed1-f49.google.com (mail-ed1-f49.google.com [209.85.208.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 860BA18D for ; Thu, 19 Oct 2023 11:37:20 -0700 (PDT) Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-51e28cac164so2367510a12.1 for ; Thu, 19 Oct 2023 11:37:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740639; x=1698345439; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XkoW5aQMoYpr1B6dX9DBsDIJXLRfmJm42oJji+E7lfc=; b=N/zvqnKYWPT6hhX1sOlKfRabMBJVh0z8pLvjfntHrsnpzLL+DquQQmxgMSZiE0YCA5 p8Mj24uZmjri617k3CEde8P1dTk8j0qQsKXNFXrApDfDWT42JSHrDI6bT6XtHu76CVdi GANLGFlM36aotG8mAJJuO2o0PeeiFWwsbqJkZUu+yWa3fL42T9WlkJmukebd/KwQRiDU rmE56xcTsxgu8R4nVRaAYMNrZ3Ms0u6w0l/ZwDEek4Mrr3wOMG/UqQUKuOpufP8HcFhh qIIPcTjA6PpVxB0uYmMbuY+e5v8sHNog+BnORpcfD66jExYAB4sHy6JWi4D9b8wjgt/X V6fg== X-Gm-Message-State: AOJu0YzmcnIG4epP9cqZSOJo5TypIw/aEcOZ3LlH+ongFStGpLwUySjp 4g9pRgYhH2gi9taqoHsa5Co= X-Received: by 2002:a17:907:c205:b0:9ae:50ec:bd81 with SMTP id ti5-20020a170907c20500b009ae50ecbd81mr2258719ejc.21.1697740638313; Thu, 19 Oct 2023 11:37:18 -0700 (PDT) Received: from localhost (fwdproxy-cln-004.fbsv.net. [2a03:2880:31ff:4::face:b00c]) by smtp.gmail.com with ESMTPSA id c21-20020a50d655000000b00537963f692esm81680edj.0.2023.10.19.11.37.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:17 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, Yu-cheng Yu , "Mike Rapoport (IBM)" , Rick Edgecombe , "Kirill A. Shutemov" , Juergen Gross , Kim Phillips , Ingo Molnar , Borislav Petkov , Alexey Kardashevskiy , Petr Pavlu , Arnaldo Carvalho de Melo , linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 07/12] x86/bugs: Rename CPU_UNRET_ENTRY to MITIGATION_UNRET_ENTRY Date: Thu, 19 Oct 2023 11:11:53 -0700 Message-Id: <20231019181158.1982205-8-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:38:19 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210160187291064 X-GMAIL-MSGID: 1780210160187291064 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_UNRET_ENTRY to MITIGATION_UNRET_ENTRY. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/nospec-branch.h | 6 +++--- arch/x86/kernel/cpu/amd.c | 2 +- arch/x86/kernel/cpu/bugs.c | 6 +++--- arch/x86/kernel/vmlinux.lds.S | 2 +- arch/x86/lib/retpoline.S | 10 +++++----- include/linux/objtool.h | 2 +- scripts/Makefile.vmlinux_o | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 10 files changed, 18 insertions(+), 18 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 9dd2fb555973..0e4c0c5c4818 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2495,7 +2495,7 @@ config RETHUNK Requires a compiler with -mfunction-return=thunk-extern support for full protection. The kernel may run slower. -config CPU_UNRET_ENTRY +config MITIGATION_UNRET_ENTRY bool "Enable UNRET on kernel entry" depends on CPU_SUP_AMD && RETHUNK && X86_64 default y diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 24e4010c33b6..151f0d50e7e0 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -63,7 +63,7 @@ # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY # define DISABLE_UNRET 0 #else # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index cab7c937c71b..e25e98f012a3 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -212,7 +212,7 @@ */ .macro VALIDATE_UNRET_END #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) ANNOTATE_RETPOLINE_SAFE nop #endif @@ -271,7 +271,7 @@ .Lskip_rsb_\@: .endm -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) #define CALL_UNTRAIN_RET "call entry_untrain_ret" #else #define CALL_UNTRAIN_RET "" @@ -334,7 +334,7 @@ extern void __x86_return_thunk(void); static inline void __x86_return_thunk(void) {} #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY extern void retbleed_return_thunk(void); #else static inline void retbleed_return_thunk(void) {} diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index a8e042a685ba..0cf52efc7617 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -943,7 +943,7 @@ static void init_amd_bd(struct cpuinfo_x86 *c) void init_spectral_chicken(struct cpuinfo_x86 *c) { -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY u64 value; /* diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index fc46fd6447f9..2580368c32d1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -982,10 +982,10 @@ static void __init retbleed_select_mitigation(void) return; case RETBLEED_CMD_UNRET: - if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) { + if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) { retbleed_mitigation = RETBLEED_MITIGATION_UNRET; } else { - pr_err("WARNING: kernel not compiled with CPU_UNRET_ENTRY.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_UNRET_ENTRY.\n"); goto do_cmd_auto; } break; @@ -1021,7 +1021,7 @@ static void __init retbleed_select_mitigation(void) case RETBLEED_CMD_AUTO: if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD || boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) { - if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) + if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) retbleed_mitigation = RETBLEED_MITIGATION_UNRET; else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 68654303c98e..f5ee96a7bdd6 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -514,7 +514,7 @@ INIT_PER_CPU(irq_stack_backing_store); "fixed_percpu_data is not at start of per-cpu area"); #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY . = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned"); #endif diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 910fd231b7d2..03a065ef57ae 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -221,7 +221,7 @@ SYM_CODE_END(srso_return_thunk) #define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2" #endif /* CONFIG_CPU_SRSO */ -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY /* * Some generic notes on the untraining sequences: @@ -303,11 +303,11 @@ SYM_CODE_END(retbleed_return_thunk) SYM_FUNC_END(retbleed_untrain_ret) #define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret" -#else /* !CONFIG_CPU_UNRET_ENTRY */ +#else /* !CONFIG_MITIGATION_UNRET_ENTRY */ #define JMP_RETBLEED_UNTRAIN_RET "ud2" -#endif /* CONFIG_CPU_UNRET_ENTRY */ +#endif /* CONFIG_MITIGATION_UNRET_ENTRY */ -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) SYM_FUNC_START(entry_untrain_ret) ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \ @@ -316,7 +316,7 @@ SYM_FUNC_START(entry_untrain_ret) SYM_FUNC_END(entry_untrain_ret) __EXPORT_THUNK(entry_untrain_ret) -#endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */ +#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_CPU_SRSO */ #ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING diff --git a/include/linux/objtool.h b/include/linux/objtool.h index 33212e93f4a6..d030671a4c49 100644 --- a/include/linux/objtool.h +++ b/include/linux/objtool.h @@ -131,7 +131,7 @@ */ .macro VALIDATE_UNRET_BEGIN #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) .Lhere_\@: .pushsection .discard.validate_unret .long .Lhere_\@ - . diff --git a/scripts/Makefile.vmlinux_o b/scripts/Makefile.vmlinux_o index 25b3b587d37c..6277dbd730bb 100644 --- a/scripts/Makefile.vmlinux_o +++ b/scripts/Makefile.vmlinux_o @@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION)) vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y) vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \ - $(if $(or $(CONFIG_CPU_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) + $(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) objtool-args = $(vmlinux-objtool-args-y) --link diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index d05158d8fe5f..4b816f55c634 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -63,7 +63,7 @@ # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY # define DISABLE_UNRET 0 #else # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) From patchwork Thu Oct 19 18:11:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155681 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580484vqb; Thu, 19 Oct 2023 11:38:01 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG+IIHDtsm4Epedl9dfic0yxPCmcgv2/SI9t88dTG7EaiYQXpyRZjHn/c52vk+VOD6IpjU1 X-Received: by 2002:a17:90a:fa0c:b0:27d:65:53e1 with SMTP id cm12-20020a17090afa0c00b0027d006553e1mr2887669pjb.16.1697740680796; Thu, 19 Oct 2023 11:38:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740680; cv=none; d=google.com; s=arc-20160816; b=VpBw+JweLr5kcXxCBUOa1HTgpZ6D+7WIFkH1wk4ER4H0jkt/QZ2V7Eu610s2G2YYoq gTpOFnYK8hwFiOBRgoxJukvo6nj8QX6dSWrKaaDHeSnTheOVjOwgi1unpHiirR4jJK4k PJUVsHXpPwF1u9B/r2xajNL509cDOdFmuBZSDP7xBZtZF1lY8b04v1ZX1vkxNzwxyNto Vxr3IsvRT8PcpllQljKe06x7QoJLHbsfgIEWidvG7d77fhxOxBPJWJLT38U+rkBX50nI 1vktnV/und0uIW+lnjYsvbHFgK7qTtkEy9VM75MoBicVXy4zhJI1CdXY2sC9BlG70b9P xpWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Tdae9eZ6qccJdF0xGoTmxbAj070PFYdjsCv8qfK3SD8=; fh=Th/ruqa19Swal8/rnoX+yAvJLXC4cSPPXECct69hW6A=; b=yO//ryiFjzpTC8BD4Q5NHShSgbS3vXnl08KGTzKI/EWC8wPTEkxWKmJIJinj4nDYXj JmqGDeqsIIjXbaTnBKBZrCAVJ6mo7Sx0Df65u5uT8Wl4PjzjMVAdPFKZWN3x48MuZGkh r5ZC7huNQ9K7kAJRIafH1cp6HqDsDyk2a/pHxOZxZiO9ysj/dJcEtZFjdUiccJjiWPIb /jei1qHrCc9FMJggW07RiY/yL6D2ZYgmKxccNRwnpK/LiEI+7KuRdXF7V1ZeDgLzfQSX 0OC+jzlEB61PTlMIIkD/X2H0NDqlBS3U6zRufzPToroybgYGMktvkJFL6Lggkf9SvGjI r5CA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id gp19-20020a17090adf1300b0027d0db5c235si2700426pjb.166.2023.10.19.11.38.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id CB63581B5AB3; Thu, 19 Oct 2023 11:37:56 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346458AbjJSShe (ORCPT + 26 others); Thu, 19 Oct 2023 14:37:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55272 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235524AbjJSSh2 (ORCPT ); Thu, 19 Oct 2023 14:37:28 -0400 Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 53A0FBE for ; Thu, 19 Oct 2023 11:37:23 -0700 (PDT) Received: by mail-lf1-f41.google.com with SMTP id 2adb3069b0e04-5046bf37ec1so10484176e87.1 for ; Thu, 19 Oct 2023 11:37:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740641; x=1698345441; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Tdae9eZ6qccJdF0xGoTmxbAj070PFYdjsCv8qfK3SD8=; b=t0npU7F9K78ZJQ8rVQu08M3XW0WkAYXpSeKN8yCuURmvj6oecg3d6DVHSQjKoF8UHu Wn5TqevRL9vhR6wMI3ydB+1XgBgrw7JQZJhxKXoW6eBw82fRVAc7+w559MuGEc+teU/O BfMHXHQ26HyJA8UbcitB5W81cZroP+OmVhz3eKHbff6133SprSkmEm77WofvZ6d3v5XN ke7lErT5Q3dMsI11hPT+DIBnH2/lQuW+hQo4SkA23rBAUszyYG7aq8Hgcxwh/0v+Fod7 mOXpujxDb8HUO9zlDfbyKvzkDUL9btUQ+JGF3SQuuB8CPtAutlU9y2qg/2iR2ywGwkoD V+6g== X-Gm-Message-State: AOJu0Yx2zUVz8aQ5nMeDWPzfwOJGPTy/o+d5N/T0fddWIQLKf41AOsxE O8uvCeklb4wC3oEiOpr7vCY= X-Received: by 2002:a05:6512:479:b0:503:1bb0:a658 with SMTP id x25-20020a056512047900b005031bb0a658mr1938796lfd.32.1697740640921; Thu, 19 Oct 2023 11:37:20 -0700 (PDT) Received: from localhost (fwdproxy-cln-011.fbsv.net. [2a03:2880:31ff:b::face:b00c]) by smtp.gmail.com with ESMTPSA id bx14-20020a0564020b4e00b0052ff9bae873sm66588edb.5.2023.10.19.11.37.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:20 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 08/12] x86/bugs: Rename CPU_IBRS_ENTRY to MITIGATION_IBRS_ENTRY Date: Thu, 19 Oct 2023 11:11:54 -0700 Message-Id: <20231019181158.1982205-9-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:37:56 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210132467727757 X-GMAIL-MSGID: 1780210132467727757 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_IBRS_ENTRY to MITIGATION_IBRS_ENTRY. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/entry/calling.h | 4 ++-- arch/x86/kernel/cpu/bugs.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 0e4c0c5c4818..c53d2034a5ab 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2540,7 +2540,7 @@ config MITIGATION_IBPB_ENTRY help Compile the kernel with support for the retbleed=ibpb mitigation. -config CPU_IBRS_ENTRY +config MITIGATION_IBRS_ENTRY bool "Enable IBRS on kernel entry" depends on CPU_SUP_INTEL && X86_64 default y diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index ace89d5c1ddd..2afdff42c107 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -297,7 +297,7 @@ For 32-bit we have the following conventions - kernel is built with * Assumes x86_spec_ctrl_{base,current} to have SPEC_CTRL_IBRS set. */ .macro IBRS_ENTER save_reg -#ifdef CONFIG_CPU_IBRS_ENTRY +#ifdef CONFIG_MITIGATION_IBRS_ENTRY ALTERNATIVE "jmp .Lend_\@", "", X86_FEATURE_KERNEL_IBRS movl $MSR_IA32_SPEC_CTRL, %ecx @@ -326,7 +326,7 @@ For 32-bit we have the following conventions - kernel is built with * regs. Must be called after the last RET. */ .macro IBRS_EXIT save_reg -#ifdef CONFIG_CPU_IBRS_ENTRY +#ifdef CONFIG_MITIGATION_IBRS_ENTRY ALTERNATIVE "jmp .Lend_\@", "", X86_FEATURE_KERNEL_IBRS movl $MSR_IA32_SPEC_CTRL, %ecx diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 2580368c32d1..e11bacbd8f39 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1439,7 +1439,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) return SPECTRE_V2_CMD_AUTO; } - if (cmd == SPECTRE_V2_CMD_IBRS && !IS_ENABLED(CONFIG_CPU_IBRS_ENTRY)) { + if (cmd == SPECTRE_V2_CMD_IBRS && !IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY)) { pr_err("%s selected but not compiled in. Switching to AUTO select\n", mitigation_options[i].option); return SPECTRE_V2_CMD_AUTO; @@ -1565,7 +1565,7 @@ static void __init spectre_v2_select_mitigation(void) break; } - if (IS_ENABLED(CONFIG_CPU_IBRS_ENTRY) && + if (IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY) && boot_cpu_has_bug(X86_BUG_RETBLEED) && retbleed_cmd != RETBLEED_CMD_OFF && retbleed_cmd != RETBLEED_CMD_STUFF && From patchwork Thu Oct 19 18:11:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155683 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580537vqb; Thu, 19 Oct 2023 11:38:06 -0700 (PDT) X-Google-Smtp-Source: AGHT+IElV/09Xo55xJDybjutQKBoN+YjJL8CVN0u43AMU/PXq7awOy/Gf/KKqWeHCyhEZhBgLo6A X-Received: by 2002:a05:6830:20c2:b0:6b8:7d12:423d with SMTP id z2-20020a05683020c200b006b87d12423dmr3150827otq.18.1697740686473; Thu, 19 Oct 2023 11:38:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740686; cv=none; d=google.com; s=arc-20160816; b=ZH3KzTyidHcP7dmWidNsHHjWEVd5ht3K+PCRDlUXMNAsf37nyx/Rg7QKlT5Ucx1HUk xH9NJIIsw0jTPQCSkyHgcF8q69LYHRcI6Dv2kH53OVzXyMbp+0i2LuJEo7MldpFpWPVT rNqnHWE+luRXvQtbm3bgz2+jGF8Gib5z36qX+foA8EbD+9be6bgWIU3EzHQ+s0BDBSzt WeLoqhKfi/lOHVZSh91CzKebEDzzYNKWNgtPb2iBaUyVgWuRxxG76HGQGGuN7qjbhrxC Oj/ASHS8vwLincQGiR/TQMyzLv56jDMXBQJsrucNyp8xNS541L5spmnuUB1xRIxObckA fL3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=EWc/Czxi9t2Z7zlNMCk/LxlIkgK5svsdNAgzUTiKjts=; fh=CcmZQzHQ4Ouv//WyNNNi1ZY8QbXclEFIAwTIYSKnBfQ=; b=BGoDMzAMvewGAlk7xlzQkmXfIig0wYHzBOIZp6eoOUBcAoK4DUzn1yX6HHWy4vrWE1 981CXmCIXYtg64u0GEj8c0j3p9J20PECAZX4wnvf13SWotyRNbgnUvHpgMWwc708umQu TBh5gSscOsLlPNu6F05kzUdRQlCNtKZ+rbfx3CBNmh8Deccs373hkA0w+U0Xd8y687Ny MIy1WPXQqrXBuxVEoeEJ5OGAgl6ztqkaKgvX8W7lf5LnN1KApBL3WiO42WolPb2kIxZf zMp/5Vsodw+JeMNLDu/bm+0AMQNPbclwBIBycjcJ+RwAmrwK9fDAZZa5069+GP/zuDub Hcgw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id m9-20020a633f09000000b005a073e0cca1si144160pga.512.2023.10.19.11.38.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id D6BC881142F4; Thu, 19 Oct 2023 11:38:03 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346442AbjJSSho (ORCPT + 26 others); Thu, 19 Oct 2023 14:37:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346525AbjJSShh (ORCPT ); Thu, 19 Oct 2023 14:37:37 -0400 Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com [209.85.167.51]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E2D4F18A for ; Thu, 19 Oct 2023 11:37:34 -0700 (PDT) Received: by mail-lf1-f51.google.com with SMTP id 2adb3069b0e04-507bd64814fso4768148e87.1 for ; Thu, 19 Oct 2023 11:37:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740653; x=1698345453; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EWc/Czxi9t2Z7zlNMCk/LxlIkgK5svsdNAgzUTiKjts=; b=tjPb0qtATh4zACDu9bBOXHNnYukEbXDjd9O2LiUJdPpJHFj1baE/RvYKsneg8VkQyZ Hx3P0exqEqNuiOpDqs2KPs/Uw0z+2T+H6jXd7/CkMfqxDWD1SPZWauMjMDuGLkMIP5wU zO8SEwGjYOvEKxT7zWt12vh1v+BpkypDRiLD43q79HReWEXAiHyJ4heGAEbz/4KF2j4y vx9i/bcsf8z0XN9kvYU7LkcKPR0fb58XirlKY9hv6T/SwxI9zuHdAuDPyNWGdqBwKybL +wDZcq7QygeWH3m9ogqE4UPqZyoPlc/z9ZmL2gkjZePjSaOdEh5xxF4JozpbH0wPRXJy W5ew== X-Gm-Message-State: AOJu0Yw+CpvA4U/yW52nb4Fn628cSTgb4F5bKEEYgKHj5waKJ6qqkoyg y/GksJioUckY6PytWfBxWDM= X-Received: by 2002:a05:6512:32ac:b0:502:f2a8:d391 with SMTP id q12-20020a05651232ac00b00502f2a8d391mr2099674lfe.45.1697740652898; Thu, 19 Oct 2023 11:37:32 -0700 (PDT) Received: from localhost (fwdproxy-cln-003.fbsv.net. [2a03:2880:31ff:3::face:b00c]) by smtp.gmail.com with ESMTPSA id s24-20020a50ab18000000b0053de19620b9sm67412edc.2.2023.10.19.11.37.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:32 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, Ingo Molnar , Kees Cook , Petr Pavlu , linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 09/12] x86/bugs: Rename CPU_SRSO to MITIGATION_SRSO Date: Thu, 19 Oct 2023 11:11:55 -0700 Message-Id: <20231019181158.1982205-10-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:38:03 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210138443047404 X-GMAIL-MSGID: 1780210138443047404 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_SRSO to MITIGATION_SRSO. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/include/asm/nospec-branch.h | 6 +++--- arch/x86/kernel/cpu/bugs.c | 8 ++++---- arch/x86/kernel/vmlinux.lds.S | 4 ++-- arch/x86/lib/retpoline.S | 10 +++++----- include/linux/objtool.h | 2 +- scripts/Makefile.vmlinux_o | 2 +- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index c53d2034a5ab..97004db07e38 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2549,7 +2549,7 @@ config MITIGATION_IBRS_ENTRY This mitigates both spectre_v2 and retbleed at great cost to performance. -config CPU_SRSO +config MITIGATION_SRSO bool "Mitigate speculative RAS overflow on AMD" depends on CPU_SUP_AMD && X86_64 && RETHUNK default y diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index e25e98f012a3..9ea93a298a43 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -212,7 +212,7 @@ */ .macro VALIDATE_UNRET_END #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO)) ANNOTATE_RETPOLINE_SAFE nop #endif @@ -271,7 +271,7 @@ .Lskip_rsb_\@: .endm -#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO) #define CALL_UNTRAIN_RET "call entry_untrain_ret" #else #define CALL_UNTRAIN_RET "" @@ -340,7 +340,7 @@ extern void retbleed_return_thunk(void); static inline void retbleed_return_thunk(void) {} #endif -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO extern void srso_return_thunk(void); extern void srso_alias_return_thunk(void); #else diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index e11bacbd8f39..f2775417bda2 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2458,7 +2458,7 @@ static void __init srso_select_mitigation(void) break; case SRSO_CMD_SAFE_RET: - if (IS_ENABLED(CONFIG_CPU_SRSO)) { + if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) { /* * Enable the return thunk for generated code * like ftrace, static_call, etc. @@ -2478,7 +2478,7 @@ static void __init srso_select_mitigation(void) else srso_mitigation = SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED; } else { - pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n"); } break; @@ -2494,13 +2494,13 @@ static void __init srso_select_mitigation(void) break; case SRSO_CMD_IBPB_ON_VMEXIT: - if (IS_ENABLED(CONFIG_CPU_SRSO)) { + if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) { if (!boot_cpu_has(X86_FEATURE_ENTRY_IBPB) && has_microcode) { setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); srso_mitigation = SRSO_MITIGATION_IBPB_ON_VMEXIT; } } else { - pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n"); } break; } diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index f5ee96a7bdd6..f54a4cf01a43 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -139,7 +139,7 @@ SECTIONS *(.text..__x86.rethunk_untrain) ENTRY_TEXT -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO /* * See the comment above srso_alias_untrain_ret()'s * definition. @@ -518,7 +518,7 @@ INIT_PER_CPU(irq_stack_backing_store); . = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned"); #endif -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO . = ASSERT((srso_safe_ret & 0x3f) == 0, "srso_safe_ret not cacheline-aligned"); /* * GNU ld cannot do XOR until 2.41. diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 03a065ef57ae..7834bde8afd1 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -129,7 +129,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) #ifdef CONFIG_RETHUNK -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO /* * srso_alias_untrain_ret() and srso_alias_safe_ret() are placed at @@ -216,10 +216,10 @@ SYM_CODE_END(srso_return_thunk) #define JMP_SRSO_UNTRAIN_RET "jmp srso_untrain_ret" #define JMP_SRSO_ALIAS_UNTRAIN_RET "jmp srso_alias_untrain_ret" -#else /* !CONFIG_CPU_SRSO */ +#else /* !CONFIG_MITIGATION_SRSO */ #define JMP_SRSO_UNTRAIN_RET "ud2" #define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2" -#endif /* CONFIG_CPU_SRSO */ +#endif /* CONFIG_MITIGATION_SRSO */ #ifdef CONFIG_MITIGATION_UNRET_ENTRY @@ -307,7 +307,7 @@ SYM_FUNC_END(retbleed_untrain_ret) #define JMP_RETBLEED_UNTRAIN_RET "ud2" #endif /* CONFIG_MITIGATION_UNRET_ENTRY */ -#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO) SYM_FUNC_START(entry_untrain_ret) ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \ @@ -316,7 +316,7 @@ SYM_FUNC_START(entry_untrain_ret) SYM_FUNC_END(entry_untrain_ret) __EXPORT_THUNK(entry_untrain_ret) -#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_CPU_SRSO */ +#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_MITIGATION_SRSO */ #ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING diff --git a/include/linux/objtool.h b/include/linux/objtool.h index d030671a4c49..b3b8d3dab52d 100644 --- a/include/linux/objtool.h +++ b/include/linux/objtool.h @@ -131,7 +131,7 @@ */ .macro VALIDATE_UNRET_BEGIN #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO)) .Lhere_\@: .pushsection .discard.validate_unret .long .Lhere_\@ - . diff --git a/scripts/Makefile.vmlinux_o b/scripts/Makefile.vmlinux_o index 6277dbd730bb..6de297916ce6 100644 --- a/scripts/Makefile.vmlinux_o +++ b/scripts/Makefile.vmlinux_o @@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION)) vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y) vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \ - $(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) + $(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_MITIGATION_SRSO)), --unret) objtool-args = $(vmlinux-objtool-args-y) --link From patchwork Thu Oct 19 18:11:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155686 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580847vqb; Thu, 19 Oct 2023 11:38:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFx9rQDl32f6+HXZdU2G0FHVVoD+OMIeoDIkoqP7A0mwvb+FmkMZEtLX5MLnjR4UXZJEmI4 X-Received: by 2002:a17:902:ecc1:b0:1ca:8169:e84b with SMTP id a1-20020a170902ecc100b001ca8169e84bmr3637128plh.14.1697740718970; Thu, 19 Oct 2023 11:38:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740718; cv=none; d=google.com; s=arc-20160816; b=L1ZM3C4ECzpx5QKmXrA3iK/Ware9fU6IY3Qq96qlmO0zyRWc3Fy1Es6Kr1nE8XSlzL OxC4KipBFWMmtvSpAzJKUn+jN/n1KbEDrQqcqe4Qnd4poOaaLBOjfINC5zG+0RzusYvd KDdOCPppEzDW3bDWYNkSBzI/BuOvb/f4rcWn0DcMaC1RKV4RQmiltqQvw2Bz9HKHL7TL NsGHSm9eQJtQAU5EOVUmWPq0EOEJ28+ZQffXu/XAMNu79FEX0StkGp37jVapFljRx7DQ 7daXKLj8ezD8EyaaIySp5WabG/FQci06W4E+3eBeC6ERABHDuYcYml6OnO8lFryAHAqx tl4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=yS71s5aU2feBlZQr47eNnAxpgHWN0kCF/NFV/Sl1WCk=; fh=pMQJK4hHq4Dtmf1Eo4b9v0PbZE0WfGmNv13Ipi9QQZ0=; b=wXfGGbI8xENvQUdgzCIJmZI0EjSRd6NT1toq6JZKzbW+EaWHXi1YGQyh2RzDPwuXP0 I5Zk5V2ShXK0PznartdXP2JF/6fpYKUsZSe+ZV8/J8MqCCDSBBhkDM8oBUaptxZ46arn LV5jOsACsB34VNBx1kxZPMypnBOwtHZzhr7nphx8gtZPzw5+l0fhrOtO53g1t7TT09fx dLHgxcjDwPXGgd7oY7sloZOFeLim3vS1TkpUVGoIrfKg/7RUpYOKKaDOxYjycnuQOHbM /jjFhG8Y2H/Wh/pK961MyxaCh96zXavUeZQG5zgJ2PTUK3arQBWfgC/w3Rz85HX86AVj G0oQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id i16-20020a17090332d000b001c5f80bf574si61501plr.487.2023.10.19.11.38.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 0792B81B5D17; Thu, 19 Oct 2023 11:38:36 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346416AbjJSSiJ (ORCPT + 26 others); Thu, 19 Oct 2023 14:38:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51352 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235522AbjJSSiC (ORCPT ); Thu, 19 Oct 2023 14:38:02 -0400 Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 13A3612F for ; Thu, 19 Oct 2023 11:37:54 -0700 (PDT) Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-533d31a8523so13962014a12.1 for ; Thu, 19 Oct 2023 11:37:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740672; x=1698345472; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yS71s5aU2feBlZQr47eNnAxpgHWN0kCF/NFV/Sl1WCk=; b=e9ij5hvOgZa4Fcd4AsiV5GXy3KVHgSb6U1MgcLnCwj6PY1Bw6CUBdN3WhhqnFi2RFV BnOqqI4m1S6pT8e1TnSQwVkddk07WxH5ZLjDMiP6Cv7UP0/g8JPO/vzyQOggLN3rHazI Sp/zs21iup9STwQkvf2ooc8jRrMOkMQwXo92xAJU7c/tM76xqomqqNOBskYWhycMYmRP jPS80hg299aDbWMnMmQH7GYLEWJmTf89dh3LwJT4OP0UE9ip50yldtz0xQkArwGoSKHM 5teY+hwMbwS9LiSg/hhTGS4hXZoLgpGlG8kN2TanPERn5DSIU9QULEJOeHQqqkoYwtow Oegg== X-Gm-Message-State: AOJu0Yz9p9n0DiUWrE3bNRGGYn4QDYllFRjBD20PmFDOVo4XLqauN4k5 hyl5Wa7MtMWfy6GdOFAU60E= X-Received: by 2002:a17:906:6a28:b0:9b7:292:85f6 with SMTP id qw40-20020a1709066a2800b009b7029285f6mr2117507ejc.12.1697740671906; Thu, 19 Oct 2023 11:37:51 -0700 (PDT) Received: from localhost (fwdproxy-cln-018.fbsv.net. [2a03:2880:31ff:12::face:b00c]) by smtp.gmail.com with ESMTPSA id x5-20020a170906710500b009b296ce13a3sm28870ejj.18.2023.10.19.11.37.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:51 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Jason Baron , Steven Rostedt , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, Lukas Bulwahn , Ingo Molnar , Sven Joachim , Ian Kent , Kees Cook , Yu-cheng Yu , Rick Edgecombe , "Kirill A. Shutemov" , Juergen Gross , Kim Phillips , Jinghao Jia , Randy Dunlap , Vincent Whitchurch , Arnaldo Carvalho de Melo , linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 10/12] x86/bugs: Rename RETHUNK to MITIGATION_RETHUNK Date: Thu, 19 Oct 2023 11:11:56 -0700 Message-Id: <20231019181158.1982205-11-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:38:36 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210171857165991 X-GMAIL-MSGID: 1780210171857165991 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from RETHUNK to MITIGATION_RETHUNK. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 8 ++++---- arch/x86/Makefile | 2 +- arch/x86/configs/i386_defconfig | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/linkage.h | 4 ++-- arch/x86/include/asm/nospec-branch.h | 4 ++-- arch/x86/include/asm/static_call.h | 2 +- arch/x86/kernel/alternative.c | 4 ++-- arch/x86/kernel/static_call.c | 2 +- arch/x86/lib/retpoline.S | 4 ++-- scripts/Makefile.lib | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 12 files changed, 19 insertions(+), 19 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 97004db07e38..7a283602b257 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2441,7 +2441,7 @@ config FINEIBT config HAVE_CALL_THUNKS def_bool y - depends on CC_HAS_ENTRY_PADDING && RETHUNK && OBJTOOL + depends on CC_HAS_ENTRY_PADDING && MITIGATION_RETHUNK && OBJTOOL config CALL_THUNKS def_bool n @@ -2484,7 +2484,7 @@ config MITIGATION_RETPOLINE branches. Requires a compiler with -mindirect-branch=thunk-extern support for full protection. The kernel may run slower. -config RETHUNK +config MITIGATION_RETHUNK bool "Enable return-thunks" depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK select OBJTOOL if HAVE_OBJTOOL @@ -2497,7 +2497,7 @@ config RETHUNK config MITIGATION_UNRET_ENTRY bool "Enable UNRET on kernel entry" - depends on CPU_SUP_AMD && RETHUNK && X86_64 + depends on CPU_SUP_AMD && MITIGATION_RETHUNK && X86_64 default y help Compile the kernel with support for the retbleed=unret mitigation. @@ -2551,7 +2551,7 @@ config MITIGATION_IBRS_ENTRY config MITIGATION_SRSO bool "Mitigate speculative RAS overflow on AMD" - depends on CPU_SUP_AMD && X86_64 && RETHUNK + depends on CPU_SUP_AMD && X86_64 && MITIGATION_RETHUNK default y help Enable the SRSO mitigation needed on AMD Zen1-4 machines. diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 1ac5d6002f5f..206d15235466 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -22,7 +22,7 @@ RETPOLINE_VDSO_CFLAGS := -mretpoline endif RETPOLINE_CFLAGS += $(call cc-option,-mindirect-branch-cs-prefix) -ifdef CONFIG_RETHUNK +ifdef CONFIG_MITIGATION_RETHUNK RETHUNK_CFLAGS := -mfunction-return=thunk-extern RETPOLINE_CFLAGS += $(RETHUNK_CFLAGS) endif diff --git a/arch/x86/configs/i386_defconfig b/arch/x86/configs/i386_defconfig index 1b411bbf3cb0..bf90917f2656 100644 --- a/arch/x86/configs/i386_defconfig +++ b/arch/x86/configs/i386_defconfig @@ -42,7 +42,7 @@ CONFIG_EFI_STUB=y CONFIG_HZ_1000=y CONFIG_KEXEC=y CONFIG_CRASH_DUMP=y -# CONFIG_RETHUNK is not set +# CONFIG_MITIGATION_RETHUNK is not set CONFIG_HIBERNATION=y CONFIG_PM_DEBUG=y CONFIG_PM_TRACE_RTC=y diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 151f0d50e7e0..36d0c1e05e60 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -57,7 +57,7 @@ (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31))) #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK # define DISABLE_RETHUNK 0 #else # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h index 09e2d026df33..dc31b13b87a0 100644 --- a/arch/x86/include/asm/linkage.h +++ b/arch/x86/include/asm/linkage.h @@ -40,7 +40,7 @@ #ifdef __ASSEMBLY__ -#if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) +#if defined(CONFIG_MITIGATION_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define RET jmp __x86_return_thunk #else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_MITIGATION_SLS @@ -52,7 +52,7 @@ #else /* __ASSEMBLY__ */ -#if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) +#if defined(CONFIG_MITIGATION_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define ASM_RET "jmp __x86_return_thunk\n\t" #else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_MITIGATION_SLS diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 9ea93a298a43..33f76848c838 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -289,7 +289,7 @@ * where we have a stack but before any RET instruction. */ .macro __UNTRAIN_RET ibpb_feature, call_depth_insns -#if defined(CONFIG_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY) +#if defined(CONFIG_MITIGATION_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ @@ -328,7 +328,7 @@ extern retpoline_thunk_t __x86_indirect_thunk_array[]; extern retpoline_thunk_t __x86_indirect_call_thunk_array[]; extern retpoline_thunk_t __x86_indirect_jump_thunk_array[]; -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK extern void __x86_return_thunk(void); #else static inline void __x86_return_thunk(void) {} diff --git a/arch/x86/include/asm/static_call.h b/arch/x86/include/asm/static_call.h index 343b722ccaf2..125c407e2abe 100644 --- a/arch/x86/include/asm/static_call.h +++ b/arch/x86/include/asm/static_call.h @@ -46,7 +46,7 @@ #define ARCH_DEFINE_STATIC_CALL_TRAMP(name, func) \ __ARCH_DEFINE_STATIC_CALL_TRAMP(name, ".byte 0xe9; .long " #func " - (. + 4)") -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK #define ARCH_DEFINE_STATIC_CALL_NULL_TRAMP(name) \ __ARCH_DEFINE_STATIC_CALL_TRAMP(name, "jmp __x86_return_thunk") #else diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index ea9652eb455b..d0763dbb5719 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -685,7 +685,7 @@ void __init_or_module noinline apply_retpolines(s32 *start, s32 *end) } } -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK /* * Rewrite the compiler generated return thunk tail-calls. @@ -758,7 +758,7 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end) } #else void __init_or_module noinline apply_returns(s32 *start, s32 *end) { } -#endif /* CONFIG_RETHUNK */ +#endif /* CONFIG_MITIGATION_RETHUNK */ #else /* !CONFIG_MITIGATION_RETPOLINE || !CONFIG_OBJTOOL */ diff --git a/arch/x86/kernel/static_call.c b/arch/x86/kernel/static_call.c index 77a9316da435..4eefaac64c6c 100644 --- a/arch/x86/kernel/static_call.c +++ b/arch/x86/kernel/static_call.c @@ -172,7 +172,7 @@ void arch_static_call_transform(void *site, void *tramp, void *func, bool tail) } EXPORT_SYMBOL_GPL(arch_static_call_transform); -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK /* * This is called by apply_returns() to fix up static call trampolines, * specifically ARCH_DEFINE_STATIC_CALL_NULL_TRAMP which is recorded as diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 7834bde8afd1..070121161176 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -127,7 +127,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) #undef GEN #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK #ifdef CONFIG_MITIGATION_SRSO @@ -369,4 +369,4 @@ SYM_CODE_START(__x86_return_thunk) SYM_CODE_END(__x86_return_thunk) EXPORT_SYMBOL(__x86_return_thunk) -#endif /* CONFIG_RETHUNK */ +#endif /* CONFIG_MITIGATION_RETHUNK */ diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 0d5461276179..48a4a81edac1 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -263,7 +263,7 @@ objtool-args-$(CONFIG_HAVE_OBJTOOL_NOP_MCOUNT) += --mnop endif objtool-args-$(CONFIG_UNWINDER_ORC) += --orc objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline -objtool-args-$(CONFIG_RETHUNK) += --rethunk +objtool-args-$(CONFIG_MITIGATION_RETHUNK) += --rethunk objtool-args-$(CONFIG_MITIGATION_SLS) += --sls objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval objtool-args-$(CONFIG_HAVE_STATIC_CALL_INLINE) += --static-call diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 4b816f55c634..bd7071f34f6b 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -57,7 +57,7 @@ (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31))) #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK # define DISABLE_RETHUNK 0 #else # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) From patchwork Thu Oct 19 18:11:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155684 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580737vqb; Thu, 19 Oct 2023 11:38:24 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFiCmHcgBJXdq1phx2/S2TMfzOKEV3nK/Dxfnblsfsu7HClZbiyijavQ3yHzreROQ5EcMeE X-Received: by 2002:a17:903:228d:b0:1c9:da1a:8b14 with SMTP id b13-20020a170903228d00b001c9da1a8b14mr3305496plh.1.1697740704212; Thu, 19 Oct 2023 11:38:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740704; cv=none; d=google.com; s=arc-20160816; b=NR0aN0eBr9er29JLnQjGMq7QJGbTVt+xMtGdaPQLxYOgov+pj7eIhGz3WVEPqvokWS TJ4eW1DufgvsdaDKaO8oW01wkKvMNuXSDHhPtuf42t8vbwAvadt/NAJeQkemZ+XNSfP2 hBxNNuNEz/wvb0olQBIuy4DrjD3Us1hirzDQ96CxkL5T/wYM6rUmF8YZAsmdR9qaDk8H SgkSEsKYVuDMZTRu4PiXBs4/dP4u3RSo9a2GFEGLdVF29fGNX2QjkGyFe1RlC8KorNNQ TtEtW/VNgRkWLRFfilIS0PnPbv/IKBo807AOUU5qVeNpj968xnfnhX8nzam6dS3D0Y2S IMNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=wupshIMCpdF3An7/GpORSd/SdDVEO5hCiOARToeFhp4=; fh=T/Na3StdsDt/Vl3W5ovSX6FCLua67DwAek6VvvDgcow=; b=D/FM2k1OyYo9B9flYi8/3UBc2kkQdjHJBDhbbBTn8zIDz9SR5T7XuYvr/NKuX9jF0O kx8ybJi+PVFf8RAlmdJsSHu9RiCP8+X4ZcWNT1JKX75xKhpFSatpKOBzUMbe/S0dhio7 lBvvEqqCSsQECUAzyQUs2x3whnPGpJLsNqEyQUO1Dujm+Zc+OrREMb0/eBBWrXBl/Jym HvKBqiSFPkuDlIbsT8t8TjFphPBfPl+l5BJl0wdMAwDj2wJqk6L+mKVosetcAQCdyzhH Uo9RvGuz6bsiT/854w8YEcOFYDFoBzNJV3WDQdt2mDqfCLlfDTu3YhqQQAj1svuEVgFH /y0A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id kg16-20020a170903061000b001b84335fb90si69464plb.286.2023.10.19.11.38.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id C55CE81B5D13; Thu, 19 Oct 2023 11:38:21 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346449AbjJSSiG (ORCPT + 26 others); Thu, 19 Oct 2023 14:38:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51362 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235518AbjJSSiC (ORCPT ); Thu, 19 Oct 2023 14:38:02 -0400 Received: from mail-lf1-f46.google.com (mail-lf1-f46.google.com [209.85.167.46]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58F5018D for ; Thu, 19 Oct 2023 11:37:55 -0700 (PDT) Received: by mail-lf1-f46.google.com with SMTP id 2adb3069b0e04-5079f9675c6so9476594e87.2 for ; Thu, 19 Oct 2023 11:37:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740673; x=1698345473; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wupshIMCpdF3An7/GpORSd/SdDVEO5hCiOARToeFhp4=; b=G4dN4T+iQ9RhfZgZo5JMAx8xp1JWxJgufdkEjDs2lnVQSQHAK2TmVvqAtF5vHLaLMn HCE5xN2Nh4xnEKi41SJ11dnBwU84zCtqrvsb97wPKz8NoATznNa08nFyMzRJmcNEJZzU lbV2hWaYXQNNEKW0IPh+6dsa2yffq8zOwwcD3lnCYVzclQmGAbtRl0olvWXcRunjEXtI zNDwdH7mGevbr9cCkpEqY5i4MzpYJKNytVYwe4ZxYgv6uZzhNdHzLK3aDx/Ah+Sme89M 5z9GvRZxGA+VXe0QNbYpNztuvW8IDQGw9nj8wzoWRdpi+4R8GdliaQCJ4NtTDGbyPW5b eIkg== X-Gm-Message-State: AOJu0YxOAE7yHkuWEYysa3NdvpEUwjAivwSuQCFwXOOuWUDsYoAU4wbD podlWgpCLbQeZVn+saO9lYg= X-Received: by 2002:ac2:4827:0:b0:4fe:347d:7c4b with SMTP id 7-20020ac24827000000b004fe347d7c4bmr2019060lft.7.1697740673276; Thu, 19 Oct 2023 11:37:53 -0700 (PDT) Received: from localhost (fwdproxy-cln-021.fbsv.net. [2a03:2880:31ff:15::face:b00c]) by smtp.gmail.com with ESMTPSA id i6-20020a17090671c600b009920a690cd9sm23712ejk.59.2023.10.19.11.37.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:52 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 11/12] x86/bugs: Create a way to disable GDS mitigation Date: Thu, 19 Oct 2023 11:11:57 -0700 Message-Id: <20231019181158.1982205-12-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:38:21 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210156215630878 X-GMAIL-MSGID: 1780210156215630878 Currently there is no way to disable GDS mitigation at build time. The current config option (GDS_MITIGATION_FORCE) just enables a more drastic mitigation. Create a new kernel config that allows GDS to be completely disabled, similarly to the "gather_data_sampling=off" or "mitigations=off" kernel command-line. Move the GDS_MITIGATION_FORCE under this new mitigation. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 16 +++++++++++----- arch/x86/kernel/cpu/bugs.c | 7 ++++--- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 7a283602b257..a5cada7443ea 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2566,15 +2566,21 @@ config MITIGATION_SLS against straight line speculation. The kernel image might be slightly larger. +config MITIGATION_GDS + bool "Mitigate Gather Data Sampling" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Gather Data Sampling (GDS). GDS is a hardware + vulnerability which allows unprivileged speculative access to data + which was previously stored in vector registers. The attacker uses gather + instructions to infer the stale vector register data. + config MITIGATION_GDS_FORCE bool "Force GDS Mitigation" - depends on CPU_SUP_INTEL + depends on MITIGATION_GDS default n help - Gather Data Sampling (GDS) is a hardware vulnerability which allows - unprivileged speculative access to data which was previously stored in - vector registers. - This option is equivalent to setting gather_data_sampling=force on the command line. The microcode mitigation is used if present, otherwise AVX is disabled as a mitigation. On affected systems that are missing diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index f2775417bda2..0172bb0f61fe 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -671,10 +671,11 @@ enum gds_mitigations { GDS_MITIGATION_HYPERVISOR, }; -#if IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) -static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FORCE; +#if IS_ENABLED(CONFIG_MITIGATION_GDS) +static enum gds_mitigations gds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) ? GDS_MITIGATION_FORCE : GDS_MITIGATION_FULL; #else -static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FULL; +static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_OFF; #endif static const char * const gds_strings[] = { From patchwork Thu Oct 19 18:11:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 155687 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2010:b0:403:3b70:6f57 with SMTP id fe16csp580912vqb; Thu, 19 Oct 2023 11:38:49 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHLwj6X+wSMcQmClsZG5JSYW6GfGv4xxEFiJvVvv5QWrWFrdzC0ZaPylEMKNz5J1gPQVM5v X-Received: by 2002:a17:902:cec8:b0:1ca:7af1:8a85 with SMTP id d8-20020a170902cec800b001ca7af18a85mr4002904plg.57.1697740729190; Thu, 19 Oct 2023 11:38:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697740729; cv=none; d=google.com; s=arc-20160816; b=JQRCmV6tbfxMSd2qQBk6JgjwB2auAxpp8w4PpGZYEEBa6JqmWCtYfpYhwKKoGh/+EW Bj3rA9nHuvkcVb7vAceNF2nLt92TaRtoGYSxAs7Xn1MJrn/PDnezT0R4vPgBLl37r5ye DZVir+M7wWvZWa+Z+kDiUHYCcLS7bvTwOw2OB9sfXVCAlosXa8jD+90KI8krc9BqYvxA Am9HVoPm4WKu9blc9rUTH76dX/romSTKRo3MTc329k4NzQpX5l8sUA6KRPoZmt1+EvWe sj6QV3KROYzyR4oVKU9gRRcnvKiOyN0KT8d5ibQ7Vs2LHJXArWEvSdRn67eIq+Um7iYw GkKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=SGLP9w8wJBecyYnsI3hAUIRuyH/JjC2DNQCPItft/dI=; fh=T/Na3StdsDt/Vl3W5ovSX6FCLua67DwAek6VvvDgcow=; b=qIHdcSNFwh4gMrvVA4vkTFYojHJ9yM3RerHcOTUFilmirPMHfWkdv4Mz4Gwqh9a8KA Td2nIaey8p0HBIreIsLtaa2TnSAOiGicaRLxfkP4dIYVnymHammEp6s8GNDfjzJJzlSZ mRNwA8+dXzpnceoujtMjMFwof7L5oGSqkvnQdQ4B1Hkx6PTkCBQ+GsTfjCwwhRRDmT5m um54hGBmytbf57rC1vZpqU9vaHRXRgcr2PiEdxyZ+hXfRQqfQNUzEFrYKZ941WfCYntS YUXfxFW5F1npmsA/fKc5+KjCIoybqZ4RuN3Xs3aXDUOgLdNDa7bmQSlKTsHT9wZttNsI 6UmQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id j10-20020a170902690a00b001c46467a211si83784plk.193.2023.10.19.11.38.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:38:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id A1C7881D55EF; Thu, 19 Oct 2023 11:38:45 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346448AbjJSSiN (ORCPT + 26 others); Thu, 19 Oct 2023 14:38:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51398 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235529AbjJSSiD (ORCPT ); Thu, 19 Oct 2023 14:38:03 -0400 Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com [209.85.218.53]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB5A6197 for ; Thu, 19 Oct 2023 11:37:56 -0700 (PDT) Received: by mail-ej1-f53.google.com with SMTP id a640c23a62f3a-9c603e2354fso6067466b.1 for ; Thu, 19 Oct 2023 11:37:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697740675; x=1698345475; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SGLP9w8wJBecyYnsI3hAUIRuyH/JjC2DNQCPItft/dI=; b=EgUY4X5LsnbGcSy8fmR3t8JZRPh+Hu2/7SqZrifAKOmJN8drtw2f+Lkdy1bmmSkWhd Uv1v+VEqKzF8ivaWREVbnv4fG34M2oy6JR5W6yePobdsBaJgH7gLDfsKYQxSrdCJ3ADb M3UpApzuiDFmC62iOXZxEaqC931KtyNzGwBjwgyuPh+PLahYjl4jfXqGB2xmDnqrufew IbrZGh9V7QNa3EBl7158TiDXqb1kT6a1QJdLOs/VQdVimMmldxicp0FsMj9z+9s5WTVF Ax8bs7+pOYZbaHQTjURJzjVodyLCzFag9a4WGsvEjBB/SF6L6QZHxW8iISH4hcdNXX0d Y3Eg== X-Gm-Message-State: AOJu0Yy8FFtxHJr8wqMEBPO935tHcsp9TybvhpHQLHsdcaWj/12lmSIc 7h9SSfmZQTsFwW3kIKQcdIw= X-Received: by 2002:a17:907:7f16:b0:9ad:f60c:7287 with SMTP id qf22-20020a1709077f1600b009adf60c7287mr2268215ejc.28.1697740674787; Thu, 19 Oct 2023 11:37:54 -0700 (PDT) Received: from localhost (fwdproxy-cln-003.fbsv.net. [2a03:2880:31ff:3::face:b00c]) by smtp.gmail.com with ESMTPSA id q21-20020a170906a09500b00997cce73cc7sm28657ejy.29.2023.10.19.11.37.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 11:37:54 -0700 (PDT) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v5 12/12] x86/bugs: Add a separate config for missing mitigation Date: Thu, 19 Oct 2023 11:11:58 -0700 Message-Id: <20231019181158.1982205-13-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231019181158.1982205-1-leitao@debian.org> References: <20231019181158.1982205-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Thu, 19 Oct 2023 11:38:45 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780210182891255347 X-GMAIL-MSGID: 1780210182891255347 Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for each CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable them at compilation time. Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 93 ++++++++++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/bugs.c | 39 ++++++++++------ 2 files changed, 117 insertions(+), 15 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index a5cada7443ea..ccdcb1dcdc0c 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2591,6 +2591,99 @@ config MITIGATION_GDS_FORCE If in doubt, say N. +config MITIGATION_MDS + bool "Mitigate Microarchitectural Data Sampling (MDS) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Microarchitectural Data Sampling (MDS). MDS is + a hardware vulnerability which allows unprivileged speculative access + to data which is available in various CPU internal buffer. Deeper + technical information is available in the MDS specific x86 architecture + section: Documentation/arch/x86/mds.rst. + +config MITIGATION_TAA + bool "Mitigate TSX Asynchronous Abort (TAA) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for TSX Asynchronous Abort (TAA). TAA is a hardware + vulnerability that allows unprivileged speculative access to data + which is available in various CPU internal buffers by using + asynchronous aborts within an Intel TSX transactional region. + +config MITIGATION_MMIO_STALE_DATA + bool "Mitigate MMIO Stale Data hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for MMIO Stale Data hardware bugs. Processor MMIO + Stale Data Vulnerabilities are a class of memory-mapped I/O (MMIO) + vulnerabilities that can expose data. The vulnerabilities require the + attacker to have access to MMIO. + +config MITIGATION_L1TF + bool "Mitigate L1 Terminal Fault (L1TF) hardware bug" + default y + help + Mitigate L1 Terminal Fault (L1TF) hardware bug. L1 Terminal Fault is a + hardware vulnerability which allows unprivileged speculative access to data + which is available in the Level 1 Data Cache when the page table + entry controlling the virtual address. + +config MITIGATION_RETBLEED + bool "Mitigate RETBleed hardware bug" + default y + help + Enable mitigation for RETBleed (Arbitrary Speculative Code Execution + with Return Instructions) vulnerability. RETBleed is a speculative + execution attack which takes advantage of microarchitectural behavior + in many modern microprocessors, similar to Spectre v2. An + unprivileged attacker can use these flaws to bypass conventional + memory security restrictions to gain read access to privileged memory + that would otherwise be inaccessible. + +config MITIGATION_SPECTRE_V1 + bool "Mitigate SPECTRE V1 hardware bug" + default y + help + Enable mitigation for Spectre V1 (Bounds Check Bypass). Spectre V1 is a + class of side channel attacks that takes advantage of speculative + execution that bypasses conditional branch instructions used for + memory access bounds check. + +config MITIGATION_SPECTRE_V2 + bool "Mitigate SPECTRE V2 hardware bug" + default y + help + Enable mitigation for Spectre V2 (Branch Target Injection). Spectre + V2 is a class of side channel attacks that takes advantage of + indirect branch predictors inside the processor. In Spectre variant 2 + attacks, the attacker can steer speculative indirect branches in the + victim to gadget code by poisoning the branch target buffer of a CPU + used for predicting indirect branch addresses. + +config MITIGATION_SRBDS + bool "Mitigate Special Register Buffer Data Sampling (SRBDS) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Special Register Buffer Data Sampling (SRBDS). + SRBDS is a hardware vulnerability that allows Microarchitectural Data + Sampling (MDS) techniques to infer values returned from special + register accesses. An unprivileged user can extract values returned + from RDRAND and RDSEED executed on another core or sibling thread + using MDS techniques. + +config MITIGATION_SSB + bool "Mitigate Speculative Store Bypass (SSB) hardware bug" + default y + help + Enable mitigation for Speculative Store Bypass (SSB). SSB is a + hardware security vulnerability and its exploitation takes advantage + of speculative execution in a similar way to the Meltdown and Spectre + security vulnerabilities. + endif config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0172bb0f61fe..11ccbadd8800 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -232,7 +232,8 @@ static void x86_amd_ssb_disable(void) #define pr_fmt(fmt) "MDS: " fmt /* Default mitigation for MDS-affected CPUs */ -static enum mds_mitigations mds_mitigation __ro_after_init = MDS_MITIGATION_FULL; +static enum mds_mitigations mds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_MDS) ? MDS_MITIGATION_FULL : MDS_MITIGATION_OFF; static bool mds_nosmt __ro_after_init = false; static const char * const mds_strings[] = { @@ -292,7 +293,8 @@ enum taa_mitigations { }; /* Default mitigation for TAA-affected CPUs */ -static enum taa_mitigations taa_mitigation __ro_after_init = TAA_MITIGATION_VERW; +static enum taa_mitigations taa_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_TAA) ? TAA_MITIGATION_VERW : TAA_MITIGATION_OFF; static bool taa_nosmt __ro_after_init; static const char * const taa_strings[] = { @@ -393,7 +395,8 @@ enum mmio_mitigations { }; /* Default mitigation for Processor MMIO Stale Data vulnerabilities */ -static enum mmio_mitigations mmio_mitigation __ro_after_init = MMIO_MITIGATION_VERW; +static enum mmio_mitigations mmio_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_MMIO_STALE_DATA) ? MMIO_MITIGATION_VERW : MMIO_MITIGATION_OFF; static bool mmio_nosmt __ro_after_init = false; static const char * const mmio_strings[] = { @@ -542,7 +545,8 @@ enum srbds_mitigations { SRBDS_MITIGATION_HYPERVISOR, }; -static enum srbds_mitigations srbds_mitigation __ro_after_init = SRBDS_MITIGATION_FULL; +static enum srbds_mitigations srbds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_FULL : SRBDS_MITIGATION_OFF; static const char * const srbds_strings[] = { [SRBDS_MITIGATION_OFF] = "Vulnerable", @@ -812,7 +816,8 @@ enum spectre_v1_mitigation { }; static enum spectre_v1_mitigation spectre_v1_mitigation __ro_after_init = - SPECTRE_V1_MITIGATION_AUTO; + IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V1) ? + SPECTRE_V1_MITIGATION_AUTO : SPECTRE_V1_MITIGATION_NONE; static const char * const spectre_v1_strings[] = { [SPECTRE_V1_MITIGATION_NONE] = "Vulnerable: __user pointer sanitization and usercopy barriers only; no swapgs barriers", @@ -927,7 +932,7 @@ static const char * const retbleed_strings[] = { static enum retbleed_mitigation retbleed_mitigation __ro_after_init = RETBLEED_MITIGATION_NONE; static enum retbleed_mitigation_cmd retbleed_cmd __ro_after_init = - RETBLEED_CMD_AUTO; + IS_ENABLED(CONFIG_MITIGATION_RETBLEED) ? RETBLEED_CMD_AUTO : RETBLEED_CMD_OFF; static int __ro_after_init retbleed_nosmt = false; @@ -1388,17 +1393,18 @@ static void __init spec_v2_print_cond(const char *reason, bool secure) static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) { - enum spectre_v2_mitigation_cmd cmd = SPECTRE_V2_CMD_AUTO; + enum spectre_v2_mitigation_cmd cmd; char arg[20]; int ret, i; + cmd = IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? SPECTRE_V2_CMD_AUTO : SPECTRE_V2_CMD_NONE; if (cmdline_find_option_bool(boot_command_line, "nospectre_v2") || cpu_mitigations_off()) return SPECTRE_V2_CMD_NONE; ret = cmdline_find_option(boot_command_line, "spectre_v2", arg, sizeof(arg)); if (ret < 0) - return SPECTRE_V2_CMD_AUTO; + return cmd; for (i = 0; i < ARRAY_SIZE(mitigation_options); i++) { if (!match_option(arg, ret, mitigation_options[i].option)) @@ -1408,8 +1414,8 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) } if (i >= ARRAY_SIZE(mitigation_options)) { - pr_err("unknown option (%s). Switching to AUTO select\n", arg); - return SPECTRE_V2_CMD_AUTO; + pr_err("unknown option (%s). Switching to default mode\n", arg); + return cmd; } if ((cmd == SPECTRE_V2_CMD_RETPOLINE || @@ -1882,10 +1888,12 @@ static const struct { static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) { - enum ssb_mitigation_cmd cmd = SPEC_STORE_BYPASS_CMD_AUTO; + enum ssb_mitigation_cmd cmd; char arg[20]; int ret, i; + cmd = IS_ENABLED(CONFIG_MITIGATION_SSB) ? + SPEC_STORE_BYPASS_CMD_AUTO : SPEC_STORE_BYPASS_CMD_NONE; if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disable") || cpu_mitigations_off()) { return SPEC_STORE_BYPASS_CMD_NONE; @@ -1893,7 +1901,7 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) ret = cmdline_find_option(boot_command_line, "spec_store_bypass_disable", arg, sizeof(arg)); if (ret < 0) - return SPEC_STORE_BYPASS_CMD_AUTO; + return cmd; for (i = 0; i < ARRAY_SIZE(ssb_mitigation_options); i++) { if (!match_option(arg, ret, ssb_mitigation_options[i].option)) @@ -1904,8 +1912,8 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) } if (i >= ARRAY_SIZE(ssb_mitigation_options)) { - pr_err("unknown option (%s). Switching to AUTO select\n", arg); - return SPEC_STORE_BYPASS_CMD_AUTO; + pr_err("unknown option (%s). Switching to default mode\n", arg); + return cmd; } } @@ -2232,7 +2240,8 @@ EXPORT_SYMBOL_GPL(itlb_multihit_kvm_mitigation); #define pr_fmt(fmt) "L1TF: " fmt /* Default mitigation for L1TF-affected CPUs */ -enum l1tf_mitigations l1tf_mitigation __ro_after_init = L1TF_MITIGATION_FLUSH; +enum l1tf_mitigations l1tf_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_L1TF) ? L1TF_MITIGATION_FLUSH : L1TF_MITIGATION_OFF; #if IS_ENABLED(CONFIG_KVM_INTEL) EXPORT_SYMBOL_GPL(l1tf_mitigation); #endif