From patchwork Tue Nov 21 16:07:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167835 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp774988vqb; Tue, 21 Nov 2023 09:09:57 -0800 (PST) X-Google-Smtp-Source: AGHT+IFCq8Z99R6ThO9vsW2lihu9cotxIfxW2TL6uuVtF5/8xyzP0ldxmkhT23KLx0iVQCCxrbds X-Received: by 2002:a05:6a20:7d95:b0:184:3233:67a6 with SMTP id v21-20020a056a207d9500b00184323367a6mr9622204pzj.40.1700586597138; Tue, 21 Nov 2023 09:09:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586597; cv=none; d=google.com; s=arc-20160816; b=aebhl5OQCGuhJJQQu0fMZx8DTee0lI6euT+YgNuWO0Mv0t3Qmu0+Q5evJNZwWR6Kyb IP4N+wO0j0U/YVzLzEVTKIcCPvNz8DFDUGkxG/G5aI+L4BbdG/KSS1qtbsVVuCkl4/q3 7myyPBmO1p/KY5WTu6rNn7fVudohFUNmh5nkE+5PAXU8hsswmuvdlYNBDfGvNYw9egrm oKRXSbO8/yEJkj4vpfuZGr0PMLJ47hX6JtoxqHSqwXfWKdFXLYr9ey9ni38BF78ptvKb qKJIJgNw48UoyXuiqBIOrzh172DJwAUKmm7+aQvSYdzxqqfkaYSSkQBocPfG2B76kxc3 GHyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=BK/o7l9NMuaWGloqnE/Ke+uB0ZlAw9+itU85K74C1+I=; fh=Z5jXuzkmn3l7IHBxliTKwNO/8Yh7AhmQojunj9pzw+k=; b=N3cFsYFIue5/T+7s3kIzAnTgdANNl0RGcUKuI5FZCAJcNPRlw03PlhLloXXKswoxwF y3Sz19WeBKo/t5IjFvZ5Q0//L7GH4y9dE7UUcTuz0nQZwKMmRifek7/pK0nnpJB1p141 z+bBgNb/sXo2PSCELHZFEPA5a3WpU21Db1FOlKWSWR5kdM8kx6It9C4+rDka5AXqVNiI zm8bZ85AIXNa8lXdit24sZiyUHwz1tQ6dlm0UZbdyfL5tLytiBl+dup+eyRQXkpIVQHU kjSv9EFZEos1Pn919uBdcx+f4XU+NssW7Rkrgy7J/tI+2vZRiLx5DwLNaI3a+s6GsqJf hAeQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id u9-20020a056a00158900b006cb8347a32asi5819252pfk.84.2023.11.21.09.09.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:09:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id F1187802A71B; Tue, 21 Nov 2023 09:09:55 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233952AbjKURJx (ORCPT + 99 others); Tue, 21 Nov 2023 12:09:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230340AbjKURJv (ORCPT ); Tue, 21 Nov 2023 12:09:51 -0500 Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AB1C12C for ; Tue, 21 Nov 2023 09:09:45 -0800 (PST) Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-5441ba3e53cso8010405a12.1 for ; Tue, 21 Nov 2023 09:09:45 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586584; x=1701191384; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BK/o7l9NMuaWGloqnE/Ke+uB0ZlAw9+itU85K74C1+I=; b=oYivRNF0IiBUD2Px5cY/ptppFvZxDwlKEjAEh4L3gsh7qNmCuAek9N7gZVcbEoOW1B VEto5kmc+60hD+ye77iPk+1LitNkYGf9xy21kvNt+fz5kQah+Q+RNhnQg5nK1TL0z4d/ lOUgpXd3mp1MlXd2Ef6KZgjQSQ/NXDPkyxaTQqqBd13P2qWpWs5unXu4fi0qmgUjT8dv ft7fEh3Tp4/zvgQdA+XAiHCERUPxY7+WSmiiL8iZ/pd+P2Z9LzX/Xrj/Y46RongSxJoP +LPkiGZtz+mji4xyyeUzbcvOyUYsuhjvaXpH+d0RjLmekA7uWPkPmlLDfmR4IVfPim/T 7gdw== X-Gm-Message-State: AOJu0YyBhoUJAFAZyppQfQ811okd7il4v/2OtllASSaIXgp8mdXpI4Ak ej/4H3IWUnKbVLBEDRFe3aA= X-Received: by 2002:a17:906:210:b0:9f7:b852:f807 with SMTP id 16-20020a170906021000b009f7b852f807mr8622733ejd.9.1700586583498; Tue, 21 Nov 2023 09:09:43 -0800 (PST) Received: from localhost (fwdproxy-cln-008.fbsv.net. [2a03:2880:31ff:8::face:b00c]) by smtp.gmail.com with ESMTPSA id y11-20020a1709063a8b00b009fbdacf9363sm3657533ejd.21.2023.11.21.09.09.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:09:43 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org Subject: [PATCH v6 01/13] x86/bugs: Rename GDS_FORCE_MITIGATION to MITIGATION_GDS_FORCE Date: Tue, 21 Nov 2023 08:07:28 -0800 Message-Id: <20231121160740.1249350-2-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:09:56 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194291905006539 X-GMAIL-MSGID: 1783194291905006539 CPU mitigations config entries are inconsistent, and names are hard to related[1]. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from GDS_FORCE_MITIGATION to MITIGATION_GDS_FORCE. [1] Link: https://lore.kernel.org/lkml/20231011044252.42bplzjsam3qsasz@treble/ Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/kernel/cpu/bugs.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 3762f41bb092..ddf0d8bc6db9 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2590,7 +2590,7 @@ config SLS against straight line speculation. The kernel image might be slightly larger. -config GDS_FORCE_MITIGATION +config MITIGATION_GDS_FORCE bool "Force GDS Mitigation" depends on CPU_SUP_INTEL default n diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index bb0ab8466b91..3c7e27b58f0e 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -671,7 +671,7 @@ enum gds_mitigations { GDS_MITIGATION_HYPERVISOR, }; -#if IS_ENABLED(CONFIG_GDS_FORCE_MITIGATION) +#if IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FORCE; #else static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FULL; From patchwork Tue Nov 21 16:07:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167837 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp776177vqb; Tue, 21 Nov 2023 09:11:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IHg/Ff6wNiwNHXLg4yaRGyHpUJRj//CkOOTXY8MhoOyUQ20I7Dt3WyHhy0tQvkg2hDVv9bo X-Received: by 2002:a17:902:ea07:b0:1cc:2575:db14 with SMTP id s7-20020a170902ea0700b001cc2575db14mr13032806plg.60.1700586690291; Tue, 21 Nov 2023 09:11:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586690; cv=none; d=google.com; s=arc-20160816; b=tlNayeLyPRthZpmqiUxr7RmN2kfFH0JRyOpOt+pgK1piPHKehDrPvBytwyowP7IPjb Uuv5vbQSWk0ioPRHELdF9OFypPt439gTS1A7BigxVjuMn6lEYAXENjTMQucXky9EJqir rgRIG8DMv7p4NNzGnuhWXctBr0q2SCfr8xbGWemdbswYWhecyg6Wabr4cKwnN/hHmB9+ bfeeQBUdpTMWZRicRj+KgBNgyLhf2uhcTr97cfH+svW4sUMTcfyo/B6YoPvGH55+S1NK Ky7+SkVbjBK9XaQrWJmxpko9OhLTHB7KXYW48fXKvq0tldbqUzkz8Na+uu8YR28wQ6JO JFsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Mb5pruwD0lN80zFFAFYgyDjyeIbD6ainengTDoc+mpo=; fh=Z5jXuzkmn3l7IHBxliTKwNO/8Yh7AhmQojunj9pzw+k=; b=VRGrec4e575MFxJq1JwaNUsNKQ9A5nGSjRA9SBnjAjNyyZhk6/RxzMdUQn2LB9i4Ps HHMQCTZkvT+WiV1FHH2CqfyG+jRKkPKBUaW7XC24NWaxbzxGu2q2iMSAUf1s5tBVi5+Z h9U9GYRbzUT3GgFQSr2uoejJAeEW/qQYS23sFjvhtBRoIjo5DOUY+iJasmxuxBIoEPR2 nRUv8fTAvY4owzicO85r7GkQK6hddFerF3ikIdLwznomsfKSF7YIlBZXAfzx1CAalzFg 5XJtnW2qbEljGaNrnwMXk7d/BYO6qkX/kMTBvSQwzpc118k+eRYAeXJg7504USXnQLxT eBaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id n4-20020a170902e54400b001c9af7debb2si11112885plf.525.2023.11.21.09.11.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:11:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 802CD80873FA; Tue, 21 Nov 2023 09:10:31 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234084AbjKURKA (ORCPT + 99 others); Tue, 21 Nov 2023 12:10:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233972AbjKURJx (ORCPT ); Tue, 21 Nov 2023 12:09:53 -0500 Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com [209.85.218.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 83A8C18C for ; Tue, 21 Nov 2023 09:09:46 -0800 (PST) Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-9e1021dbd28so792350866b.3 for ; Tue, 21 Nov 2023 09:09:46 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586585; x=1701191385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mb5pruwD0lN80zFFAFYgyDjyeIbD6ainengTDoc+mpo=; b=C4fgmwxarcuNdFLWhNy9Kh8Ve536zoxN861QDtyHaG6CIwOF8Az/l/BB2CWZSO2rFN rRdt4XwWHHqTRce3GrGZiB4MkgvzK0xsX9xcuafsV/iqfGXlr6Gz2zGFaPE0SsXZs874 oj+XRGvAEl03bV6uRWOW59oc1VvyolpfOrYRSrWjS9bUrb80J6tM++8dG1HKAg81tYFC cEXllkXHiaCNGSIhmvmp0x6ENMRtb4fH5gnZRrgKubb7SO4uZv756cC18leWjkPSXwvV tljdfwaITNs345kgVB6pLPD3b3v2cY+oNnj2DQAgwlLOvYGc1C0JwfjmxoQ2raNQNXuQ pyKw== X-Gm-Message-State: AOJu0YwxwNQtyoP5KMoha87Kng1ww7HDco6eJhIkkJYZTHFDafjiRBge R6kK/V4JFzlme0QyV/1RHmw= X-Received: by 2002:a17:906:73cc:b0:a01:c0c6:1413 with SMTP id n12-20020a17090673cc00b00a01c0c61413mr1965482ejl.12.1700586585040; Tue, 21 Nov 2023 09:09:45 -0800 (PST) Received: from localhost (fwdproxy-cln-023.fbsv.net. [2a03:2880:31ff:17::face:b00c]) by smtp.gmail.com with ESMTPSA id lv9-20020a170906bc8900b009fd4cb4aa61sm3145910ejb.199.2023.11.21.09.09.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:09:44 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org Subject: [PATCH v6 02/13] x86/bugs: Rename CPU_IBPB_ENTRY to MITIGATION_IBPB_ENTRY Date: Tue, 21 Nov 2023 08:07:29 -0800 Message-Id: <20231121160740.1249350-3-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:10:31 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194389219246250 X-GMAIL-MSGID: 1783194389219246250 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_IBPB_ENTRY to MITIGATION_IBPB_ENTRY. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/include/asm/nospec-branch.h | 2 +- arch/x86/kernel/cpu/bugs.c | 11 ++++++----- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index ddf0d8bc6db9..2e16ab138a1c 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2557,7 +2557,7 @@ config CALL_THUNKS_DEBUG Only enable this when you are debugging call thunks as this creates a noticeable runtime overhead. If unsure say N. -config CPU_IBPB_ENTRY +config MITIGATION_IBPB_ENTRY bool "Enable IBPB on kernel entry" depends on CPU_SUP_AMD && X86_64 default y diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index f93e9b96927a..0676b077207c 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -289,7 +289,7 @@ * where we have a stack but before any RET instruction. */ .macro __UNTRAIN_RET ibpb_feature, call_depth_insns -#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) +#if defined(CONFIG_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 3c7e27b58f0e..1de4791091ca 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -994,10 +994,10 @@ static void __init retbleed_select_mitigation(void) if (!boot_cpu_has(X86_FEATURE_IBPB)) { pr_err("WARNING: CPU does not support IBPB.\n"); goto do_cmd_auto; - } else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { + } else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { retbleed_mitigation = RETBLEED_MITIGATION_IBPB; } else { - pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); goto do_cmd_auto; } break; @@ -1023,7 +1023,8 @@ static void __init retbleed_select_mitigation(void) boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) { if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) retbleed_mitigation = RETBLEED_MITIGATION_UNRET; - else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) + else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) && + boot_cpu_has(X86_FEATURE_IBPB)) retbleed_mitigation = RETBLEED_MITIGATION_IBPB; } @@ -2482,13 +2483,13 @@ static void __init srso_select_mitigation(void) break; case SRSO_CMD_IBPB: - if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { + if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) { if (has_microcode) { setup_force_cpu_cap(X86_FEATURE_ENTRY_IBPB); srso_mitigation = SRSO_MITIGATION_IBPB; } } else { - pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n"); } break; From patchwork Tue Nov 21 16:07:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167836 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp775926vqb; Tue, 21 Nov 2023 09:11:10 -0800 (PST) X-Google-Smtp-Source: AGHT+IEOErDkAPBxgeIi4xdu2OLaOuW+iZdSqac3wM/H6eonMGaUpZBT9czG1PJznGfZi7b5ZPUG X-Received: by 2002:a05:6e02:1be8:b0:35b:37a:cabf with SMTP id y8-20020a056e021be800b0035b037acabfmr8174981ilv.1.1700586669915; Tue, 21 Nov 2023 09:11:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586669; cv=none; d=google.com; s=arc-20160816; b=b5cTAyFp/K7kI/XuORXWMDVtHHham3h9Bh0D04qcVCElUra5+ps1TxGPB9wa8DPs2U wxL/TEMz8DCD9nhi5cZ2+AFHZLi0EkHNwW0FeI9Ft2ShBV0ClzAixH3400yBEBYgqK1L nokNV9yrTIX8flWXZFfqLdv28qUTHyjcGMFgHdCpESR6875iuK5apmMU9vJ3a5wKullN 4kjALNKtilFaXfoNgdXTjVq8xV16Rss5kWUcAZr6A0EsqLXAktKB9nGuByLGKILxd9za GDQ4hRQAtqdSuh5V73m5AcHjkE/SjLDHxptoaPv65FaikO0qSPR2SXuF8G74tNgYAN6y iv2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=GNynTcsIYlUSQ2Y6cBttCxrCX/sriQuiyacFts3YyZE=; fh=7kEyZquHNWFx5Fivg1ZoiF3c4R607rC7ITAQpVVi7dM=; b=t647+FgG/qpalB1+mKYsu4ykFI+7f5ymynMJKYCxrXnHzvBABrnU7KEioC9TGHPy1d sG1oot1RuzhREmk/ZigDGsdploSgt6fb69kzp/IrJ1MfN/SZCW6yN2mVJ1rV/PQ78Yse vqXWZ1IX03wqbQU+gCiAi81D7Nf1ifPJZT2SkiqSPyoMG8OOq8tnKG2d6iC5sty4EdeH Bx/xOjhKTlq62BAX3N/fLNdJlMNtsSH72lZBhuqiFY0SrK3V0K9BuGwTBC6ZAgW9y9+i tWF/bb9oj3lr/v3I4+8inEYQGzBk5FoKRnQM38QZem/P33j6CYytD2yUYnDGpL27EAAB +eYQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id d15-20020a63ed0f000000b005be24bc1b81si10223342pgi.835.2023.11.21.09.11.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:11:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id AE71780C6EB1; Tue, 21 Nov 2023 09:10:46 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230052AbjKURKU (ORCPT + 99 others); Tue, 21 Nov 2023 12:10:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47404 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233920AbjKURKN (ORCPT ); Tue, 21 Nov 2023 12:10:13 -0500 Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A3B710E for ; Tue, 21 Nov 2023 09:10:09 -0800 (PST) Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-548d60a4d60so2839802a12.2 for ; Tue, 21 Nov 2023 09:10:09 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586608; x=1701191408; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GNynTcsIYlUSQ2Y6cBttCxrCX/sriQuiyacFts3YyZE=; b=CnHkpwTyBXEwphyrmXTnRPmb6e634A9/Uua/ONnVWc7R08klQLYculY/gYFk0HSlWO /tifEv9NBVNxeyrjNi6K+V1MOQkPQC9lghcy1gPT6eLZnBDJVxaLbB6EFo5yzL9ImXYR q8RIourVYZHymafnGNEmeRJb/wORB1A+iXrOcf2DZgSGRnQ+p+ak6Q09Ye8Ro2II6aoq cq21F72LYzgdZkoux55T+exHdbIuddMZEawSxQxZLmehWOgN5sd/u7MFOaOwgbFBojij qMS9eMqxBcyCeGEgOSbfpvEsFIzcKgPrO5zjFMc0bHlCBGAtHhCHNDUhOezdctpajtVz Bfeg== X-Gm-Message-State: AOJu0YzXo2O5fu6WmW2JBDLpjXKJaTQxhNeo1gY+4KO5K7nzidWri4a4 geoqY3PkZkWHNML2KMUJ0W4= X-Received: by 2002:a17:906:4e0f:b0:a03:ad29:a00b with SMTP id z15-20020a1709064e0f00b00a03ad29a00bmr195072eju.36.1700586607801; Tue, 21 Nov 2023 09:10:07 -0800 (PST) Received: from localhost (fwdproxy-cln-027.fbsv.net. [2a03:2880:31ff:1b::face:b00c]) by smtp.gmail.com with ESMTPSA id g25-20020a1709064e5900b009e7e7c0d1a9sm5493334ejw.185.2023.11.21.09.10.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:10:07 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, linux-kernel@vger.kernel.org, Yu-cheng Yu , "Mike Rapoport (IBM)" , Rick Edgecombe , Kim Phillips , "Kirill A. Shutemov" , Juergen Gross , Kai Huang , David Woodhouse , Taehee Yoo , Brian Gerst , Ingo Molnar , Arnaldo Carvalho de Melo Subject: [PATCH v6 03/13] x86/bugs: Rename CALL_DEPTH_TRACKING to MITIGATION_CALL_DEPTH_TRACKING Date: Tue, 21 Nov 2023 08:07:30 -0800 Message-Id: <20231121160740.1249350-4-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:10:47 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194367640121789 X-GMAIL-MSGID: 1783194367640121789 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CALL_DEPTH_TRACKING to MITIGATION_CALL_DEPTH_TRACKING. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 4 ++-- arch/x86/include/asm/current.h | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/nospec-branch.h | 10 +++++----- arch/x86/kernel/asm-offsets.c | 2 +- arch/x86/kernel/cpu/bugs.c | 6 +++--- arch/x86/lib/retpoline.S | 6 +++--- scripts/Makefile.lib | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 9 files changed, 18 insertions(+), 18 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 2e16ab138a1c..3ecfeedaf248 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2526,7 +2526,7 @@ config CPU_UNRET_ENTRY help Compile the kernel with support for the retbleed=unret mitigation. -config CALL_DEPTH_TRACKING +config MITIGATION_CALL_DEPTH_TRACKING bool "Mitigate RSB underflow with call depth tracking" depends on CPU_SUP_INTEL && HAVE_CALL_THUNKS select HAVE_DYNAMIC_FTRACE_NO_PATCHABLE @@ -2546,7 +2546,7 @@ config CALL_DEPTH_TRACKING config CALL_THUNKS_DEBUG bool "Enable call thunks and call depth tracking debugging" - depends on CALL_DEPTH_TRACKING + depends on MITIGATION_CALL_DEPTH_TRACKING select FUNCTION_ALIGNMENT_32B default n help diff --git a/arch/x86/include/asm/current.h b/arch/x86/include/asm/current.h index a1168e7b69e5..d4ff517cfbd1 100644 --- a/arch/x86/include/asm/current.h +++ b/arch/x86/include/asm/current.h @@ -17,7 +17,7 @@ struct pcpu_hot { struct task_struct *current_task; int preempt_count; int cpu_number; -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING u64 call_depth; #endif unsigned long top_of_stack; diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 702d93fdd10e..c1d3a5795618 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -69,7 +69,7 @@ # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) #endif -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING # define DISABLE_CALL_DEPTH_TRACKING 0 #else # define DISABLE_CALL_DEPTH_TRACKING (1 << (X86_FEATURE_CALL_DEPTH & 31)) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 0676b077207c..64d9f0e87419 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -73,7 +73,7 @@ # define CALL_THUNKS_DEBUG_INC_CTXSW #endif -#if defined(CONFIG_CALL_DEPTH_TRACKING) && !defined(COMPILE_OFFSETS) +#if defined(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && !defined(COMPILE_OFFSETS) #include @@ -309,7 +309,7 @@ .macro CALL_DEPTH_ACCOUNT -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING ALTERNATIVE "", \ __stringify(ASM_INCREMENT_CALL_DEPTH), X86_FEATURE_CALL_DEPTH #endif @@ -357,7 +357,7 @@ extern void entry_ibpb(void); extern void (*x86_return_thunk)(void); -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING extern void call_depth_return_thunk(void); #define CALL_DEPTH_ACCOUNT \ @@ -371,12 +371,12 @@ DECLARE_PER_CPU(u64, __x86_ret_count); DECLARE_PER_CPU(u64, __x86_stuffs_count); DECLARE_PER_CPU(u64, __x86_ctxsw_count); #endif -#else /* !CONFIG_CALL_DEPTH_TRACKING */ +#else /* !CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ static inline void call_depth_return_thunk(void) {} #define CALL_DEPTH_ACCOUNT "" -#endif /* CONFIG_CALL_DEPTH_TRACKING */ +#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ #ifdef CONFIG_RETPOLINE diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c index 6913b372ccf7..a98020bf31bb 100644 --- a/arch/x86/kernel/asm-offsets.c +++ b/arch/x86/kernel/asm-offsets.c @@ -109,7 +109,7 @@ static void __used common(void) OFFSET(TSS_sp2, tss_struct, x86_tss.sp2); OFFSET(X86_top_of_stack, pcpu_hot, top_of_stack); OFFSET(X86_current_task, pcpu_hot, current_task); -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING OFFSET(X86_call_depth, pcpu_hot, call_depth); #endif #if IS_ENABLED(CONFIG_CRYPTO_ARIA_AESNI_AVX_X86_64) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 1de4791091ca..b906ed4f3091 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1003,15 +1003,15 @@ static void __init retbleed_select_mitigation(void) break; case RETBLEED_CMD_STUFF: - if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING) && + if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && spectre_v2_enabled == SPECTRE_V2_RETPOLINE) { retbleed_mitigation = RETBLEED_MITIGATION_STUFF; } else { - if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING)) + if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING)) pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n"); else - pr_err("WARNING: kernel not compiled with CALL_DEPTH_TRACKING.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_CALL_DEPTH_TRACKING.\n"); goto do_cmd_auto; } diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 7b2589877d06..ff46f48a0cc4 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -71,7 +71,7 @@ SYM_CODE_END(__x86_indirect_thunk_array) #include #undef GEN -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING .macro CALL_THUNK reg .align RETPOLINE_THUNK_SIZE @@ -327,7 +327,7 @@ __EXPORT_THUNK(entry_untrain_ret) #endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */ -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING .align 64 SYM_FUNC_START(call_depth_return_thunk) @@ -359,7 +359,7 @@ SYM_FUNC_START(call_depth_return_thunk) int3 SYM_FUNC_END(call_depth_return_thunk) -#endif /* CONFIG_CALL_DEPTH_TRACKING */ +#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ /* * This function name is magical and is used by -mfunction-return=thunk-extern diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 68d0134bdbf9..cc44c95c49cc 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -254,7 +254,7 @@ objtool := $(objtree)/tools/objtool/objtool objtool-args-$(CONFIG_HAVE_JUMP_LABEL_HACK) += --hacks=jump_label objtool-args-$(CONFIG_HAVE_NOINSTR_HACK) += --hacks=noinstr -objtool-args-$(CONFIG_CALL_DEPTH_TRACKING) += --hacks=skylake +objtool-args-$(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) += --hacks=skylake objtool-args-$(CONFIG_X86_KERNEL_IBT) += --ibt objtool-args-$(CONFIG_FINEIBT) += --cfi objtool-args-$(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL) += --mcount diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index fafe9be7a6f4..3d61b2432991 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -69,7 +69,7 @@ # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) #endif -#ifdef CONFIG_CALL_DEPTH_TRACKING +#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING # define DISABLE_CALL_DEPTH_TRACKING 0 #else # define DISABLE_CALL_DEPTH_TRACKING (1 << (X86_FEATURE_CALL_DEPTH & 31)) From patchwork Tue Nov 21 16:07:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167838 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp776220vqb; Tue, 21 Nov 2023 09:11:32 -0800 (PST) X-Google-Smtp-Source: AGHT+IEekqxlvIIfpdXDWABhAXmYC0ptvCWu0BNULVp9rNMNBUkuKeSMLR0h0gSRZtpZxw8QM6Gq X-Received: by 2002:a05:6a21:6d85:b0:18b:902:9be with SMTP id wl5-20020a056a216d8500b0018b090209bemr1580661pzb.57.1700586692734; Tue, 21 Nov 2023 09:11:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586692; cv=none; d=google.com; s=arc-20160816; b=hfsUjFisjI0kMVFi2WphQkAffb/YtQLv0Dwyq8OI6HYr7SbWonppsBy/QKBKdirZio E6ZSgLwmSC1i8JN/dVpDNNUwk4wLSoLSJ/BEWqelk243FBPhL8wxZtoKpbKNHoP9Q8bo Tztvpq36OL2ry6cQcGDHMLNN57yliVnDCAM4U89xsiSQsdeDKVxzrTQ5wCc5oAcL+Esh 2B0Gsyd/UbVj+xeLlHe1HuoYg4sa+NMsUEjKKeZA4XD6kyTboAek36Y0JSNxYg7zWNql CvRHQwsagce4IPgOTBfUfS92psDgYXDKi0ti5sUF0j5Zh23GlfrzdyLo2lj2VmrPMUmi /LGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=aYzfZG/C2MsaKXteb7v0bs2m1+uBySJFf8Q+cZod/zU=; fh=AyMczZ1PiqGLNbr7TZShskXHjB3VwFthgxv+wrsKlnw=; b=hQnm4DTUFMqZX9rxZwR7kJnSzBNc7Pc77mavjz0BoAQ59calEWILU4YCSloNzmvt0U dwcT7Fd4UpMD85Cx7ZyBL1I2kwcfIfsJI1ntrYPoNBs3Mw1YBHGnYsHoeu9ztjKB/013 zrL3PmerF/k3a7FHi8jzFwIvEHZXHfIG4pqGgx3Jj/g/r0Xu28xglUjJplRP9pGi1Xba hwcI/WvgRetRjtBWP2pBPbZtiZMbZMrGMzrFnAnqfw9eHwUkZVOfPhRhNJEvvsWLX3J9 BcxJUWH/lK5t4Qgob6GB6UDqabzX7RCADq7vk9z6badxene13iMPag09Z4h26jqnVtCq XFaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id ot3-20020a17090b3b4300b002832041e149si14016625pjb.167.2023.11.21.09.11.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:11:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 767E680C8425; Tue, 21 Nov 2023 09:10:45 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233924AbjKURKp (ORCPT + 99 others); Tue, 21 Nov 2023 12:10:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35452 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234048AbjKURKm (ORCPT ); Tue, 21 Nov 2023 12:10:42 -0500 Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com [209.85.218.53]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A170C113; Tue, 21 Nov 2023 09:10:36 -0800 (PST) Received: by mail-ej1-f53.google.com with SMTP id a640c23a62f3a-9c41e95efcbso800911766b.3; Tue, 21 Nov 2023 09:10:36 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586635; x=1701191435; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aYzfZG/C2MsaKXteb7v0bs2m1+uBySJFf8Q+cZod/zU=; b=Cx6XihnEbe9T0TPFuiMPu+9Kms3AqcC6TbwbtxYmYpgRwxlqEgzL+1dh2yYZTOLsDk iknGKUZSxFRC7q0XAlxu0bMA4dc2GDNghQRQ/gZCCD2wcG9c8GwchZ7Cd5TRSmMAOI9a bzrmz82sseLmeRWm+9Og0z1vNs4UO1awy6odCVl+xWhuHy02FeOeOUlfCG1zhgp4dm2R /QS1DwgQE7J+KiErU39dtKK/uGQ1eUiWHQokjeto1FS51+TgIvDBZz3NNFNChc74mnkU 5xBJUVzgR6zgGWz9st5OFzpqVwj0Tquak+So02IV2AQSY3P5FFdxaU76TY8AnCw0TtdJ FQag== X-Gm-Message-State: AOJu0YxZ4ik6FtvihPPp0svTyKzqdjJqvXuRH6BUa0xcP7oOyWXurcse O1H867SfQspWaRVzEtfq56k= X-Received: by 2002:a17:906:28d:b0:9fe:380e:9055 with SMTP id 13-20020a170906028d00b009fe380e9055mr4722702ejf.8.1700586634665; Tue, 21 Nov 2023 09:10:34 -0800 (PST) Received: from localhost (fwdproxy-cln-007.fbsv.net. [2a03:2880:31ff:7::face:b00c]) by smtp.gmail.com with ESMTPSA id kk17-20020a170907767100b0099cce6f7d50sm5494542ejc.64.2023.11.21.09.10.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:10:34 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Jonathan Corbet , Andy Lutomirski , Peter Zijlstra Cc: leit@meta.com, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com, "Kirill A. Shutemov" , Ingo Molnar , Mike Rapoport , Nikunj A Dadhania , Ard Biesheuvel , Yu-cheng Yu , Kees Cook , Rick Edgecombe , Kim Phillips , Juergen Gross , Andrew Morton , David Hildenbrand , Kemeng Shi , "Matthew Wilcox (Oracle)" , Peter Xu , Alexander Potapenko , Brian Gerst , Masahiro Yamada , David Woodhouse , Usama Arif , Tom Lendacky , Hugh Dickins , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org (open list:DOCUMENTATION) Subject: [PATCH v6 04/13] x86/bugs: Rename PAGE_TABLE_ISOLATION to MITIGATION_PAGE_TABLE_ISOLATION Date: Tue, 21 Nov 2023 08:07:31 -0800 Message-Id: <20231121160740.1249350-5-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:10:45 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194391965549391 X-GMAIL-MSGID: 1783194391965549391 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from PAGE_TABLE_ISOLATION to MITIGATION_PAGE_TABLE_ISOLATION. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- Documentation/arch/x86/pti.rst | 6 +++--- arch/x86/Kconfig | 2 +- arch/x86/boot/compressed/ident_map_64.c | 4 ++-- arch/x86/entry/calling.h | 4 ++-- arch/x86/entry/entry_64.S | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/pgalloc.h | 2 +- arch/x86/include/asm/pgtable-3level.h | 2 +- arch/x86/include/asm/pgtable.h | 18 +++++++++--------- arch/x86/include/asm/pgtable_64.h | 3 ++- arch/x86/include/asm/processor-flags.h | 2 +- arch/x86/include/asm/pti.h | 2 +- arch/x86/kernel/dumpstack.c | 2 +- arch/x86/kernel/head_32.S | 4 ++-- arch/x86/kernel/head_64.S | 2 +- arch/x86/kernel/ldt.c | 8 ++++---- arch/x86/mm/Makefile | 2 +- arch/x86/mm/debug_pagetables.c | 4 ++-- arch/x86/mm/dump_pagetables.c | 4 ++-- arch/x86/mm/pgtable.c | 4 ++-- arch/x86/mm/tlb.c | 10 +++++----- include/linux/pti.h | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 23 files changed, 47 insertions(+), 46 deletions(-) diff --git a/Documentation/arch/x86/pti.rst b/Documentation/arch/x86/pti.rst index 4b858a9bad8d..3241b081f1ad 100644 --- a/Documentation/arch/x86/pti.rst +++ b/Documentation/arch/x86/pti.rst @@ -26,9 +26,9 @@ comments in pti.c). This approach helps to ensure that side-channel attacks leveraging the paging structures do not function when PTI is enabled. It can be -enabled by setting CONFIG_PAGE_TABLE_ISOLATION=y at compile time. -Once enabled at compile-time, it can be disabled at boot with the -'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt). +enabled by setting CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=y at compile +time. Once enabled at compile-time, it can be disabled at boot with +the 'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt). Page Table Management ===================== diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 3ecfeedaf248..4398e9ebef8c 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2487,7 +2487,7 @@ menuconfig SPECULATION_MITIGATIONS if SPECULATION_MITIGATIONS -config PAGE_TABLE_ISOLATION +config MITIGATION_PAGE_TABLE_ISOLATION bool "Remove the kernel mapping in user mode" default y depends on (X86_64 || X86_PAE) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index 473ba59b82a8..0cbf6a6c3bc3 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -8,8 +8,8 @@ * Copyright (C) 2016 Kees Cook */ -/* No PAGE_TABLE_ISOLATION support needed either: */ -#undef CONFIG_PAGE_TABLE_ISOLATION +/* No MITIGATION_PAGE_TABLE_ISOLATION support needed either: */ +#undef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION #include "error.h" #include "misc.h" diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index f6907627172b..ace89d5c1ddd 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -142,7 +142,7 @@ For 32-bit we have the following conventions - kernel is built with .endif .endm -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * PAGE_TABLE_ISOLATION PGDs are 8k. Flip bit 12 to switch between the two @@ -269,7 +269,7 @@ For 32-bit we have the following conventions - kernel is built with .Lend_\@: .endm -#else /* CONFIG_PAGE_TABLE_ISOLATION=n: */ +#else /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=n: */ .macro SWITCH_TO_KERNEL_CR3 scratch_reg:req .endm diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index de6469dffe3a..3b4f6243de37 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1085,7 +1085,7 @@ SYM_CODE_END(error_return) * * Registers: * %r14: Used to save/restore the CR3 of the interrupted context - * when PAGE_TABLE_ISOLATION is in use. Do not clobber. + * when MITIGATION_PAGE_TABLE_ISOLATION is in use. Do not clobber. */ SYM_CODE_START(asm_exc_nmi) UNWIND_HINT_IRET_ENTRY diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index c1d3a5795618..fb604ec95a5f 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -44,7 +44,7 @@ # define DISABLE_LA57 (1<<(X86_FEATURE_LA57 & 31)) #endif -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define DISABLE_PTI 0 #else # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h index c7ec5bb88334..dcd836b59beb 100644 --- a/arch/x86/include/asm/pgalloc.h +++ b/arch/x86/include/asm/pgalloc.h @@ -34,7 +34,7 @@ static inline void paravirt_release_p4d(unsigned long pfn) {} */ extern gfp_t __userpte_alloc_gfp; -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * Instead of one PGD, we acquire two PGDs. Being order-1, it is * both 8k in size and 8k-aligned. That lets us just flip bit 12 diff --git a/arch/x86/include/asm/pgtable-3level.h b/arch/x86/include/asm/pgtable-3level.h index 9e7c0b719c3c..dabafba957ea 100644 --- a/arch/x86/include/asm/pgtable-3level.h +++ b/arch/x86/include/asm/pgtable-3level.h @@ -52,7 +52,7 @@ static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd) static inline void native_set_pud(pud_t *pudp, pud_t pud) { -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION pud.p4d.pgd = pti_set_user_pgtbl(&pudp->p4d.pgd, pud.p4d.pgd); #endif pxx_xchg64(pud, pudp, native_pud_val(pud)); diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index 57bab91bbf50..b23d0c162573 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -908,7 +908,7 @@ static inline int is_new_memtype_allowed(u64 paddr, unsigned long size, pmd_t *populate_extra_pmd(unsigned long vaddr); pte_t *populate_extra_pte(unsigned long vaddr); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION pgd_t __pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd); /* @@ -922,12 +922,12 @@ static inline pgd_t pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd) return pgd; return __pti_set_user_pgtbl(pgdp, pgd); } -#else /* CONFIG_PAGE_TABLE_ISOLATION */ +#else /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ static inline pgd_t pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd) { return pgd; } -#endif /* CONFIG_PAGE_TABLE_ISOLATION */ +#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ #endif /* __ASSEMBLY__ */ @@ -1130,7 +1130,7 @@ static inline int p4d_bad(p4d_t p4d) { unsigned long ignore_flags = _KERNPG_TABLE | _PAGE_USER; - if (IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) + if (IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) ignore_flags |= _PAGE_NX; return (p4d_flags(p4d) & ~ignore_flags) != 0; @@ -1176,7 +1176,7 @@ static inline int pgd_bad(pgd_t pgd) if (!pgtable_l5_enabled()) return 0; - if (IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) + if (IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) ignore_flags |= _PAGE_NX; return (pgd_flags(pgd) & ~ignore_flags) != _KERNPG_TABLE; @@ -1421,9 +1421,9 @@ static inline bool pgdp_maps_userspace(void *__ptr) #define pgd_leaf pgd_large static inline int pgd_large(pgd_t pgd) { return 0; } -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* - * All top-level PAGE_TABLE_ISOLATION page tables are order-1 pages + * All top-level MITIGATION_PAGE_TABLE_ISOLATION page tables are order-1 pages * (8k-aligned and 8k in size). The kernel one is at the beginning 4k and * the user one is in the last 4k. To switch between them, you * just need to flip the 12th bit in their addresses. @@ -1468,7 +1468,7 @@ static inline p4d_t *user_to_kernel_p4dp(p4d_t *p4dp) { return ptr_clear_bit(p4dp, PTI_PGTABLE_SWITCH_BIT); } -#endif /* CONFIG_PAGE_TABLE_ISOLATION */ +#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ /* * clone_pgd_range(pgd_t *dst, pgd_t *src, int count); @@ -1483,7 +1483,7 @@ static inline p4d_t *user_to_kernel_p4dp(p4d_t *p4dp) static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count) { memcpy(dst, src, count * sizeof(pgd_t)); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION if (!static_cpu_has(X86_FEATURE_PTI)) return; /* Clone the user space pgd as well */ diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h index a629b1b9f65a..8108d68d146c 100644 --- a/arch/x86/include/asm/pgtable_64.h +++ b/arch/x86/include/asm/pgtable_64.h @@ -143,7 +143,8 @@ static inline void native_set_p4d(p4d_t *p4dp, p4d_t p4d) { pgd_t pgd; - if (pgtable_l5_enabled() || !IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) { + if (pgtable_l5_enabled() || + !IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) { WRITE_ONCE(*p4dp, p4d); return; } diff --git a/arch/x86/include/asm/processor-flags.h b/arch/x86/include/asm/processor-flags.h index d8cccadc83a6..e5f204b9b33d 100644 --- a/arch/x86/include/asm/processor-flags.h +++ b/arch/x86/include/asm/processor-flags.h @@ -51,7 +51,7 @@ #define CR3_NOFLUSH 0 #endif -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define X86_CR3_PTI_PCID_USER_BIT 11 #endif diff --git a/arch/x86/include/asm/pti.h b/arch/x86/include/asm/pti.h index 07375b476c4f..ab167c96b9ab 100644 --- a/arch/x86/include/asm/pti.h +++ b/arch/x86/include/asm/pti.h @@ -3,7 +3,7 @@ #define _ASM_X86_PTI_H #ifndef __ASSEMBLY__ -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION extern void pti_init(void); extern void pti_check_boottime_disable(void); extern void pti_finalize(void); diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c index f18ca44c904b..44a91ef5a23b 100644 --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -410,7 +410,7 @@ static void __die_header(const char *str, struct pt_regs *regs, long err) IS_ENABLED(CONFIG_SMP) ? " SMP" : "", debug_pagealloc_enabled() ? " DEBUG_PAGEALLOC" : "", IS_ENABLED(CONFIG_KASAN) ? " KASAN" : "", - IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION) ? + IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION) ? (boot_cpu_has(X86_FEATURE_PTI) ? " PTI" : " NOPTI") : ""); } NOKPROBE_SYMBOL(__die_header); diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S index 487ac57e2c81..b50f3641c4d6 100644 --- a/arch/x86/kernel/head_32.S +++ b/arch/x86/kernel/head_32.S @@ -414,7 +414,7 @@ __REFDATA .align 4 SYM_DATA(initial_code, .long i386_start_kernel) -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION #define PGD_ALIGN (2 * PAGE_SIZE) #define PTI_USER_PGD_FILL 1024 #else @@ -474,7 +474,7 @@ SYM_DATA_START(initial_page_table) # endif .align PAGE_SIZE /* needs to be page-sized too */ -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * PTI needs another page so sync_initial_pagetable() works correctly * and does not scribble over the data which is placed behind the diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 086a2c3aaaa0..e23bc2a541cf 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -593,7 +593,7 @@ SYM_CODE_END(vc_no_ghcb) #define SYM_DATA_START_PAGE_ALIGNED(name) \ SYM_START(name, SYM_L_GLOBAL, .balign PAGE_SIZE) -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * Each PGD needs to be 8k long and 8k aligned. We do not * ever go out to userspace with these, so we do not diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c index adc67f98819a..7e6de84b9358 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c @@ -184,7 +184,7 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries) return new_ldt; } -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION static void do_sanity_check(struct mm_struct *mm, bool had_kernel_mapping, @@ -377,7 +377,7 @@ static void unmap_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt) flush_tlb_mm_range(mm, va, va + nr_pages * PAGE_SIZE, PAGE_SHIFT, false); } -#else /* !CONFIG_PAGE_TABLE_ISOLATION */ +#else /* !CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ static int map_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt, int slot) @@ -388,11 +388,11 @@ map_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt, int slot) static void unmap_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt) { } -#endif /* CONFIG_PAGE_TABLE_ISOLATION */ +#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */ static void free_ldt_pgtables(struct mm_struct *mm) { -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION struct mmu_gather tlb; unsigned long start = LDT_BASE_ADDR; unsigned long end = LDT_END_ADDR; diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index c80febc44cd2..031cd10ed17f 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -60,7 +60,7 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o -obj-$(CONFIG_PAGE_TABLE_ISOLATION) += pti.o +obj-$(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION) += pti.o obj-$(CONFIG_X86_MEM_ENCRYPT) += mem_encrypt.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_amd.o diff --git a/arch/x86/mm/debug_pagetables.c b/arch/x86/mm/debug_pagetables.c index b43301cb2a80..ae5c213a1cb0 100644 --- a/arch/x86/mm/debug_pagetables.c +++ b/arch/x86/mm/debug_pagetables.c @@ -22,7 +22,7 @@ static int ptdump_curknl_show(struct seq_file *m, void *v) DEFINE_SHOW_ATTRIBUTE(ptdump_curknl); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION static int ptdump_curusr_show(struct seq_file *m, void *v) { if (current->mm->pgd) @@ -54,7 +54,7 @@ static int __init pt_dump_debug_init(void) debugfs_create_file("current_kernel", 0400, dir, NULL, &ptdump_curknl_fops); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION debugfs_create_file("current_user", 0400, dir, NULL, &ptdump_curusr_fops); #endif diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c index e1b599ecbbc2..b7b88c1d91ec 100644 --- a/arch/x86/mm/dump_pagetables.c +++ b/arch/x86/mm/dump_pagetables.c @@ -408,7 +408,7 @@ void ptdump_walk_pgd_level_debugfs(struct seq_file *m, struct mm_struct *mm, bool user) { pgd_t *pgd = mm->pgd; -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION if (user && boot_cpu_has(X86_FEATURE_PTI)) pgd = kernel_to_user_pgdp(pgd); #endif @@ -418,7 +418,7 @@ EXPORT_SYMBOL_GPL(ptdump_walk_pgd_level_debugfs); void ptdump_walk_user_pgd_level_checkwx(void) { -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION pgd_t *pgd = INIT_PGD; if (!(__supported_pte_mask & _PAGE_NX) || diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index 0cbc1b8e8e3d..cceb779d882d 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -293,7 +293,7 @@ static void pgd_mop_up_pmds(struct mm_struct *mm, pgd_t *pgdp) for (i = 0; i < PREALLOCATED_PMDS; i++) mop_up_one_pmd(mm, &pgdp[i]); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION if (!boot_cpu_has(X86_FEATURE_PTI)) return; @@ -325,7 +325,7 @@ static void pgd_prepopulate_pmd(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmds[]) } } -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION static void pgd_prepopulate_user_pmd(struct mm_struct *mm, pgd_t *k_pgd, pmd_t *pmds[]) { diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index 453ea95b667d..77f448e55bf8 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -89,10 +89,10 @@ #define CR3_HW_ASID_BITS 12 /* - * When enabled, PAGE_TABLE_ISOLATION consumes a single bit for + * When enabled, MITIGATION_PAGE_TABLE_ISOLATION consumes a single bit for * user/kernel switches */ -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define PTI_CONSUMED_PCID_BITS 1 #else # define PTI_CONSUMED_PCID_BITS 0 @@ -114,7 +114,7 @@ static inline u16 kern_pcid(u16 asid) { VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION /* * Make sure that the dynamic ASID space does not conflict with the * bit we are using to switch between user and kernel ASIDs. @@ -149,7 +149,7 @@ static inline u16 kern_pcid(u16 asid) static inline u16 user_pcid(u16 asid) { u16 ret = kern_pcid(asid); -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION ret |= 1 << X86_CR3_PTI_PCID_USER_BIT; #endif return ret; @@ -262,7 +262,7 @@ static void choose_new_asid(struct mm_struct *next, u64 next_tlb_gen, static inline void invalidate_user_asid(u16 asid) { /* There is no user ASID if address space separation is off */ - if (!IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) + if (!IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) return; /* diff --git a/include/linux/pti.h b/include/linux/pti.h index 1a941efcaa62..1fbf9d6c20ef 100644 --- a/include/linux/pti.h +++ b/include/linux/pti.h @@ -2,7 +2,7 @@ #ifndef _INCLUDE_PTI_H #define _INCLUDE_PTI_H -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION #include #else static inline void pti_init(void) { } diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 3d61b2432991..aeb3fbbbce46 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -44,7 +44,7 @@ # define DISABLE_LA57 (1<<(X86_FEATURE_LA57 & 31)) #endif -#ifdef CONFIG_PAGE_TABLE_ISOLATION +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION # define DISABLE_PTI 0 #else # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) From patchwork Tue Nov 21 16:07:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167839 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp776707vqb; Tue, 21 Nov 2023 09:12:12 -0800 (PST) X-Google-Smtp-Source: AGHT+IFXTub56RILyKbeCClIDALwDNewo8J4KRiMvRYEYNdeKFKv5mu4634wsitqg9RjvRn9VWt4 X-Received: by 2002:a17:902:e74b:b0:1cc:5f51:b1e5 with SMTP id p11-20020a170902e74b00b001cc5f51b1e5mr11617162plf.12.1700586732036; Tue, 21 Nov 2023 09:12:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586732; cv=none; d=google.com; s=arc-20160816; b=dE9gbN28rtB46iL2d+R0N61LEifTwYmlG3z6AGAtY4zWunc8UTphG1dbSVjsB2xRNR MsZEL/lXQNes5esraMpYeIB41S/ePe3ZOg7kxLpL5U94F8RJvSUsB/xi5e73vpfTE4NO iFgFJtE/N3k+V+2a17ICkxhsdp4F8fUcl4rJiWOiZH/oy+AvWa9YctSGL/6Aay52+NfS feAstWQH5DVoW1xJ2WzSFpD+EzbPHffIX8LIrgXEgKHImETnnuVNgCVVoXCS9Mg/Sab0 YuXetdCoIzSD9PKAbq6RHq06r7FBDxp0VCBi+OY5gEF8sfEB7KjaiBRPM+OQwlQ12h6H m52w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=PCBszeb6BLVjodCjuc9eHADxH0ZAWabB6KnbF0fS0Zs=; fh=3wkiQSNGLOcD7cMVTUk05Lno/BpGKkYpWKPMJSxu87E=; b=CQL1x818ZPiM4SPwiMhD5gMwGLjoc1mYxB2hqSXgoWn1UszTrM52ne+OtOauH1ISE1 RzVWySsN4CWfDc90PFn1NBoOKCY2ckOlFylt2dwNUyp/hLTjcC5cE1F1Lz54O9CUEMo2 owZ+t4hADBCwNBUJa7PTy2P0SaWqTyDBWm0bDWN56b9gLDNipbZxh0uMT5Jvtp3nM8+S 90Ouycy/WwdxTzz+/iXXreGKA9l0sJOXcHEm8ALBbMRvdoVfT7BQj6FtN4U4rrAUvIT+ 5etCQO7BIP3EfZR6qRRkokC1OA21vum0cM6LRGk0QfIlmz2risAFLkTz5Nx+3QvaahW7 2OsA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id h22-20020a170902ac9600b001c0c4be62basi10366681plr.617.2023.11.21.09.12.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id E72248149726; Tue, 21 Nov 2023 09:11:53 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233961AbjKURLk (ORCPT + 99 others); Tue, 21 Nov 2023 12:11:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233706AbjKURLi (ORCPT ); Tue, 21 Nov 2023 12:11:38 -0500 Received: from mail-ej1-f41.google.com (mail-ej1-f41.google.com [209.85.218.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AF9F12C; Tue, 21 Nov 2023 09:11:32 -0800 (PST) Received: by mail-ej1-f41.google.com with SMTP id a640c23a62f3a-a00f67f120aso194050866b.2; Tue, 21 Nov 2023 09:11:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586690; x=1701191490; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PCBszeb6BLVjodCjuc9eHADxH0ZAWabB6KnbF0fS0Zs=; b=sJplJ0JojYKw3VqKn/pV9dbjvtLjWIKBm+6C8lYXpo4jUX2vzDwDQ52I4WbMXxi3gP NdxqUPQUgiX0H1LlCX+in2UJLz8LDfTEPXWQihQaY8z+Iyj+sWGjIaVWeTNCXeCfXsn9 jzKFdafKBqwoX5IiacDQn/Lr9zNxvYigG7XHDGXB8Rwt8I0wFbv12yGTmC0o9a1JNIER z1173Q2bZmdyyMd7L1N2KRZ8Jy/96KxDcZsRbguO5LkACgSOT4we/VB4WO2Zc/gqRIoV ZC6uTC4fRFFeeql6Nd9aXokDrKXJS9waSFNx/NSupeDu8ti10QxsHQpLA0+MaPoEUEh5 zCgw== X-Gm-Message-State: AOJu0Ywkl+bgqwdll7Xf+Wo3lM2esPWqatnYHtf3/qgoJcT13+6BGzA4 F/mKBx/DDDHMtjZak+6xsF8= X-Received: by 2002:a17:906:2252:b0:a02:3f1e:59e6 with SMTP id 18-20020a170906225200b00a023f1e59e6mr2022045ejr.71.1700586690349; Tue, 21 Nov 2023 09:11:30 -0800 (PST) Received: from localhost (fwdproxy-cln-001.fbsv.net. [2a03:2880:31ff:1::face:b00c]) by smtp.gmail.com with ESMTPSA id mr39-20020a17090782a700b00a01946a962csm1260879ejc.206.2023.11.21.09.11.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:11:29 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Peter Zijlstra , Pawan Gupta , Jonathan Corbet , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andy Lutomirski , Steven Rostedt , Masami Hiramatsu , Mark Rutland , Sean Christopherson , Paolo Bonzini , "David S. Miller" , David Ahern , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Wang YanQing , Luis Chamberlain , Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier , Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl Cc: leit@meta.com, linux-kernel@vger.kernel.org, "Paul E. McKenney" , Randy Dunlap , Tejun Heo , Frederic Weisbecker , Yu-cheng Yu , Rick Edgecombe , Juergen Gross , Kim Phillips , "Kirill A. Shutemov" , Ingo Molnar , Vincent Whitchurch , Jinghao Jia , Kees Cook , Sami Tolvanen , Yang Jihong , Petr Pavlu , Alyssa Ross , Ricardo Ribalda , Andrew Morton , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org (open list:DOCUMENTATION), linux-trace-kernel@vger.kernel.org (open list:FUNCTION HOOKS (FTRACE)), kvm@vger.kernel.org (open list:KERNEL VIRTUAL MACHINE FOR X86 (KVM/x86)), netdev@vger.kernel.org (open list:NETWORKING [IPv4/IPv6]), bpf@vger.kernel.org (open list:BPF [GENERAL] (Safe Dynamic Programs and Tools)), linux-modules@vger.kernel.org (open list:MODULE SUPPORT), netfilter-devel@vger.kernel.org (open list:NETFILTER), coreteam@netfilter.org (open list:NETFILTER), rust-for-linux@vger.kernel.org (open list:RUST) Subject: [PATCH v6 05/13] x86/bugs: Rename RETPOLINE to MITIGATION_RETPOLINE Date: Tue, 21 Nov 2023 08:07:32 -0800 Message-Id: <20231121160740.1249350-6-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:11:54 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194432640052641 X-GMAIL-MSGID: 1783194432640052641 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from RETPOLINE to MITIGATION_RETPOLINE. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao Reviewed-by: Ariel Miculas --- Documentation/admin-guide/hw-vuln/spectre.rst | 8 ++++---- Documentation/admin-guide/kernel-parameters.txt | 4 ++-- arch/x86/Kconfig | 6 +++--- arch/x86/Makefile | 4 ++-- arch/x86/entry/vdso/Makefile | 4 ++-- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/linkage.h | 8 ++++---- arch/x86/include/asm/nospec-branch.h | 8 ++++---- arch/x86/kernel/alternative.c | 6 +++--- arch/x86/kernel/cpu/bugs.c | 6 +++--- arch/x86/kernel/ftrace.c | 2 +- arch/x86/kernel/kprobes/opt.c | 2 +- arch/x86/kernel/vmlinux.lds.S | 4 ++-- arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/kvm/mmu/mmu_internal.h | 2 +- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/svm/vmenter.S | 4 ++-- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/lib/Makefile | 2 +- arch/x86/net/bpf_jit_comp.c | 2 +- arch/x86/net/bpf_jit_comp32.c | 2 +- arch/x86/purgatory/Makefile | 2 +- include/linux/compiler-gcc.h | 2 +- include/linux/indirect_call_wrapper.h | 2 +- include/linux/module.h | 2 +- include/net/netfilter/nf_tables_core.h | 2 +- include/net/tc_wrapper.h | 2 +- kernel/trace/ring_buffer.c | 2 +- net/netfilter/Makefile | 2 +- net/netfilter/nf_tables_core.c | 6 +++--- net/netfilter/nft_ct.c | 4 ++-- net/netfilter/nft_lookup.c | 2 +- net/sched/sch_api.c | 2 +- scripts/Makefile.lib | 2 +- scripts/generate_rust_target.rs | 2 +- scripts/mod/modpost.c | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 37 files changed, 60 insertions(+), 60 deletions(-) diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst index 32a8893e5617..cce768afec6b 100644 --- a/Documentation/admin-guide/hw-vuln/spectre.rst +++ b/Documentation/admin-guide/hw-vuln/spectre.rst @@ -473,8 +473,8 @@ Spectre variant 2 -mindirect-branch=thunk-extern -mindirect-branch-register options. If the kernel is compiled with a Clang compiler, the compiler needs to support -mretpoline-external-thunk option. The kernel config - CONFIG_RETPOLINE needs to be turned on, and the CPU needs to run with - the latest updated microcode. + CONFIG_MITIGATION_RETPOLINE needs to be turned on, and the CPU needs + to run with the latest updated microcode. On Intel Skylake-era systems the mitigation covers most, but not all, cases. See :ref:`[3] ` for more details. @@ -609,8 +609,8 @@ kernel command line. Selecting 'on' will, and 'auto' may, choose a mitigation method at run time according to the CPU, the available microcode, the setting of the - CONFIG_RETPOLINE configuration option, and the - compiler with which the kernel was built. + CONFIG_MITIGATION_RETPOLINE configuration option, + and the compiler with which the kernel was built. Selecting 'on' will also enable the mitigation against user space to user space task attacks. diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 65731b060e3f..7e071087c8c2 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -6000,8 +6000,8 @@ Selecting 'on' will, and 'auto' may, choose a mitigation method at run time according to the CPU, the available microcode, the setting of the - CONFIG_RETPOLINE configuration option, and the - compiler with which the kernel was built. + CONFIG_MITIGATION_RETPOLINE configuration option, + and the compiler with which the kernel was built. Selecting 'on' will also enable the mitigation against user space to user space task attacks. diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 4398e9ebef8c..862be9b3b216 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2460,7 +2460,7 @@ config CALL_PADDING config FINEIBT def_bool y - depends on X86_KERNEL_IBT && CFI_CLANG && RETPOLINE + depends on X86_KERNEL_IBT && CFI_CLANG && MITIGATION_RETPOLINE select CALL_PADDING config HAVE_CALL_THUNKS @@ -2498,7 +2498,7 @@ config MITIGATION_PAGE_TABLE_ISOLATION See Documentation/arch/x86/pti.rst for more details. -config RETPOLINE +config MITIGATION_RETPOLINE bool "Avoid speculative indirect branches in kernel" select OBJTOOL if HAVE_OBJTOOL default y @@ -2510,7 +2510,7 @@ config RETPOLINE config RETHUNK bool "Enable return-thunks" - depends on RETPOLINE && CC_HAS_RETURN_THUNK + depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK select OBJTOOL if HAVE_OBJTOOL default y if X86_64 help diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 1a068de12a56..b8d23ed059fb 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -192,7 +192,7 @@ KBUILD_CFLAGS += -Wno-sign-compare KBUILD_CFLAGS += -fno-asynchronous-unwind-tables # Avoid indirect branches in kernel to deal with Spectre -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) # Additionally, avoid generating expensive indirect jumps which # are subject to retpolines for small number of switch cases. @@ -301,7 +301,7 @@ vdso-install-$(CONFIG_IA32_EMULATION) += arch/x86/entry/vdso/vdso32.so.dbg archprepare: checkbin checkbin: -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE ifeq ($(RETPOLINE_CFLAGS),) @echo "You are building kernel with non-retpoline compiler." >&2 @echo "Please update your compiler." >&2 diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index b1b8dd1608f7..c4df99aa1615 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -87,7 +87,7 @@ CFL := $(PROFILING) -mcmodel=small -fPIC -O2 -fasynchronous-unwind-tables -m64 \ -fno-omit-frame-pointer -foptimize-sibling-calls \ -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE ifneq ($(RETPOLINE_VDSO_CFLAGS),) CFL += $(RETPOLINE_VDSO_CFLAGS) endif @@ -164,7 +164,7 @@ KBUILD_CFLAGS_32 += $(call cc-option, -foptimize-sibling-calls) KBUILD_CFLAGS_32 += -fno-omit-frame-pointer KBUILD_CFLAGS_32 += -DDISABLE_BRANCH_PROFILING -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE ifneq ($(RETPOLINE_VDSO_CFLAGS),) KBUILD_CFLAGS_32 += $(RETPOLINE_VDSO_CFLAGS) endif diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index fb604ec95a5f..24e4010c33b6 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -50,7 +50,7 @@ # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) #endif -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE # define DISABLE_RETPOLINE 0 #else # define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \ diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h index 571fe4d2d232..c5165204c66f 100644 --- a/arch/x86/include/asm/linkage.h +++ b/arch/x86/include/asm/linkage.h @@ -42,25 +42,25 @@ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define RET jmp __x86_return_thunk -#else /* CONFIG_RETPOLINE */ +#else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_SLS #define RET ret; int3 #else #define RET ret #endif -#endif /* CONFIG_RETPOLINE */ +#endif /* CONFIG_MITIGATION_RETPOLINE */ #else /* __ASSEMBLY__ */ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define ASM_RET "jmp __x86_return_thunk\n\t" -#else /* CONFIG_RETPOLINE */ +#else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_SLS #define ASM_RET "ret; int3\n\t" #else #define ASM_RET "ret\n\t" #endif -#endif /* CONFIG_RETPOLINE */ +#endif /* CONFIG_MITIGATION_RETPOLINE */ #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 64d9f0e87419..cab7c937c71b 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -241,7 +241,7 @@ * instruction irrespective of kCFI. */ .macro JMP_NOSPEC reg:req -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE __CS_PREFIX \reg jmp __x86_indirect_thunk_\reg #else @@ -251,7 +251,7 @@ .endm .macro CALL_NOSPEC reg:req -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE __CS_PREFIX \reg call __x86_indirect_thunk_\reg #else @@ -378,7 +378,7 @@ static inline void call_depth_return_thunk(void) {} #endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */ -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE #define GEN(reg) \ extern retpoline_thunk_t __x86_indirect_thunk_ ## reg; @@ -399,7 +399,7 @@ static inline void call_depth_return_thunk(void) {} /* * Inline asm uses the %V modifier which is only in newer GCC - * which is ensured when CONFIG_RETPOLINE is defined. + * which is ensured when CONFIG_MITIGATION_RETPOLINE is defined. */ # define CALL_NOSPEC \ ALTERNATIVE_2( \ diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 73be3931e4f0..5ec887d065ce 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -473,7 +473,7 @@ static inline bool is_jcc32(struct insn *insn) return insn->opcode.bytes[0] == 0x0f && (insn->opcode.bytes[1] & 0xf0) == 0x80; } -#if defined(CONFIG_RETPOLINE) && defined(CONFIG_OBJTOOL) +#if defined(CONFIG_MITIGATION_RETPOLINE) && defined(CONFIG_OBJTOOL) /* * CALL/JMP *%\reg @@ -773,12 +773,12 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end) void __init_or_module noinline apply_returns(s32 *start, s32 *end) { } #endif /* CONFIG_RETHUNK */ -#else /* !CONFIG_RETPOLINE || !CONFIG_OBJTOOL */ +#else /* !CONFIG_MITIGATION_RETPOLINE || !CONFIG_OBJTOOL */ void __init_or_module noinline apply_retpolines(s32 *start, s32 *end) { } void __init_or_module noinline apply_returns(s32 *start, s32 *end) { } -#endif /* CONFIG_RETPOLINE && CONFIG_OBJTOOL */ +#endif /* CONFIG_MITIGATION_RETPOLINE && CONFIG_OBJTOOL */ #ifdef CONFIG_X86_KERNEL_IBT diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index b906ed4f3091..fc46fd6447f9 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1103,7 +1103,7 @@ static enum spectre_v2_user_mitigation spectre_v2_user_stibp __ro_after_init = static enum spectre_v2_user_mitigation spectre_v2_user_ibpb __ro_after_init = SPECTRE_V2_USER_NONE; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE static bool spectre_v2_bad_module; bool retpoline_module_ok(bool has_retpoline) @@ -1416,7 +1416,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) cmd == SPECTRE_V2_CMD_RETPOLINE_GENERIC || cmd == SPECTRE_V2_CMD_EIBRS_LFENCE || cmd == SPECTRE_V2_CMD_EIBRS_RETPOLINE) && - !IS_ENABLED(CONFIG_RETPOLINE)) { + !IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) { pr_err("%s selected but not compiled in. Switching to AUTO select\n", mitigation_options[i].option); return SPECTRE_V2_CMD_AUTO; @@ -1470,7 +1470,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) static enum spectre_v2_mitigation __init spectre_v2_select_retpoline(void) { - if (!IS_ENABLED(CONFIG_RETPOLINE)) { + if (!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) { pr_err("Kernel not compiled with retpoline; no mitigation available!"); return SPECTRE_V2_NONE; } diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 12df54ff0e81..93bc52d4a472 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -307,7 +307,7 @@ union ftrace_op_code_union { } __attribute__((packed)); }; -#define RET_SIZE (IS_ENABLED(CONFIG_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS)) +#define RET_SIZE (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS)) static unsigned long create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c index 517821b48391..36d6809c6c9e 100644 --- a/arch/x86/kernel/kprobes/opt.c +++ b/arch/x86/kernel/kprobes/opt.c @@ -324,7 +324,7 @@ static int can_optimize(unsigned long paddr) * However, the kernel built with retpolines or IBT has jump * tables disabled so the check can be skipped altogether. */ - if (!IS_ENABLED(CONFIG_RETPOLINE) && + if (!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && !IS_ENABLED(CONFIG_X86_KERNEL_IBT) && insn_is_indirect_jump(&insn)) return 0; diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 54a5596adaa6..985984919d81 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -132,7 +132,7 @@ SECTIONS LOCK_TEXT KPROBES_TEXT SOFTIRQENTRY_TEXT -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE *(.text..__x86.indirect_thunk) *(.text..__x86.return_thunk) #endif @@ -280,7 +280,7 @@ SECTIONS __parainstructions_end = .; } -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* * List of instructions that call/jmp/jcc to retpoline thunks * __x86_indirect_thunk_*(). These instructions can be patched along diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index c57e181bba21..2485dbd4cf50 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -263,7 +263,7 @@ static unsigned long get_guest_cr3(struct kvm_vcpu *vcpu) static inline unsigned long kvm_mmu_get_guest_pgd(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu) { - if (IS_ENABLED(CONFIG_RETPOLINE) && mmu->get_guest_pgd == get_guest_cr3) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && mmu->get_guest_pgd == get_guest_cr3) return kvm_read_cr3(vcpu); return mmu->get_guest_pgd(vcpu); diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index decc1f153669..bf73a121c5ef 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -312,7 +312,7 @@ static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, if (!prefetch) vcpu->stat.pf_taken++; - if (IS_ENABLED(CONFIG_RETPOLINE) && fault.is_tdp) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && fault.is_tdp) r = kvm_tdp_page_fault(vcpu, &fault); else r = vcpu->arch.mmu->page_fault(vcpu, &fault); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 712146312358..dc362ec24ba1 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3452,7 +3452,7 @@ int svm_invoke_exit_handler(struct kvm_vcpu *vcpu, u64 exit_code) if (!svm_check_exit_valid(exit_code)) return svm_handle_invalid_exit(vcpu, exit_code); -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE if (exit_code == SVM_EXIT_MSR) return msr_interception(vcpu); else if (exit_code == SVM_EXIT_VINTR) diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S index ef2ebabb059c..b9e08837ab96 100644 --- a/arch/x86/kvm/svm/vmenter.S +++ b/arch/x86/kvm/svm/vmenter.S @@ -207,7 +207,7 @@ SYM_FUNC_START(__svm_vcpu_run) 7: vmload %_ASM_AX 8: -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */ FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE #endif @@ -344,7 +344,7 @@ SYM_FUNC_START(__svm_sev_es_vcpu_run) /* Pop @svm to RDI, guest registers have been saved already. */ pop %_ASM_DI -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */ FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE #endif diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index be20a60047b1..fbe516148ab6 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6544,7 +6544,7 @@ static int __vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) if (exit_reason.basic >= kvm_vmx_max_exit_handlers) goto unexpected_vmexit; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE if (exit_reason.basic == EXIT_REASON_MSR_WRITE) return kvm_emulate_wrmsr(vcpu); else if (exit_reason.basic == EXIT_REASON_PREEMPTION_TIMER) diff --git a/arch/x86/lib/Makefile b/arch/x86/lib/Makefile index ea3a28e7b613..72cc9c90e9f3 100644 --- a/arch/x86/lib/Makefile +++ b/arch/x86/lib/Makefile @@ -49,7 +49,7 @@ lib-$(CONFIG_ARCH_HAS_COPY_MC) += copy_mc.o copy_mc_64.o lib-$(CONFIG_INSTRUCTION_DECODER) += insn.o inat.o insn-eval.o lib-$(CONFIG_RANDOMIZE_BASE) += kaslr.o lib-$(CONFIG_FUNCTION_ERROR_INJECTION) += error-inject.o -lib-$(CONFIG_RETPOLINE) += retpoline.o +lib-$(CONFIG_MITIGATION_RETPOLINE) += retpoline.o obj-y += msr.o msr-reg.o msr-reg-export.o hweight.o obj-y += iomem.o diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c index 8c10d9abc239..ef732f323926 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -469,7 +469,7 @@ static void emit_indirect_jump(u8 **pprog, int reg, u8 *ip) emit_jump(&prog, &__x86_indirect_thunk_array[reg], ip); } else { EMIT2(0xFF, 0xE0 + reg); /* jmp *%\reg */ - if (IS_ENABLED(CONFIG_RETPOLINE) || IS_ENABLED(CONFIG_SLS)) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_SLS)) EMIT1(0xCC); /* int3 */ } diff --git a/arch/x86/net/bpf_jit_comp32.c b/arch/x86/net/bpf_jit_comp32.c index 429a89c5468b..efca6bd818a3 100644 --- a/arch/x86/net/bpf_jit_comp32.c +++ b/arch/x86/net/bpf_jit_comp32.c @@ -1273,7 +1273,7 @@ static int emit_jmp_edx(u8 **pprog, u8 *ip) u8 *prog = *pprog; int cnt = 0; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE EMIT1_off32(0xE9, (u8 *)__x86_indirect_thunk_edx - (ip + 5)); #else EMIT2(0xFF, 0xE2); diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile index 08aa0f25f12a..bc31863c5ee6 100644 --- a/arch/x86/purgatory/Makefile +++ b/arch/x86/purgatory/Makefile @@ -61,7 +61,7 @@ ifdef CONFIG_STACKPROTECTOR_STRONG PURGATORY_CFLAGS_REMOVE += -fstack-protector-strong endif -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE PURGATORY_CFLAGS_REMOVE += $(RETPOLINE_CFLAGS) endif diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index 2ceba3fe4ec1..d24f29091f4b 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -35,7 +35,7 @@ (typeof(ptr)) (__ptr + (off)); \ }) -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE #define __noretpoline __attribute__((__indirect_branch__("keep"))) #endif diff --git a/include/linux/indirect_call_wrapper.h b/include/linux/indirect_call_wrapper.h index c1c76a70a6ce..fe050dab55a3 100644 --- a/include/linux/indirect_call_wrapper.h +++ b/include/linux/indirect_call_wrapper.h @@ -2,7 +2,7 @@ #ifndef _LINUX_INDIRECT_CALL_WRAPPER_H #define _LINUX_INDIRECT_CALL_WRAPPER_H -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE /* * INDIRECT_CALL_$NR - wrapper for indirect calls with $NR known builtin diff --git a/include/linux/module.h b/include/linux/module.h index a98e188cf37b..d45e17fa7f98 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -883,7 +883,7 @@ static inline void module_bug_finalize(const Elf_Ehdr *hdr, static inline void module_bug_cleanup(struct module *mod) {} #endif /* CONFIG_GENERIC_BUG */ -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE extern bool retpoline_module_ok(bool has_retpoline); #else static inline bool retpoline_module_ok(bool has_retpoline) diff --git a/include/net/netfilter/nf_tables_core.h b/include/net/netfilter/nf_tables_core.h index 780a5f6ad4a6..ff27cb2e1662 100644 --- a/include/net/netfilter/nf_tables_core.h +++ b/include/net/netfilter/nf_tables_core.h @@ -93,7 +93,7 @@ extern const struct nft_set_type nft_set_bitmap_type; extern const struct nft_set_type nft_set_pipapo_type; extern const struct nft_set_type nft_set_pipapo_avx2_type; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE bool nft_rhash_lookup(const struct net *net, const struct nft_set *set, const u32 *key, const struct nft_set_ext **ext); bool nft_rbtree_lookup(const struct net *net, const struct nft_set *set, diff --git a/include/net/tc_wrapper.h b/include/net/tc_wrapper.h index a6d481b5bcbc..a13ba0326d5e 100644 --- a/include/net/tc_wrapper.h +++ b/include/net/tc_wrapper.h @@ -4,7 +4,7 @@ #include -#if IS_ENABLED(CONFIG_RETPOLINE) +#if IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) #include #include diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 43cc47d7faaf..5c88afbfbdb9 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -1193,7 +1193,7 @@ static inline u64 rb_time_stamp(struct trace_buffer *buffer) u64 ts; /* Skip retpolines :-( */ - if (IS_ENABLED(CONFIG_RETPOLINE) && likely(buffer->clock == trace_clock_local)) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && likely(buffer->clock == trace_clock_local)) ts = trace_clock_local(); else ts = buffer->clock(); diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile index d4958e7e7631..614815a3ed73 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile @@ -101,7 +101,7 @@ endif endif ifdef CONFIG_NFT_CT -ifdef CONFIG_RETPOLINE +ifdef CONFIG_MITIGATION_RETPOLINE nf_tables-objs += nft_ct_fast.o endif endif diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c index 8b536d7ef6c2..63e9c8b9f144 100644 --- a/net/netfilter/nf_tables_core.c +++ b/net/netfilter/nf_tables_core.c @@ -21,7 +21,7 @@ #include #include -#if defined(CONFIG_RETPOLINE) && defined(CONFIG_X86) +#if defined(CONFIG_MITIGATION_RETPOLINE) && defined(CONFIG_X86) static struct static_key_false nf_tables_skip_direct_calls; @@ -207,7 +207,7 @@ static void expr_call_ops_eval(const struct nft_expr *expr, struct nft_regs *regs, struct nft_pktinfo *pkt) { -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE unsigned long e; if (nf_skip_indirect_calls()) @@ -236,7 +236,7 @@ static void expr_call_ops_eval(const struct nft_expr *expr, X(e, nft_objref_map_eval); #undef X indirect_call: -#endif /* CONFIG_RETPOLINE */ +#endif /* CONFIG_MITIGATION_RETPOLINE */ expr->ops->eval(expr, regs, pkt); } diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 86bb9d7797d9..d3e66bcb2a91 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c @@ -751,7 +751,7 @@ static bool nft_ct_set_reduce(struct nft_regs_track *track, return false; } -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE static const struct nft_expr_ops nft_ct_get_fast_ops = { .type = &nft_ct_type, .size = NFT_EXPR_SIZE(sizeof(struct nft_ct)), @@ -796,7 +796,7 @@ nft_ct_select_ops(const struct nft_ctx *ctx, return ERR_PTR(-EINVAL); if (tb[NFTA_CT_DREG]) { -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE u32 k = ntohl(nla_get_be32(tb[NFTA_CT_KEY])); switch (k) { diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c index 870e5b113d13..a0055f510e31 100644 --- a/net/netfilter/nft_lookup.c +++ b/net/netfilter/nft_lookup.c @@ -24,7 +24,7 @@ struct nft_lookup { struct nft_set_binding binding; }; -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE bool nft_set_do_lookup(const struct net *net, const struct nft_set *set, const u32 *key, const struct nft_set_ext **ext) { diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c index e9eaf637220e..d577c9e1cb42 100644 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@ -2353,7 +2353,7 @@ static struct pernet_operations psched_net_ops = { .exit = psched_net_exit, }; -#if IS_ENABLED(CONFIG_RETPOLINE) +#if IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) DEFINE_STATIC_KEY_FALSE(tc_skip_wrapper); #endif diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index cc44c95c49cc..d6e157938b5f 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -262,7 +262,7 @@ ifdef CONFIG_FTRACE_MCOUNT_USE_OBJTOOL objtool-args-$(CONFIG_HAVE_OBJTOOL_NOP_MCOUNT) += --mnop endif objtool-args-$(CONFIG_UNWINDER_ORC) += --orc -objtool-args-$(CONFIG_RETPOLINE) += --retpoline +objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline objtool-args-$(CONFIG_RETHUNK) += --rethunk objtool-args-$(CONFIG_SLS) += --sls objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval diff --git a/scripts/generate_rust_target.rs b/scripts/generate_rust_target.rs index 3c6cbe2b278d..eaf524603796 100644 --- a/scripts/generate_rust_target.rs +++ b/scripts/generate_rust_target.rs @@ -155,7 +155,7 @@ fn main() { "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128", ); let mut features = "-3dnow,-3dnowa,-mmx,+soft-float".to_string(); - if cfg.has("RETPOLINE") { + if cfg.has("MITIGATION_RETPOLINE") { features += ",+retpoline-external-thunk"; } ts.push("features", features); diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index 973b5e5ae2dd..3070aa79aebd 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -1841,7 +1841,7 @@ static void add_header(struct buffer *b, struct module *mod) buf_printf(b, "\n" - "#ifdef CONFIG_RETPOLINE\n" + "#ifdef CONFIG_MITIGATION_RETPOLINE\n" "MODULE_INFO(retpoline, \"Y\");\n" "#endif\n"); diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index aeb3fbbbce46..d05158d8fe5f 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -50,7 +50,7 @@ # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) #endif -#ifdef CONFIG_RETPOLINE +#ifdef CONFIG_MITIGATION_RETPOLINE # define DISABLE_RETPOLINE 0 #else # define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \ From patchwork Tue Nov 21 16:07:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167842 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp777472vqb; Tue, 21 Nov 2023 09:13:11 -0800 (PST) X-Google-Smtp-Source: AGHT+IFOR/H/snTTNSe1K+NlKghUYxUnzdfsVBtzRlanXT7mtk5/jnlXmdTPPxdaEmt2FTIxukFL X-Received: by 2002:a17:902:e551:b0:1cf:64c9:b116 with SMTP id n17-20020a170902e55100b001cf64c9b116mr5851336plf.4.1700586791574; Tue, 21 Nov 2023 09:13:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586791; cv=none; d=google.com; s=arc-20160816; b=lUT1UdFOM8WZhAhRVL4EGN3iqSj60JGGuT2n93+KqHGDzomWrKkJsftFSeFLdLsrBL IMMAmhdHONKghVauFWMAbIxy6VOzx/eyl3+JvnqQqUYRIf/QccsnCZVf6W37fCw/NtH6 QV78DFt8nxNx5PuHlNdcrYVxiQAqPx5WA9wIS6yno4MVmmJRxELIr39vKHGCd4IMIyBW oxmqlUVdrEcs72FLR81f3RnvpMgzikqoCDraYITEX7csuGHxh07xKf2KfopsZgrRDoLO vPMTA2ksBffrZ550DbifZh2j2AChhp3iiNT9mVyiIyeg8FNBEomsV7ZI20r9MleQZZhI YcMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=ebJQJJFo7/pcaMF1DppCtjVHP/HYRDV89vhrdayN63o=; fh=8l5SRqVnh+L4hZvabDOn9k7ou5qgOTAr27ujPi5HyXI=; b=T2bVMyoZfU9hVTnVViDiQMl0K29usGHCWuKE3q/GXHvOqXlJH77TTtr9lNkynfZWRT m70T8lR8PKU7SCpzj5ey9GEH7GcbsSSKWihQUDg+uqcslqTXqYYqLENvgnoEk0PeQB8n UlD7vZ1vhboZ07uDGnxcn9v8Sh+rgyiym2+xqO7UGSHPd0lE6AiFybQOjFjfKul7et9j FZekixmHaST4lsKLiMW+gU9NEZz7npxE2vtgudsqD6+LE+BWZRqfGBOzysNCg4y/8SvV E3yXuE+wbA48ItMCOK+Fny3Iii5H3Yiplkf2IEe19LyqeyTUxectkYAUiU7PfedoA1GZ B8Qw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id c4-20020a170902d90400b001cf650128f7si3442304plz.226.2023.11.21.09.13.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:13:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 214B080244BD; Tue, 21 Nov 2023 09:13:02 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233952AbjKURMM (ORCPT + 99 others); Tue, 21 Nov 2023 12:12:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51672 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234084AbjKURMK (ORCPT ); Tue, 21 Nov 2023 12:12:10 -0500 Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 93F3612C; Tue, 21 Nov 2023 09:12:06 -0800 (PST) Received: by mail-ed1-f50.google.com with SMTP id 4fb4d7f45d1cf-548f0b7ab9eso1969591a12.3; Tue, 21 Nov 2023 09:12:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586725; x=1701191525; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ebJQJJFo7/pcaMF1DppCtjVHP/HYRDV89vhrdayN63o=; b=oKeJuf1gYZcTqTzGimi5tUkNsCS9Duz6Am7mo2Ls1JxIpREN4DuxAbQnqb/RH4OZTH GeeCXm9PhPpqgpLRAvg8Y4ZzgikZ3l4rNnodLMb01bPaX4qxXPqBohiPSl8+K+FB8iNJ oKh0qYpDjQAIdlUOS8T4toQ2mVK2PsYXDio1gHQV6gkRJGskRlLuiSQQsCOnKz9imWrQ H9MoscfWx+e4wDK7Eup8FturTLTJa48SrMipN0yrw6uhtZwbvNlDSC4eZGNVrpJCEwt2 GMUmb3qHiwShEQjZM0puqkJn1rD0vTeM/U9v7JeVKn9Ap/XU2Gf2o8sT8Zk7uC5Cx3r6 V6Xw== X-Gm-Message-State: AOJu0YyONPm8IEbqn5fa3X3YOi9X/ckVXNmuwNIwwPmiInExDmghUiw9 70NwtmqUpQFTujNY5azBv3o= X-Received: by 2002:a17:906:1011:b0:a02:8820:cfa4 with SMTP id 17-20020a170906101100b00a028820cfa4mr1723457ejm.32.1700586724955; Tue, 21 Nov 2023 09:12:04 -0800 (PST) Received: from localhost (fwdproxy-cln-017.fbsv.net. [2a03:2880:31ff:11::face:b00c]) by smtp.gmail.com with ESMTPSA id d2-20020a170906640200b0099bd7b26639sm5461362ejm.6.2023.11.21.09.12.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:04 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Steven Rostedt , Masami Hiramatsu , Mark Rutland , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , "David S. Miller" , David Ahern , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, linux-kernel@vger.kernel.org, pawan.kumar.gupta@linux.intel.com, Ingo Molnar , Peter Zijlstra , Jinghao Jia , Vincent Whitchurch , Kees Cook , linux-trace-kernel@vger.kernel.org (open list:FUNCTION HOOKS (FTRACE)), netdev@vger.kernel.org (open list:NETWORKING [IPv4/IPv6]), bpf@vger.kernel.org (open list:BPF [GENERAL] (Safe Dynamic Programs and Tools)) Subject: [PATCH v6 06/13] x86/bugs: Rename SLS to CONFIG_MITIGATION_SLS Date: Tue, 21 Nov 2023 08:07:33 -0800 Message-Id: <20231121160740.1249350-7-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:13:02 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194495789355360 X-GMAIL-MSGID: 1783194495789355360 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from SLS to MITIGATION_SLS. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/Makefile | 2 +- arch/x86/include/asm/linkage.h | 4 ++-- arch/x86/kernel/alternative.c | 4 ++-- arch/x86/kernel/ftrace.c | 3 ++- arch/x86/net/bpf_jit_comp.c | 4 ++-- scripts/Makefile.lib | 2 +- 7 files changed, 11 insertions(+), 10 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 862be9b3b216..fa246de60cdb 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2580,7 +2580,7 @@ config CPU_SRSO help Enable the SRSO mitigation needed on AMD Zen1-4 machines. -config SLS +config MITIGATION_SLS bool "Mitigate Straight-Line-Speculation" depends on CC_HAS_SLS && X86_64 select OBJTOOL if HAVE_OBJTOOL diff --git a/arch/x86/Makefile b/arch/x86/Makefile index b8d23ed059fb..5ce8c30e7701 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -205,7 +205,7 @@ ifdef CONFIG_MITIGATION_RETPOLINE endif endif -ifdef CONFIG_SLS +ifdef CONFIG_MITIGATION_SLS KBUILD_CFLAGS += -mharden-sls=all endif diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h index c5165204c66f..09e2d026df33 100644 --- a/arch/x86/include/asm/linkage.h +++ b/arch/x86/include/asm/linkage.h @@ -43,7 +43,7 @@ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define RET jmp __x86_return_thunk #else /* CONFIG_MITIGATION_RETPOLINE */ -#ifdef CONFIG_SLS +#ifdef CONFIG_MITIGATION_SLS #define RET ret; int3 #else #define RET ret @@ -55,7 +55,7 @@ #if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define ASM_RET "jmp __x86_return_thunk\n\t" #else /* CONFIG_MITIGATION_RETPOLINE */ -#ifdef CONFIG_SLS +#ifdef CONFIG_MITIGATION_SLS #define ASM_RET "ret; int3\n\t" #else #define ASM_RET "ret\n\t" diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 5ec887d065ce..b01d49862497 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -637,8 +637,8 @@ static int patch_retpoline(void *addr, struct insn *insn, u8 *bytes) /* * The compiler is supposed to EMIT an INT3 after every unconditional * JMP instruction due to AMD BTC. However, if the compiler is too old - * or SLS isn't enabled, we still need an INT3 after indirect JMPs - * even on Intel. + * or MITIGATION_SLS isn't enabled, we still need an INT3 after + * indirect JMPs even on Intel. */ if (op == JMP32_INSN_OPCODE && i < insn->length) bytes[i++] = INT3_INSN_OPCODE; diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 93bc52d4a472..70139d9d2e01 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -307,7 +307,8 @@ union ftrace_op_code_union { } __attribute__((packed)); }; -#define RET_SIZE (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS)) +#define RET_SIZE \ + (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_MITIGATION_SLS)) static unsigned long create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c index ef732f323926..96a63c4386a9 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -469,7 +469,7 @@ static void emit_indirect_jump(u8 **pprog, int reg, u8 *ip) emit_jump(&prog, &__x86_indirect_thunk_array[reg], ip); } else { EMIT2(0xFF, 0xE0 + reg); /* jmp *%\reg */ - if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_SLS)) + if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_MITIGATION_SLS)) EMIT1(0xCC); /* int3 */ } @@ -484,7 +484,7 @@ static void emit_return(u8 **pprog, u8 *ip) emit_jump(&prog, x86_return_thunk, ip); } else { EMIT1(0xC3); /* ret */ - if (IS_ENABLED(CONFIG_SLS)) + if (IS_ENABLED(CONFIG_MITIGATION_SLS)) EMIT1(0xCC); /* int3 */ } diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index d6e157938b5f..0d5461276179 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -264,7 +264,7 @@ endif objtool-args-$(CONFIG_UNWINDER_ORC) += --orc objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline objtool-args-$(CONFIG_RETHUNK) += --rethunk -objtool-args-$(CONFIG_SLS) += --sls +objtool-args-$(CONFIG_MITIGATION_SLS) += --sls objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval objtool-args-$(CONFIG_HAVE_STATIC_CALL_INLINE) += --static-call objtool-args-$(CONFIG_HAVE_UACCESS_VALIDATION) += --uaccess From patchwork Tue Nov 21 16:07:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167847 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp778143vqb; Tue, 21 Nov 2023 09:14:10 -0800 (PST) X-Google-Smtp-Source: AGHT+IHkkPHLXs2mDtJmWyo7MWUM3rq0UXKUHdN1cle4JSDkAKHCrXX50T31uiZRJP6fNqW0vCoS X-Received: by 2002:a05:6a00:93a8:b0:6be:2991:d878 with SMTP id ka40-20020a056a0093a800b006be2991d878mr10559766pfb.15.1700586849819; Tue, 21 Nov 2023 09:14:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586849; cv=none; d=google.com; s=arc-20160816; b=t0ABguavibB4JE25eE8xyhEai9DrYlczkPshiNnbbnzeqbkgPzMHrGbGbe7/K9KELF iFpCukyO2efIJMSkUUHjVHJa8LUVCNhnfxlLPhVmTXLBZ5R0CTnNNmz2ALAMk8tTm8ND lsCoLRDXo3OltknrDRvMKwoqV9uuEggTA2VVI3eg5p4oue7h6nzS2p5x2+IMfvHUxoMV VTlsGKhbld57OUQI+ljfeNM0Gf6tWu6SwVn1mTSDLzlWz4ZclZ9vzxUytdiVRuKeij/c /RdvQG/0/BwtdLtoAo2usqtNqgIMBTuPWHxGVLCtydCm1Z7D2THdA+8snR18Vc6/iS3p EI5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=+29rFi7IZ4J3EvGGeVN0SYZV9YfXsGNpNAe1Tz2Ke1w=; fh=7ZuvNP1CGxi3jsJwCl62x6arlES461BqoZ0FCyknTLg=; b=ps2vOx/vmrHXcotj57qzBIso13soUmc6toCAmgyfPNVyEstGL8TFCAnoJ7AgBibNek Wgi226jQQwPChnU/nHh2aMFOGErMT+c5PEpeKGejACPy0eRFRl9XYgOJL5sgdSLC9q4e eemqdPaRChoIO0nkiHBtDIDNJeX74jK2XAUKojabKs5nDh+zDuWnyfYU3N2kx9aQ7iqZ hxf3bE21JY8mREG+hJSea2CPftabliDjaVWuP/oBhma91tgiO7WP8H7RERQ5t5QBYIgJ d4MgpW63efhvWun9Xt6BiXlgXxuQvzycakf95bsQ5FdYgkwxfgsz9WZmlnCTGc3lJjRW J96A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id p17-20020a635b11000000b005c1b2d6aa3esi10518858pgb.355.2023.11.21.09.14.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:14:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 1666C80C6EA2; Tue, 21 Nov 2023 09:14:03 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234037AbjKURM3 (ORCPT + 99 others); Tue, 21 Nov 2023 12:12:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34890 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234084AbjKURM1 (ORCPT ); Tue, 21 Nov 2023 12:12:27 -0500 Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com [209.85.208.45]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 34011D1 for ; Tue, 21 Nov 2023 09:12:22 -0800 (PST) Received: by mail-ed1-f45.google.com with SMTP id 4fb4d7f45d1cf-548d1f8b38bso3173663a12.3 for ; Tue, 21 Nov 2023 09:12:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586740; x=1701191540; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+29rFi7IZ4J3EvGGeVN0SYZV9YfXsGNpNAe1Tz2Ke1w=; b=g6aYA+ApU8U0YC/nGvApxHorw49i9u1WDhoGUFDpl3r9yHwvAD3le5V+bBCw37R8us rvkc5/TymbAmOT1Mqhi1mDhclust9gDxL25dEkRirhH/iB2kqBIGCyJ1gmzEkfBRyVI+ 9sK4Rmj2tH/W514E4xa9GBBAFIYSzrq22jiglHZIGKjIFxQqla5an+96H835iz//V5aM 3dZBlR+BxYRhiXJCyZCbx6z47YdpGvBrkIq2IPN6E7I9+CeDkaByPrhbHCNZPFT0idFt xKrLrYXYAfxL/VJIIgTlxCiU7069gQMAxFIIME2rg/eZvdfztFjEUg4NIp6jf6WVWewK BJCw== X-Gm-Message-State: AOJu0Yw+66nSvQFSycPEQqo/4DLDbNlmRSOkyhYrfsq1PBGJDBrv/1Gs A0bDXl5JWYroNbJQ0M4Di6E= X-Received: by 2002:a17:906:11:b0:9cc:450c:b0d5 with SMTP id 17-20020a170906001100b009cc450cb0d5mr8260806eja.4.1700586740457; Tue, 21 Nov 2023 09:12:20 -0800 (PST) Received: from localhost (fwdproxy-cln-116.fbsv.net. [2a03:2880:31ff:74::face:b00c]) by smtp.gmail.com with ESMTPSA id cm28-20020a170906f59c00b009fcb5fcfbe6sm3290557ejd.220.2023.11.21.09.12.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:20 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, linux-kernel@vger.kernel.org, "Mike Rapoport (IBM)" , Rick Edgecombe , Juergen Gross , "Kirill A. Shutemov" , Kim Phillips , Ingo Molnar , Alexey Kardashevskiy , Petr Pavlu , Song Liu , Arnaldo Carvalho de Melo Subject: [PATCH v6 07/13] x86/bugs: Rename CPU_UNRET_ENTRY to MITIGATION_UNRET_ENTRY Date: Tue, 21 Nov 2023 08:07:34 -0800 Message-Id: <20231121160740.1249350-8-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:14:03 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194557109887423 X-GMAIL-MSGID: 1783194557109887423 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_UNRET_ENTRY to MITIGATION_UNRET_ENTRY. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/nospec-branch.h | 6 +++--- arch/x86/kernel/cpu/amd.c | 2 +- arch/x86/kernel/cpu/bugs.c | 6 +++--- arch/x86/kernel/vmlinux.lds.S | 2 +- arch/x86/lib/retpoline.S | 10 +++++----- include/linux/objtool.h | 2 +- scripts/Makefile.vmlinux_o | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 10 files changed, 18 insertions(+), 18 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index fa246de60cdb..fa078d3655ff 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2519,7 +2519,7 @@ config RETHUNK Requires a compiler with -mfunction-return=thunk-extern support for full protection. The kernel may run slower. -config CPU_UNRET_ENTRY +config MITIGATION_UNRET_ENTRY bool "Enable UNRET on kernel entry" depends on CPU_SUP_AMD && RETHUNK && X86_64 default y diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 24e4010c33b6..151f0d50e7e0 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -63,7 +63,7 @@ # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY # define DISABLE_UNRET 0 #else # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index cab7c937c71b..e25e98f012a3 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -212,7 +212,7 @@ */ .macro VALIDATE_UNRET_END #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) ANNOTATE_RETPOLINE_SAFE nop #endif @@ -271,7 +271,7 @@ .Lskip_rsb_\@: .endm -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) #define CALL_UNTRAIN_RET "call entry_untrain_ret" #else #define CALL_UNTRAIN_RET "" @@ -334,7 +334,7 @@ extern void __x86_return_thunk(void); static inline void __x86_return_thunk(void) {} #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY extern void retbleed_return_thunk(void); #else static inline void retbleed_return_thunk(void) {} diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index a7eab05e5f29..8d38299cec83 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -943,7 +943,7 @@ static void init_amd_bd(struct cpuinfo_x86 *c) void init_spectral_chicken(struct cpuinfo_x86 *c) { -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY u64 value; /* diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index fc46fd6447f9..2580368c32d1 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -982,10 +982,10 @@ static void __init retbleed_select_mitigation(void) return; case RETBLEED_CMD_UNRET: - if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) { + if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) { retbleed_mitigation = RETBLEED_MITIGATION_UNRET; } else { - pr_err("WARNING: kernel not compiled with CPU_UNRET_ENTRY.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_UNRET_ENTRY.\n"); goto do_cmd_auto; } break; @@ -1021,7 +1021,7 @@ static void __init retbleed_select_mitigation(void) case RETBLEED_CMD_AUTO: if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD || boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) { - if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) + if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) retbleed_mitigation = RETBLEED_MITIGATION_UNRET; else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 985984919d81..d7ee79b6756f 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -517,7 +517,7 @@ INIT_PER_CPU(irq_stack_backing_store); "fixed_percpu_data is not at start of per-cpu area"); #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY . = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned"); #endif diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index ff46f48a0cc4..0ad67ccadd4c 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -230,7 +230,7 @@ SYM_CODE_END(srso_return_thunk) #define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2" #endif /* CONFIG_CPU_SRSO */ -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY /* * Some generic notes on the untraining sequences: @@ -312,11 +312,11 @@ SYM_CODE_END(retbleed_return_thunk) SYM_FUNC_END(retbleed_untrain_ret) #define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret" -#else /* !CONFIG_CPU_UNRET_ENTRY */ +#else /* !CONFIG_MITIGATION_UNRET_ENTRY */ #define JMP_RETBLEED_UNTRAIN_RET "ud2" -#endif /* CONFIG_CPU_UNRET_ENTRY */ +#endif /* CONFIG_MITIGATION_UNRET_ENTRY */ -#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) SYM_FUNC_START(entry_untrain_ret) ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \ @@ -325,7 +325,7 @@ SYM_FUNC_START(entry_untrain_ret) SYM_FUNC_END(entry_untrain_ret) __EXPORT_THUNK(entry_untrain_ret) -#endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */ +#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_CPU_SRSO */ #ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING diff --git a/include/linux/objtool.h b/include/linux/objtool.h index 33212e93f4a6..d030671a4c49 100644 --- a/include/linux/objtool.h +++ b/include/linux/objtool.h @@ -131,7 +131,7 @@ */ .macro VALIDATE_UNRET_BEGIN #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) .Lhere_\@: .pushsection .discard.validate_unret .long .Lhere_\@ - . diff --git a/scripts/Makefile.vmlinux_o b/scripts/Makefile.vmlinux_o index 25b3b587d37c..6277dbd730bb 100644 --- a/scripts/Makefile.vmlinux_o +++ b/scripts/Makefile.vmlinux_o @@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION)) vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y) vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \ - $(if $(or $(CONFIG_CPU_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) + $(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) objtool-args = $(vmlinux-objtool-args-y) --link diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index d05158d8fe5f..4b816f55c634 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -63,7 +63,7 @@ # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) #endif -#ifdef CONFIG_CPU_UNRET_ENTRY +#ifdef CONFIG_MITIGATION_UNRET_ENTRY # define DISABLE_UNRET 0 #else # define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) From patchwork Tue Nov 21 16:07:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167841 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp777395vqb; Tue, 21 Nov 2023 09:13:05 -0800 (PST) X-Google-Smtp-Source: AGHT+IFAmPKnjZOKoFRTklcQo+ImfqH+8lVYNuy4r6M5azF2UhRir657qjVYKoTo1cMpFlRNpbQZ X-Received: by 2002:a05:6a20:3c8e:b0:189:bde9:9cbb with SMTP id b14-20020a056a203c8e00b00189bde99cbbmr9827977pzj.11.1700586785458; Tue, 21 Nov 2023 09:13:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586785; cv=none; d=google.com; s=arc-20160816; b=h6ecRDggF0gOiLnJgcfEjXRRFI6oXiexlRWXa95zgqxBf9+rPNlmF5XGV83znFs+OH jk79IONcaUgVcLqFNBfC0DeDpB+TouT1ZArXZOWrBOvlt0FsuzexbSIyVMfT8wtqLoxm n/mUdfRRMrrHkHSyV/RVh94/Pc70SqDPvuCh1tNYk7mkWOkgAxZ4PDhsXUPb9La4FPtb 5tUDjByAKUV6quwCvGyK5RQO2nVAo3fh0C+7W8WcMrR9nV8nldjUAcvDNUof0IBBQlLt z2bDc/scBIPlEQXb5gUOg40WIhKojqRPCF6SsWHQuwLBTfigx1hhNnv5uLn94Lb8MuPs zdgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=jxW+vd4Gib/Bhd3cLzzpB/nRoSJ1TOI/3RxosIZWZPM=; fh=frWHIxvg0FpJXq2MlP/Sjuu1HBKUBSteApddVjeD8Vo=; b=vaZB8ma/7TdMNGMsL069icvCe1CRGYrt8htIf+8g0XmO6YUn5d6e8+a1RdSuS7mL67 gj9FLoOlyjUuIyc+Pt6LrhEcqP5lNU1teB41Dc3FTsxeHSuMHgrboeKu3Ft4pu2KNkNk 6VMmoXXH2kmBLbQ5p97GLyK48GD4KXl+Gv1z7hGmaCIkYy0KGMYR88q6LbThuUm/FFmF 2QcmQ4z6+1W50IdSkDSUwTgqOIEIgpLTuWUYPE/0rG7nP71IP65EdHKUoaWapppFio6f O4TSmBdTjmsiqP1/KLBwvtn3xLtMuFL+PUD7ph5sIx4rRwCgKePmxM7IPzuGkrFUr7ds AHhA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id g6-20020aa79f06000000b006cbc1f9b4e0si1208550pfr.261.2023.11.21.09.13.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:13:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id B502D8031E40; Tue, 21 Nov 2023 09:12:49 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234176AbjKURMc (ORCPT + 99 others); Tue, 21 Nov 2023 12:12:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34916 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234150AbjKURM1 (ORCPT ); Tue, 21 Nov 2023 12:12:27 -0500 Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com [209.85.218.47]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 99ACDD4F for ; Tue, 21 Nov 2023 09:12:23 -0800 (PST) Received: by mail-ej1-f47.google.com with SMTP id a640c23a62f3a-a00a9c6f1e9so245422966b.3 for ; Tue, 21 Nov 2023 09:12:23 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586742; x=1701191542; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jxW+vd4Gib/Bhd3cLzzpB/nRoSJ1TOI/3RxosIZWZPM=; b=dvTd33Ohgugo7MocB0PjfreHakXGAWdcbk4Opk4r1+0PFtsW1EkpxFDvfuRjpmH/pc NS+te2R/jGwM14P2VE6RB51RdQ+hfdVwpceEAFeRbzYANnbR7oI/LcfHJZuRsTt2z/S1 dHuBSAMjyH7iGZisjIIZWCBC7TwWrc7G37qyNVNwrYP4DxBsVZOVOqmI5IxZTDwmO0RK F/tYwB8b+4MqzCbQb0vLbDeLnA6B08sG+/GOHMe1TYfv4Xs79Sx4dj2nep5a2VWjSaEe +/VYQcqQDqLmDQgFEcxGbMy7op7JV5Ei/bjyg/a5aO33wshFvdNzAtWs6iHx27i5MNFR iMtQ== X-Gm-Message-State: AOJu0YwzsdmROf/b0XAabUT2WEVPSDoOtmKHKoWgIM/z7QmXRCaT10si L5LCSJ2dxeM3qjTLTSJDcgM= X-Received: by 2002:a17:906:ecef:b0:a03:9b32:d8a2 with SMTP id qt15-20020a170906ecef00b00a039b32d8a2mr337533ejb.60.1700586742023; Tue, 21 Nov 2023 09:12:22 -0800 (PST) Received: from localhost (fwdproxy-cln-000.fbsv.net. [2a03:2880:31ff::face:b00c]) by smtp.gmail.com with ESMTPSA id i3-20020a1709061cc300b009a1a653770bsm5424753ejh.87.2023.11.21.09.12.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:21 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org Subject: [PATCH v6 08/13] x86/bugs: Rename CPU_IBRS_ENTRY to MITIGATION_IBRS_ENTRY Date: Tue, 21 Nov 2023 08:07:35 -0800 Message-Id: <20231121160740.1249350-9-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:12:50 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194489067327331 X-GMAIL-MSGID: 1783194489067327331 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_IBRS_ENTRY to MITIGATION_IBRS_ENTRY. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/entry/calling.h | 4 ++-- arch/x86/kernel/cpu/bugs.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index fa078d3655ff..392e94fded3d 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2564,7 +2564,7 @@ config MITIGATION_IBPB_ENTRY help Compile the kernel with support for the retbleed=ibpb mitigation. -config CPU_IBRS_ENTRY +config MITIGATION_IBRS_ENTRY bool "Enable IBRS on kernel entry" depends on CPU_SUP_INTEL && X86_64 default y diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index ace89d5c1ddd..2afdff42c107 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -297,7 +297,7 @@ For 32-bit we have the following conventions - kernel is built with * Assumes x86_spec_ctrl_{base,current} to have SPEC_CTRL_IBRS set. */ .macro IBRS_ENTER save_reg -#ifdef CONFIG_CPU_IBRS_ENTRY +#ifdef CONFIG_MITIGATION_IBRS_ENTRY ALTERNATIVE "jmp .Lend_\@", "", X86_FEATURE_KERNEL_IBRS movl $MSR_IA32_SPEC_CTRL, %ecx @@ -326,7 +326,7 @@ For 32-bit we have the following conventions - kernel is built with * regs. Must be called after the last RET. */ .macro IBRS_EXIT save_reg -#ifdef CONFIG_CPU_IBRS_ENTRY +#ifdef CONFIG_MITIGATION_IBRS_ENTRY ALTERNATIVE "jmp .Lend_\@", "", X86_FEATURE_KERNEL_IBRS movl $MSR_IA32_SPEC_CTRL, %ecx diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 2580368c32d1..e11bacbd8f39 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1439,7 +1439,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) return SPECTRE_V2_CMD_AUTO; } - if (cmd == SPECTRE_V2_CMD_IBRS && !IS_ENABLED(CONFIG_CPU_IBRS_ENTRY)) { + if (cmd == SPECTRE_V2_CMD_IBRS && !IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY)) { pr_err("%s selected but not compiled in. Switching to AUTO select\n", mitigation_options[i].option); return SPECTRE_V2_CMD_AUTO; @@ -1565,7 +1565,7 @@ static void __init spectre_v2_select_mitigation(void) break; } - if (IS_ENABLED(CONFIG_CPU_IBRS_ENTRY) && + if (IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY) && boot_cpu_has_bug(X86_BUG_RETBLEED) && retbleed_cmd != RETBLEED_CMD_OFF && retbleed_cmd != RETBLEED_CMD_STUFF && From patchwork Tue Nov 21 16:07:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167840 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp777317vqb; Tue, 21 Nov 2023 09:12:57 -0800 (PST) X-Google-Smtp-Source: AGHT+IEoGj5Nk+TknwXSHha0ZDWarj5HZ8M7b7WdS5EN0+TV+ZEeDcEUgEoJe36Xdxulhmye8nid X-Received: by 2002:a05:6a20:8f14:b0:187:f7d3:fdd with SMTP id b20-20020a056a208f1400b00187f7d30fddmr10782989pzk.56.1700586777321; Tue, 21 Nov 2023 09:12:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586777; cv=none; d=google.com; s=arc-20160816; b=bDA8FTOL9C0DIgVmJUl5CL/5KeaD60tt0+FzjV/1DE6DztjXGn5a2XgdLV871I79xF LBHwj0G5XNho2mOI0tTIIghNoRwquCueZnlr0UEFzDLM3U30agC9QxxR7sTw7wrDil5l GmtM5y/goRHZi5pV/uY4PNseR9Ji1EzQ0Fd2bM8PAGx0NAZ+n6kmujolmvpJsMGamlYY ZJvbU6fLCb9s+SOf81RROg3GxpC6oStEqdZg2Hxz+LoDL6VeGAaStEFRN7+czm1QVxnf 6aTtLVmFeszsoeWYoS74MNDEDB6On6qBk9FyMTHnGPW+z9z+SWJeNU0TSdaObwRq06E8 9MZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Dj1Fm2Z6ibOj2G6AWI6Ibd2txGpzCjio2XWTXOBhKHc=; fh=0KRVc+UvDAtUPXD19j3rtVe4WAJYwjX5a93qCx2T5Nw=; b=srpekeGBhWe/++MIiD9XAwQ3mMRjFpMl5FYlsGNNwvw1se50Jfe7VLwRl/HQ78f1ew /SvwpUUiJgsYIxErUTVaXccVT2nz/7HnZj+3Y9VhfHaWE3hQhN94IJzwM5+PVDHWMSzR B3KOVtscpTCzKr/JQKRuUILdlVXk0sRE+qSzcHFYqFtE1tIF9V2rO3oJ59KZ20flr4za OmrviciS0CXGRC8//CD47oa/tqjXcrHmsHRfeKqfPtozCIEYPfaomDEg55SunJSAjXqt Glq3mvme7kqSrOvj0S1q7HP9CI3QDgyjekdAv9D6r5sQ/7oEyGbvR7B0gbE5AvvDgvow Veaw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id j4-20020a056a00130400b006bca1246564si10637548pfu.271.2023.11.21.09.12.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 6FAEC80C8425; Tue, 21 Nov 2023 09:12:54 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234310AbjKURMp (ORCPT + 99 others); Tue, 21 Nov 2023 12:12:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234308AbjKURMk (ORCPT ); Tue, 21 Nov 2023 12:12:40 -0500 Received: from mail-ej1-f51.google.com (mail-ej1-f51.google.com [209.85.218.51]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F6DDD5E for ; Tue, 21 Nov 2023 09:12:30 -0800 (PST) Received: by mail-ej1-f51.google.com with SMTP id a640c23a62f3a-a02ba1f500fso102302566b.0 for ; Tue, 21 Nov 2023 09:12:29 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586748; x=1701191548; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Dj1Fm2Z6ibOj2G6AWI6Ibd2txGpzCjio2XWTXOBhKHc=; b=dgOU+zphwEdIQN9Zruij3Lts3NzKrGJwL6Xya6o2EPs+/GqLQc6N1sxPV0sZPLOSFo PyzpjU6zABGdA4OWq4m/NoxMxBR+oc3Fhmpw2+WDd7W8TbGHR+EZH/oN5xkYzbaZsxLb 7xlxKHfgPLQW02gVVMZ9TgZXfReDOcb2O5vp/nL00fNWg4onEcy4wsJQuJTHJNdzIzHF yOwixqYitdg/CWUYp1skiSPZR64x5HaxSW9EHU3uYDh76Mcl379spHT+ew/9lOkmkPW4 s1Hol5LztfYJ+EtvM3MTJDq6T28q1AfX4kdmz55mDNj1Zr56OXFwNlgAaTyxBdZC3AdS acYQ== X-Gm-Message-State: AOJu0YxBF67eCYSP+UlfY0iWkTvMI8XKp0WpcFc/1H8pHnpnGwH4Ax04 MZZxyZZqwqyARf800exBcP7UEsbeWawYYCWe X-Received: by 2002:a17:906:1005:b0:9d3:e48f:30d3 with SMTP id 5-20020a170906100500b009d3e48f30d3mr8595051ejm.31.1700586748379; Tue, 21 Nov 2023 09:12:28 -0800 (PST) Received: from localhost (fwdproxy-cln-120.fbsv.net. [2a03:2880:31ff:78::face:b00c]) by smtp.gmail.com with ESMTPSA id y5-20020a170906524500b009e6cedc8bf5sm5454082ejm.29.2023.11.21.09.12.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:28 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, linux-kernel@vger.kernel.org, Ingo Molnar , Petr Pavlu , Song Liu Subject: [PATCH v6 09/13] x86/bugs: Rename CPU_SRSO to MITIGATION_SRSO Date: Tue, 21 Nov 2023 08:07:36 -0800 Message-Id: <20231121160740.1249350-10-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:12:54 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194480375727437 X-GMAIL-MSGID: 1783194480375727437 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from CPU_SRSO to MITIGATION_SRSO. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 2 +- arch/x86/include/asm/nospec-branch.h | 6 +++--- arch/x86/kernel/cpu/bugs.c | 8 ++++---- arch/x86/kernel/vmlinux.lds.S | 4 ++-- arch/x86/lib/retpoline.S | 10 +++++----- include/linux/objtool.h | 2 +- scripts/Makefile.vmlinux_o | 2 +- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 392e94fded3d..30c2f880caf9 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2573,7 +2573,7 @@ config MITIGATION_IBRS_ENTRY This mitigates both spectre_v2 and retbleed at great cost to performance. -config CPU_SRSO +config MITIGATION_SRSO bool "Mitigate speculative RAS overflow on AMD" depends on CPU_SUP_AMD && X86_64 && RETHUNK default y diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index e25e98f012a3..9ea93a298a43 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -212,7 +212,7 @@ */ .macro VALIDATE_UNRET_END #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO)) ANNOTATE_RETPOLINE_SAFE nop #endif @@ -271,7 +271,7 @@ .Lskip_rsb_\@: .endm -#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO) #define CALL_UNTRAIN_RET "call entry_untrain_ret" #else #define CALL_UNTRAIN_RET "" @@ -340,7 +340,7 @@ extern void retbleed_return_thunk(void); static inline void retbleed_return_thunk(void) {} #endif -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO extern void srso_return_thunk(void); extern void srso_alias_return_thunk(void); #else diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index e11bacbd8f39..f2775417bda2 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -2458,7 +2458,7 @@ static void __init srso_select_mitigation(void) break; case SRSO_CMD_SAFE_RET: - if (IS_ENABLED(CONFIG_CPU_SRSO)) { + if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) { /* * Enable the return thunk for generated code * like ftrace, static_call, etc. @@ -2478,7 +2478,7 @@ static void __init srso_select_mitigation(void) else srso_mitigation = SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED; } else { - pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n"); } break; @@ -2494,13 +2494,13 @@ static void __init srso_select_mitigation(void) break; case SRSO_CMD_IBPB_ON_VMEXIT: - if (IS_ENABLED(CONFIG_CPU_SRSO)) { + if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) { if (!boot_cpu_has(X86_FEATURE_ENTRY_IBPB) && has_microcode) { setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT); srso_mitigation = SRSO_MITIGATION_IBPB_ON_VMEXIT; } } else { - pr_err("WARNING: kernel not compiled with CPU_SRSO.\n"); + pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n"); } break; } diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index d7ee79b6756f..8d1143ab05b7 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -142,7 +142,7 @@ SECTIONS *(.text..__x86.rethunk_untrain) ENTRY_TEXT -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO /* * See the comment above srso_alias_untrain_ret()'s * definition. @@ -521,7 +521,7 @@ INIT_PER_CPU(irq_stack_backing_store); . = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned"); #endif -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO . = ASSERT((srso_safe_ret & 0x3f) == 0, "srso_safe_ret not cacheline-aligned"); /* * GNU ld cannot do XOR until 2.41. diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 0ad67ccadd4c..67b52cbec648 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -138,7 +138,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) */ .section .text..__x86.return_thunk -#ifdef CONFIG_CPU_SRSO +#ifdef CONFIG_MITIGATION_SRSO /* * srso_alias_untrain_ret() and srso_alias_safe_ret() are placed at @@ -225,10 +225,10 @@ SYM_CODE_END(srso_return_thunk) #define JMP_SRSO_UNTRAIN_RET "jmp srso_untrain_ret" #define JMP_SRSO_ALIAS_UNTRAIN_RET "jmp srso_alias_untrain_ret" -#else /* !CONFIG_CPU_SRSO */ +#else /* !CONFIG_MITIGATION_SRSO */ #define JMP_SRSO_UNTRAIN_RET "ud2" #define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2" -#endif /* CONFIG_CPU_SRSO */ +#endif /* CONFIG_MITIGATION_SRSO */ #ifdef CONFIG_MITIGATION_UNRET_ENTRY @@ -316,7 +316,7 @@ SYM_FUNC_END(retbleed_untrain_ret) #define JMP_RETBLEED_UNTRAIN_RET "ud2" #endif /* CONFIG_MITIGATION_UNRET_ENTRY */ -#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) +#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO) SYM_FUNC_START(entry_untrain_ret) ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \ @@ -325,7 +325,7 @@ SYM_FUNC_START(entry_untrain_ret) SYM_FUNC_END(entry_untrain_ret) __EXPORT_THUNK(entry_untrain_ret) -#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_CPU_SRSO */ +#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_MITIGATION_SRSO */ #ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING diff --git a/include/linux/objtool.h b/include/linux/objtool.h index d030671a4c49..b3b8d3dab52d 100644 --- a/include/linux/objtool.h +++ b/include/linux/objtool.h @@ -131,7 +131,7 @@ */ .macro VALIDATE_UNRET_BEGIN #if defined(CONFIG_NOINSTR_VALIDATION) && \ - (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)) + (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO)) .Lhere_\@: .pushsection .discard.validate_unret .long .Lhere_\@ - . diff --git a/scripts/Makefile.vmlinux_o b/scripts/Makefile.vmlinux_o index 6277dbd730bb..6de297916ce6 100644 --- a/scripts/Makefile.vmlinux_o +++ b/scripts/Makefile.vmlinux_o @@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION)) vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y) vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \ - $(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret) + $(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_MITIGATION_SRSO)), --unret) objtool-args = $(vmlinux-objtool-args-y) --link From patchwork Tue Nov 21 16:07:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167843 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp777484vqb; Tue, 21 Nov 2023 09:13:12 -0800 (PST) X-Google-Smtp-Source: AGHT+IE2ejLKEy6fgC4eabVVoL76VzdDzk0U1dCqkzs/eg9Bzo63xfpqg4JjMRIIYbHojEm6X6C1 X-Received: by 2002:a05:6a21:3286:b0:18a:e802:f7aa with SMTP id yt6-20020a056a21328600b0018ae802f7aamr2436697pzb.16.1700586792202; Tue, 21 Nov 2023 09:13:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586792; cv=none; d=google.com; s=arc-20160816; b=IfJk8RcKtKXTaBwClRT8tEFFSYmfvVPQ+QlWotUqZbTEoaRk5oTDl6rA+jrLJ41FoJ X2euObgs3CyDdPCpWwhODx22LIgwJL7GbyjPSyRBgT5R6SX7pyN/abcTBW0g8L236QBH fLdwZoxptbgBLm0nT3NflhLBQ3eB/ducdKB35PdCYBQgGV7y5Lf4xK1QOFqbv+QKnwwk 8oARQVfsHR2uLA2eZLEju4OsfjSWw+uzVCJVehZdiAAsihF/MymAqfrIShsFYcEVJLM7 l7QBHz0GtbORwTHkKF1OMyIu4ExMCXxfMh+PvxQwDqSZfiaookpCkhTSrdqIVqBj0LB+ bN6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=JHltNgoy4OLUCP42HJewI+Ou2KeBs8Yuv+VLShM29rY=; fh=Etx2oHYIqiJhrbG482w0533xTZh9Vnr9sY+FhBesKa0=; b=lbT/WpH2yfxc1sg4SQZ6pFlmK2j3NxGto4uwYjWGinAEBFF8czx4BTkJb02qtSxqUn 0Yk6dtYkcrQQ8uf9HwvTqQ/Tm14mFzi0/rfTsdZXyTAoS7ZkwXkGPtPOv7f6oPpc8fdx hGi0CmT40QFd4EkQgZPtIcl3m+zv/SZSI+cy2YKSZSSDzyfQVYmIhaFaJcIfcfSScqX5 Xcobm1kCm3cTFS26D9pfCWGEdeZK4j9IwUCJvFBLmi7McHcF7/vVBtk1tzfL1eYvE6kg tVQndruokC0ErZrEgFStOu6wZcEBILmMZ55Lmkz6haV+HEnJE0N2+aeCWID+CUaHnDD6 Ns3g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id d21-20020a056a0024d500b006cb703c1f4dsi6466669pfv.236.2023.11.21.09.13.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:13:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 3D03B80CCD01; Tue, 21 Nov 2023 09:13:03 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234267AbjKURM7 (ORCPT + 99 others); Tue, 21 Nov 2023 12:12:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50430 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234273AbjKURMy (ORCPT ); Tue, 21 Nov 2023 12:12:54 -0500 Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BA8C9D7E for ; Tue, 21 Nov 2023 09:12:46 -0800 (PST) Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-5437d60fb7aso8450211a12.3 for ; Tue, 21 Nov 2023 09:12:46 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586765; x=1701191565; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JHltNgoy4OLUCP42HJewI+Ou2KeBs8Yuv+VLShM29rY=; b=ihwL3iMdYzCWNcMGb7PQjJNyDGQf4E/rq2kOSi3adiiRlnrP++FsQevbdeMqR8ClFk b5siliwZHNzJYDSZ2kKfLSyAlWhTL0ERJTWlzRWUN5uhUtEoUsFpqFpg9LUGytGTP+xT RUcdFsNgPLQOJbMwn1hMiRhSS3UCz2R/f5J9e2NwyZw0Kadq7yAiynYE6sTE2Jg5aVnR ZrMla5cQK/en6N0TLgnFxYL6L+bhSlFLK5Cn5XCJbgI8UE7YCWpoNUTNqebmya9oWCSs A4XOdRGWyMXmA5uZ2qlBe53Vh23WGc0Dhmf82ebHxXdtQ3JHHibfk3PYa31dq0umV5Ud T0VA== X-Gm-Message-State: AOJu0YxKm2yQyyNbeWGJhxooTnVeJMQQxqvddqFG3A1Gq6clSb//DPAy qoI/dn6LUdnyO/aO+cjp8S0= X-Received: by 2002:a05:6402:124a:b0:544:fc51:cd9f with SMTP id l10-20020a056402124a00b00544fc51cd9fmr2033103edw.42.1700586765171; Tue, 21 Nov 2023 09:12:45 -0800 (PST) Received: from localhost (fwdproxy-cln-015.fbsv.net. [2a03:2880:31ff:f::face:b00c]) by smtp.gmail.com with ESMTPSA id n10-20020aa7db4a000000b005489dbe8ed3sm3122834edt.4.2023.11.21.09.12.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:44 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta , Jason Baron , Steven Rostedt , Ard Biesheuvel , Masahiro Yamada , Nathan Chancellor , Nick Desaulniers , Nicolas Schier Cc: leit@meta.com, linux-kernel@vger.kernel.org, Ingo Molnar , Lukas Bulwahn , Sven Joachim , Ian Kent , Yu-cheng Yu , Kees Cook , Rick Edgecombe , Kim Phillips , Juergen Gross , "Kirill A. Shutemov" , Andrew Cooper , Randy Dunlap , Jinghao Jia , Vincent Whitchurch , Arnaldo Carvalho de Melo Subject: [PATCH v6 10/13] x86/bugs: Rename RETHUNK to MITIGATION_RETHUNK Date: Tue, 21 Nov 2023 08:07:37 -0800 Message-Id: <20231121160740.1249350-11-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:13:03 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194496312106038 X-GMAIL-MSGID: 1783194496312106038 CPU mitigations config entries are inconsistent, and names are hard to related. There are concrete benefits for both users and developers of having all the mitigation config options living in the same config namespace. The mitigation options should have consistency and start with MITIGATION. Rename the Kconfig entry from RETHUNK to MITIGATION_RETHUNK. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 8 ++++---- arch/x86/Makefile | 2 +- arch/x86/configs/i386_defconfig | 2 +- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/linkage.h | 4 ++-- arch/x86/include/asm/nospec-branch.h | 4 ++-- arch/x86/include/asm/static_call.h | 2 +- arch/x86/kernel/alternative.c | 4 ++-- arch/x86/kernel/static_call.c | 2 +- arch/x86/lib/retpoline.S | 4 ++-- scripts/Makefile.lib | 2 +- tools/arch/x86/include/asm/disabled-features.h | 2 +- 12 files changed, 19 insertions(+), 19 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 30c2f880caf9..ee939de1bb05 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2465,7 +2465,7 @@ config FINEIBT config HAVE_CALL_THUNKS def_bool y - depends on CC_HAS_ENTRY_PADDING && RETHUNK && OBJTOOL + depends on CC_HAS_ENTRY_PADDING && MITIGATION_RETHUNK && OBJTOOL config CALL_THUNKS def_bool n @@ -2508,7 +2508,7 @@ config MITIGATION_RETPOLINE branches. Requires a compiler with -mindirect-branch=thunk-extern support for full protection. The kernel may run slower. -config RETHUNK +config MITIGATION_RETHUNK bool "Enable return-thunks" depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK select OBJTOOL if HAVE_OBJTOOL @@ -2521,7 +2521,7 @@ config RETHUNK config MITIGATION_UNRET_ENTRY bool "Enable UNRET on kernel entry" - depends on CPU_SUP_AMD && RETHUNK && X86_64 + depends on CPU_SUP_AMD && MITIGATION_RETHUNK && X86_64 default y help Compile the kernel with support for the retbleed=unret mitigation. @@ -2575,7 +2575,7 @@ config MITIGATION_IBRS_ENTRY config MITIGATION_SRSO bool "Mitigate speculative RAS overflow on AMD" - depends on CPU_SUP_AMD && X86_64 && RETHUNK + depends on CPU_SUP_AMD && X86_64 && MITIGATION_RETHUNK default y help Enable the SRSO mitigation needed on AMD Zen1-4 machines. diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 5ce8c30e7701..ba046afb850e 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -22,7 +22,7 @@ RETPOLINE_VDSO_CFLAGS := -mretpoline endif RETPOLINE_CFLAGS += $(call cc-option,-mindirect-branch-cs-prefix) -ifdef CONFIG_RETHUNK +ifdef CONFIG_MITIGATION_RETHUNK RETHUNK_CFLAGS := -mfunction-return=thunk-extern RETPOLINE_CFLAGS += $(RETHUNK_CFLAGS) endif diff --git a/arch/x86/configs/i386_defconfig b/arch/x86/configs/i386_defconfig index 73abbbdd26f8..91801138b10b 100644 --- a/arch/x86/configs/i386_defconfig +++ b/arch/x86/configs/i386_defconfig @@ -42,7 +42,7 @@ CONFIG_EFI_STUB=y CONFIG_HZ_1000=y CONFIG_KEXEC=y CONFIG_CRASH_DUMP=y -# CONFIG_RETHUNK is not set +# CONFIG_MITIGATION_RETHUNK is not set CONFIG_HIBERNATION=y CONFIG_PM_DEBUG=y CONFIG_PM_TRACE_RTC=y diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 151f0d50e7e0..36d0c1e05e60 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -57,7 +57,7 @@ (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31))) #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK # define DISABLE_RETHUNK 0 #else # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h index 09e2d026df33..dc31b13b87a0 100644 --- a/arch/x86/include/asm/linkage.h +++ b/arch/x86/include/asm/linkage.h @@ -40,7 +40,7 @@ #ifdef __ASSEMBLY__ -#if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) +#if defined(CONFIG_MITIGATION_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define RET jmp __x86_return_thunk #else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_MITIGATION_SLS @@ -52,7 +52,7 @@ #else /* __ASSEMBLY__ */ -#if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) +#if defined(CONFIG_MITIGATION_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO) #define ASM_RET "jmp __x86_return_thunk\n\t" #else /* CONFIG_MITIGATION_RETPOLINE */ #ifdef CONFIG_MITIGATION_SLS diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h index 9ea93a298a43..33f76848c838 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h @@ -289,7 +289,7 @@ * where we have a stack but before any RET instruction. */ .macro __UNTRAIN_RET ibpb_feature, call_depth_insns -#if defined(CONFIG_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY) +#if defined(CONFIG_MITIGATION_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY) VALIDATE_UNRET_END ALTERNATIVE_3 "", \ CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ @@ -328,7 +328,7 @@ extern retpoline_thunk_t __x86_indirect_thunk_array[]; extern retpoline_thunk_t __x86_indirect_call_thunk_array[]; extern retpoline_thunk_t __x86_indirect_jump_thunk_array[]; -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK extern void __x86_return_thunk(void); #else static inline void __x86_return_thunk(void) {} diff --git a/arch/x86/include/asm/static_call.h b/arch/x86/include/asm/static_call.h index 343b722ccaf2..125c407e2abe 100644 --- a/arch/x86/include/asm/static_call.h +++ b/arch/x86/include/asm/static_call.h @@ -46,7 +46,7 @@ #define ARCH_DEFINE_STATIC_CALL_TRAMP(name, func) \ __ARCH_DEFINE_STATIC_CALL_TRAMP(name, ".byte 0xe9; .long " #func " - (. + 4)") -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK #define ARCH_DEFINE_STATIC_CALL_NULL_TRAMP(name) \ __ARCH_DEFINE_STATIC_CALL_TRAMP(name, "jmp __x86_return_thunk") #else diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index b01d49862497..f7c11bef19bb 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -698,7 +698,7 @@ void __init_or_module noinline apply_retpolines(s32 *start, s32 *end) } } -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK /* * Rewrite the compiler generated return thunk tail-calls. @@ -771,7 +771,7 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end) } #else void __init_or_module noinline apply_returns(s32 *start, s32 *end) { } -#endif /* CONFIG_RETHUNK */ +#endif /* CONFIG_MITIGATION_RETHUNK */ #else /* !CONFIG_MITIGATION_RETPOLINE || !CONFIG_OBJTOOL */ diff --git a/arch/x86/kernel/static_call.c b/arch/x86/kernel/static_call.c index 77a9316da435..4eefaac64c6c 100644 --- a/arch/x86/kernel/static_call.c +++ b/arch/x86/kernel/static_call.c @@ -172,7 +172,7 @@ void arch_static_call_transform(void *site, void *tramp, void *func, bool tail) } EXPORT_SYMBOL_GPL(arch_static_call_transform); -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK /* * This is called by apply_returns() to fix up static call trampolines, * specifically ARCH_DEFINE_STATIC_CALL_NULL_TRAMP which is recorded as diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 67b52cbec648..0045153ba222 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -127,7 +127,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) #undef GEN #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK /* * Be careful here: that label cannot really be removed because in @@ -386,4 +386,4 @@ SYM_CODE_START(__x86_return_thunk) SYM_CODE_END(__x86_return_thunk) EXPORT_SYMBOL(__x86_return_thunk) -#endif /* CONFIG_RETHUNK */ +#endif /* CONFIG_MITIGATION_RETHUNK */ diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 0d5461276179..48a4a81edac1 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -263,7 +263,7 @@ objtool-args-$(CONFIG_HAVE_OBJTOOL_NOP_MCOUNT) += --mnop endif objtool-args-$(CONFIG_UNWINDER_ORC) += --orc objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline -objtool-args-$(CONFIG_RETHUNK) += --rethunk +objtool-args-$(CONFIG_MITIGATION_RETHUNK) += --rethunk objtool-args-$(CONFIG_MITIGATION_SLS) += --sls objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval objtool-args-$(CONFIG_HAVE_STATIC_CALL_INLINE) += --static-call diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 4b816f55c634..bd7071f34f6b 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -57,7 +57,7 @@ (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31))) #endif -#ifdef CONFIG_RETHUNK +#ifdef CONFIG_MITIGATION_RETHUNK # define DISABLE_RETHUNK 0 #else # define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) From patchwork Tue Nov 21 16:07:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167844 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp777957vqb; Tue, 21 Nov 2023 09:13:51 -0800 (PST) X-Google-Smtp-Source: AGHT+IH/QHGklWNrA1tZXZyy7hBtKgXYamC45PWXHr+wvhqq5QlPZaiqTL39QPSPLQG7FyG2/jdu X-Received: by 2002:a05:6a20:258f:b0:17b:1f76:86ee with SMTP id k15-20020a056a20258f00b0017b1f7686eemr4648788pzd.16.1700586831385; Tue, 21 Nov 2023 09:13:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586831; cv=none; d=google.com; s=arc-20160816; b=xFOuaXlcc9fAe7MGN8sXc925XiAv01REhcKaMGIHNSBYBsEnNGClGZ/qD89mPQnXd2 J4+0rOaKexBtHA0wIBIUV5ZL5wyxXV5XNpOzfTe/S8F/STx82GED5W9UFoDRYa3GDvFm 14M0q5E6qgDmjPxY04wJe7nB+fZ1oBPPkBaw20Pk7Z0ORm2qIjbmw0qjW0JcvzlxYfMh YsZmNN+hsGLvnCcdig2Ie2qgAkCHFDxOQ9AWQX3mrRkC/q3o1fE4PzpZYBYJ1wcaUKj6 MPyu3So9xMFbN6S7yZtheYQ58Md1f7MiVEmMfbGTLTE553o0DlYoebAyPDkJ1++vfBSF TzZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=UyQP3CLH+UgiYNt7ar9Le/i9ANxBjXIZotdCtvdYulE=; fh=Z5jXuzkmn3l7IHBxliTKwNO/8Yh7AhmQojunj9pzw+k=; b=JT5jQOBpTlSYRHgF4xjBSAPDMyS+AHmfsFHNHzKSy1sOGC/IBkg0ehZRB0VN3zSuYw pepus8oKxjl04YLFWZhN3JhUfPGxaBMLHQbq/b2WZhiptEr3yF+C8mNORASGdpf5ue4S Ik0tWfpv+BL1lzjSFQlcM5Ai14joB7ywJx1iRJ0CwvcdrYkkZ7Oe+cchjAhcfGhagTs2 qWwTlvH2SYhb4YN+BL55GxHDomrLVdOl+Vm2aBi3I48iwn57YhUyb8gT87wdIwCaJgO5 wTRIo2S+P8w9RSsPYfMBnru/m8vatedSTDxxX4Dpgu9gOLLe5GUq6FJtS5MLUHkvIMAM lTuA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id g10-20020aa796aa000000b006cb8a0c292esi5189599pfk.95.2023.11.21.09.13.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:13:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id E275C80D31D9; Tue, 21 Nov 2023 09:13:29 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234325AbjKURND (ORCPT + 99 others); Tue, 21 Nov 2023 12:13:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50584 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234303AbjKURMy (ORCPT ); Tue, 21 Nov 2023 12:12:54 -0500 Received: from mail-ej1-f44.google.com (mail-ej1-f44.google.com [209.85.218.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2059E10CF for ; Tue, 21 Nov 2023 09:12:48 -0800 (PST) Received: by mail-ej1-f44.google.com with SMTP id a640c23a62f3a-9fa2714e828so472101066b.1 for ; Tue, 21 Nov 2023 09:12:48 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586766; x=1701191566; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UyQP3CLH+UgiYNt7ar9Le/i9ANxBjXIZotdCtvdYulE=; b=fobVewVqHZrW4qNm7js+THnvNaF5aSqNFfkZ95tUhp7KL5BrqIWhSAymHgPwqnwDJd fizFOK7L/4H8c0yC3EoqJMEU/BxWAQJHeRWylAatl3hnPm1BFSSACZV32PdnbeKzk5E/ RGcsV+cjkp9dw4XrMJAFqq8DWGycivpzBAjCb/vWN2AnzyMLf1hV4BavjUiQpekzOO2E nbvvYhx1Pc2KcAqR1DYh0sljmdgjEFCSCAgdIdDH3fr/i+ULu6R4Vamuzkv+fQrst/7l 6PElO4+PCuUgvIvghUvI8b1xoh79XbHGJ8TW7EmrjUjyE19Jlx0ZaBz91hUmz9xnOwGP GOsQ== X-Gm-Message-State: AOJu0YweSpIM0m4kAJbAjueIgfM/H5jpWutIvOVHgz6GBgIwRG1oukYb I5QKcZ3L6X5KHQU77SvnZXg= X-Received: by 2002:a17:906:10c:b0:a01:1cee:53cc with SMTP id 12-20020a170906010c00b00a011cee53ccmr2552111eje.66.1700586766579; Tue, 21 Nov 2023 09:12:46 -0800 (PST) Received: from localhost (fwdproxy-cln-012.fbsv.net. [2a03:2880:31ff:c::face:b00c]) by smtp.gmail.com with ESMTPSA id lh3-20020a170906f8c300b009dd7097ca22sm5530302ejb.194.2023.11.21.09.12.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:46 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org Subject: [PATCH v6 11/13] x86/bugs: Create a way to disable GDS mitigation Date: Tue, 21 Nov 2023 08:07:38 -0800 Message-Id: <20231121160740.1249350-12-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:13:30 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194537785065153 X-GMAIL-MSGID: 1783194537785065153 Currently there is no way to disable GDS mitigation at build time. The current config option (GDS_MITIGATION_FORCE) just enables a more drastic mitigation. Create a new kernel config that allows GDS to be completely disabled, similarly to the "gather_data_sampling=off" or "mitigations=off" kernel command-line. Move the GDS_MITIGATION_FORCE under this new mitigation. Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 18 +++++++++++++----- arch/x86/kernel/cpu/bugs.c | 7 ++++--- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index ee939de1bb05..b1a59e5d6fb6 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2590,15 +2590,23 @@ config MITIGATION_SLS against straight line speculation. The kernel image might be slightly larger. +config MITIGATION_GDS + bool "Mitigate Gather Data Sampling" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Gather Data Sampling (GDS). GDS is a hardware + vulnerability which allows unprivileged speculative access to data + which was previously stored in vector registers. The attacker uses + gather instructions to infer the stale vector register data. + See also + + config MITIGATION_GDS_FORCE bool "Force GDS Mitigation" - depends on CPU_SUP_INTEL + depends on MITIGATION_GDS default n help - Gather Data Sampling (GDS) is a hardware vulnerability which allows - unprivileged speculative access to data which was previously stored in - vector registers. - This option is equivalent to setting gather_data_sampling=force on the command line. The microcode mitigation is used if present, otherwise AVX is disabled as a mitigation. On affected systems that are missing diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index f2775417bda2..0172bb0f61fe 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -671,10 +671,11 @@ enum gds_mitigations { GDS_MITIGATION_HYPERVISOR, }; -#if IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) -static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FORCE; +#if IS_ENABLED(CONFIG_MITIGATION_GDS) +static enum gds_mitigations gds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE) ? GDS_MITIGATION_FORCE : GDS_MITIGATION_FULL; #else -static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FULL; +static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_OFF; #endif static const char * const gds_strings[] = { From patchwork Tue Nov 21 16:07:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167846 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp778046vqb; Tue, 21 Nov 2023 09:14:01 -0800 (PST) X-Google-Smtp-Source: AGHT+IGm8ngI9YC1Q8L/Oqoz0/MFaCNcXMsLWqVYxJOfJNfOipeEfh8TtF95nBmIb6CrKWH1c1yL X-Received: by 2002:a17:903:1212:b0:1cc:6cc3:d9eb with SMTP id l18-20020a170903121200b001cc6cc3d9ebmr12214574plh.68.1700586841413; Tue, 21 Nov 2023 09:14:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586841; cv=none; d=google.com; s=arc-20160816; b=haoiXOVhvjyJ66wWs8OOAcWbHOHpQH2aQL2CNYQF67ksQjv/o/ivs6OU9wV87N7AhQ 3VEGZAmym8rHQtYvvuIVHX+mmHfDwx1U4AqE4eZ0Sdw5seDlWVea7rkoz1XMSIUqldYB AmCNAvkD7+j713u1HUBgi+ul6newN23dx1skiAKFqiUwi6daNKHFszXk2HPNVuqU7PNu iUZSXyQxn6beka3x8kc0Yz4wp2Qk86DXtkHgZfLz8E3qzKPc9eXbfECB92+f5JDUl04/ QDub2yTRG/4OdmyiwG3PLDl06yXIpMkPp6iBTRdiElJL8wLDuFrjaDt1g0E4JYM3Z8Xp PQVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=MvoV//U7FVv1pKsj0pHVwZMcyaDGT7gkmJVz+LeD9vo=; fh=P/ZCIqQ1hL9htWDdLA48SPqbKElSBTWpnbzHABGMW5M=; b=IkZkGbD6ywXxLQ8ORQxsp9r5s/TwjjjQ/gK2zf6W6/9T5PNNmHnw7QPg1EKdlP0EEk E3c/zJselqIZaU0K/rxklDHK3pVQdX/2/DkRFmsED/15kht0SL8lvZwK056bkSEZgv/A Z3WptTnif4IkOpv0u78sP1mYkyklsaOaeapdtJeP9alSSg+LINfa+DuzQPSne9FEF34E HJUa9EgwY20R64Xk8EcgyppUh52b1M8QfgjW09jmCjid3+njn/Fh8frdcqSerMHVBMae BN/JVCtlrC5/f+nF+CAxE9Uf2xpx00RxGk0CmW06lDG2mBEmYZiMYHtdruo++sIaPmsr 53+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id a5-20020a170902ecc500b001c0cb378f04si11388147plh.335.2023.11.21.09.13.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:14:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 230B880A18CF; Tue, 21 Nov 2023 09:13:55 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234303AbjKURNH (ORCPT + 99 others); Tue, 21 Nov 2023 12:13:07 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48758 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234290AbjKURM4 (ORCPT ); Tue, 21 Nov 2023 12:12:56 -0500 Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90D3310CE for ; Tue, 21 Nov 2023 09:12:49 -0800 (PST) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-548d67d30bbso3067410a12.1 for ; Tue, 21 Nov 2023 09:12:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586768; x=1701191568; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MvoV//U7FVv1pKsj0pHVwZMcyaDGT7gkmJVz+LeD9vo=; b=qaaz9VRO3ZRu8ruuf8RVehwlSkhB/yXMXD3wKqe8fNzwsUZ002qI71lbK+Mr49kT97 niXIz9etLnzFsj2E5QeXABMK5qCFmDEe68gsktNcpb6wuFQeib+xmFOqxYfTKdGKKyzS aAaVnjVf4h8u9PDao2mEJfeoXlQRt6j0xtVwhTYRGrZFoDqQmheT4BQ1E7Xjui1o9j+j J1mX93HVxcGl9z7wIEbOTfUu30AYYaK1BQpctr6aAdKDe1M1Ry0cSwHgEm9Yo/eXsG6T 0AMGghkb4Ikv2pbfBKvlB8MMAB2tSVJpiehNDgWzjz2NjNPp+3nfQ88JTTht/aqv9/rt gp4w== X-Gm-Message-State: AOJu0Yy7BpF3GUJbMsj5qd0aiawDZxR8SKrsXMWM9gHusT8z5xc8CWfu 3VpDGjs1xdSLv3Ub4V1QsfM= X-Received: by 2002:a17:906:159:b0:9f7:b6c2:cd3f with SMTP id 25-20020a170906015900b009f7b6c2cd3fmr8135322ejh.5.1700586767935; Tue, 21 Nov 2023 09:12:47 -0800 (PST) Received: from localhost (fwdproxy-cln-018.fbsv.net. [2a03:2880:31ff:12::face:b00c]) by smtp.gmail.com with ESMTPSA id q18-20020a1709060e5200b009f5b7b6f3c8sm5451328eji.56.2023.11.21.09.12.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:47 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Peter Zijlstra , Pawan Gupta , Dave Hansen , x86@kernel.org, "H. Peter Anvin" Cc: leit@meta.com, linux-kernel@vger.kernel.org Subject: [PATCH v6 12/13] x86/bugs: spectre_v2_user default mode depends on Kconfig Date: Tue, 21 Nov 2023 08:07:39 -0800 Message-Id: <20231121160740.1249350-13-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:13:55 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194547521806951 X-GMAIL-MSGID: 1783194547521806951 Change the default value of spectre v2 in user mode to respect the CONFIG_MITIGATION_SPECTRE_V2 config option. Currently, user mode spectre v2 is set to auto (SPECTRE_V2_USER_CMD_AUTO) by default, even if CONFIG_MITIGATION_SPECTRE_V2 is disabled. Set the Spectre_v2 value to auto (SPECTRE_V2_USER_CMD_AUTO) if the Spectre v2 config (CONFIG_MITIGATION_SPECTRE_V2) is enabled, otherwise set the value to none (SPECTRE_V2_USER_CMD_NONE). Important to say the command line argument "spectre_v2_user" overwrites the default value in both cases. Signed-off-by: Breno Leitao --- arch/x86/kernel/cpu/bugs.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0172bb0f61fe..a99f8c064682 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1216,8 +1216,11 @@ static __ro_after_init enum spectre_v2_mitigation_cmd spectre_v2_cmd; static enum spectre_v2_user_cmd __init spectre_v2_parse_user_cmdline(void) { + int ret, i, mode; char arg[20]; - int ret, i; + + mode = IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? + SPECTRE_V2_USER_CMD_AUTO : SPECTRE_V2_USER_CMD_NONE; switch (spectre_v2_cmd) { case SPECTRE_V2_CMD_NONE: @@ -1231,7 +1234,7 @@ spectre_v2_parse_user_cmdline(void) ret = cmdline_find_option(boot_command_line, "spectre_v2_user", arg, sizeof(arg)); if (ret < 0) - return SPECTRE_V2_USER_CMD_AUTO; + return mode; for (i = 0; i < ARRAY_SIZE(v2_user_options); i++) { if (match_option(arg, ret, v2_user_options[i].option)) { @@ -1241,8 +1244,8 @@ spectre_v2_parse_user_cmdline(void) } } - pr_err("Unknown user space protection option (%s). Switching to AUTO select\n", arg); - return SPECTRE_V2_USER_CMD_AUTO; + pr_err("Unknown user space protection option (%s). Switching to default\n", arg); + return mode; } static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode) From patchwork Tue Nov 21 16:07:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 167845 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp777978vqb; Tue, 21 Nov 2023 09:13:55 -0800 (PST) X-Google-Smtp-Source: AGHT+IFyM/B1lLb7ildzGoXTKyD2saigOzSU0OiVxt0/+ZDJCxvrN5Oli1jHyU5CtO6RFRMjGtgB X-Received: by 2002:a05:6830:7192:b0:6b7:4a86:f038 with SMTP id el18-20020a056830719200b006b74a86f038mr7615746otb.15.1700586834743; Tue, 21 Nov 2023 09:13:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586834; cv=none; d=google.com; s=arc-20160816; b=Zn/LH4WbifnPXvpOv7E4yipId/AYBH7oOfHS257R2qBhTgkzC/UoyjeWhUdqCLXfDt BLvw2RLyAg0DGldPovFyZSMQJR5ToiRkA+6Ke3bac1k3WT+RqB/SAcDNp9UIGlQGoFPz gBQ+A7fUMiREWCWKED7uCQP1FotI+r5HDkKqhsbDrBuU6A61tCKjXyRo4wihvbd0QMG7 ViN5w5RqzTH+XgpkhIYXV/uJ9ZL8Eqlq6IN1SuoqlY+hrwOvMkj4vwtuYoGAYXMe7DWl A1g9vZrgeC0k00jv3c+PGBK2hvZRD3/EjUGJUnCwahvy7xAERKPpDtx1Q3WwUf052voz ge4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=t86C+Hfhyz28zZ+S9QvxWOCDoDYHxy6ZcxxWaTk62sM=; fh=Z5jXuzkmn3l7IHBxliTKwNO/8Yh7AhmQojunj9pzw+k=; b=cf/JppfzO+SXKWRTNEFW/+KLQQGLeCfv9bGc1BxnbzlUJKSR771UZalF/t8FVLPRpe bkLnhOqXsRjsW8aGRsWoqogHxv28Hn0T5Az6TnmSAMAzumhdDjcpscP8RuBS2JgSmNNE Yo53WxCRphzTLk+FTHPPMxLESJYdyGrwEeFVfX9GLpuvw37rAACB89E1AFPdMv7A0XSE mzLyMwwN486FLoDSGkBiXk3Ofqr+0b4lqBiJUhT0o5ZEpAg6UVXZF5YahP6sRh2fUpMh hm8WA9YvaTr8o8ca8NMJDSrO4fSw+I9qY+2PTlzUXbdHRIDfSHoYjMiOM1xPuClmO//H Hq/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id bq20-20020a056a02045400b0059beadab759si12178636pgb.652.2023.11.21.09.13.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:13:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 22ECF801C1BE; Tue, 21 Nov 2023 09:13:40 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234439AbjKURNL (ORCPT + 99 others); Tue, 21 Nov 2023 12:13:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48754 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234291AbjKURNA (ORCPT ); Tue, 21 Nov 2023 12:13:00 -0500 Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2E83B1A3 for ; Tue, 21 Nov 2023 09:12:50 -0800 (PST) Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-548d1f8b38bso3174662a12.3 for ; Tue, 21 Nov 2023 09:12:50 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700586769; x=1701191569; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=t86C+Hfhyz28zZ+S9QvxWOCDoDYHxy6ZcxxWaTk62sM=; b=wiUkPhDcbtBJ5q/GOqU+hZSpPzYPG2mAAjRX7Q5dAVQZRibnQvz16T/fZQPkNmUnZh qEQMs0E6gsm3b7nasnwDFXw0MEINBLjJcpyeMT1v3pXs+0BNLTz6b4N61asTNw52b1tt EmBpCxnLduZPS4R6aIwMqRPC/Uow7VcPmCL/YztXiwE6P+lRrO6evoiKKgtD1/koNyL7 CDjNS8ZTfE8Ryumgn1Il3Ys1k6stufx+YyOi0lBwlijmqysbjDazltnNWBVHzQlPeS0n hwjgkbe9lPKkDkZ3tbMy33HZFnfAuEDKq/8G/SiK5GLiUEqJxu6zWA5BN11fkUlGBQ2U BTZA== X-Gm-Message-State: AOJu0Yz+r7bD00P8C3MhcZOlAvbj3SNSmuUBtv1IssxX3ufVUWdZ97Eh hBmzenwWbn9qVOMmcWKz0Gg= X-Received: by 2002:aa7:df03:0:b0:548:56c9:8ac8 with SMTP id c3-20020aa7df03000000b0054856c98ac8mr2301905edy.17.1700586769365; Tue, 21 Nov 2023 09:12:49 -0800 (PST) Received: from localhost (fwdproxy-cln-023.fbsv.net. [2a03:2880:31ff:17::face:b00c]) by smtp.gmail.com with ESMTPSA id i23-20020aa7c9d7000000b0054866f0c1b8sm4072067edt.69.2023.11.21.09.12.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 09:12:49 -0800 (PST) From: Breno Leitao To: jpoimboe@kernel.org, mingo@redhat.com, tglx@linutronix.de, bp@alien8.de, Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Pawan Gupta Cc: leit@meta.com, linux-kernel@vger.kernel.org Subject: [PATCH v6 13/13] x86/bugs: Add a separate config for missing mitigation Date: Tue, 21 Nov 2023 08:07:40 -0800 Message-Id: <20231121160740.1249350-14-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231121160740.1249350-1-leitao@debian.org> References: <20231121160740.1249350-1-leitao@debian.org> MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 21 Nov 2023 09:13:40 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783194540863779385 X-GMAIL-MSGID: 1783194540863779385 Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for each CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable them at compilation time. Signed-off-by: Breno Leitao --- arch/x86/Kconfig | 101 +++++++++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/bugs.c | 39 ++++++++------ 2 files changed, 125 insertions(+), 15 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index b1a59e5d6fb6..def8561bc2a3 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2617,6 +2617,107 @@ config MITIGATION_GDS_FORCE If in doubt, say N. +config MITIGATION_MDS + bool "Mitigate Microarchitectural Data Sampling (MDS) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Microarchitectural Data Sampling (MDS). MDS is + a hardware vulnerability which allows unprivileged speculative access + to data which is available in various CPU internal buffers. + See also + +config MITIGATION_TAA + bool "Mitigate TSX Asynchronous Abort (TAA) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for TSX Asynchronous Abort (TAA). TAA is a hardware + vulnerability that allows unprivileged speculative access to data + which is available in various CPU internal buffers by using + asynchronous aborts within an Intel TSX transactional region. + See also + +config MITIGATION_MMIO_STALE_DATA + bool "Mitigate MMIO Stale Data hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for MMIO Stale Data hardware bugs. Processor MMIO + Stale Data Vulnerabilities are a class of memory-mapped I/O (MMIO) + vulnerabilities that can expose data. The vulnerabilities require the + attacker to have access to MMIO. + See also + + +config MITIGATION_L1TF + bool "Mitigate L1 Terminal Fault (L1TF) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Mitigate L1 Terminal Fault (L1TF) hardware bug. L1 Terminal Fault is a + hardware vulnerability which allows unprivileged speculative access to data + available in the Level 1 Data Cache. + See also + +config MITIGATION_RETBLEED + bool "Mitigate RETBleed hardware bug" + depends on CPU_SUP_INTEL || (CPU_SUP_AMD && MITIGATION_UNRET_ENTRY) + default y + help + Enable mitigation for RETBleed (Arbitrary Speculative Code Execution + with Return Instructions) vulnerability. RETBleed is a speculative + execution attack which takes advantage of microarchitectural behavior + in many modern microprocessors, similar to Spectre v2. An + unprivileged attacker can use these flaws to bypass conventional + memory security restrictions to gain read access to privileged memory + that would otherwise be inaccessible. + +config MITIGATION_SPECTRE_V1 + bool "Mitigate SPECTRE V1 hardware bug" + default y + help + Enable mitigation for Spectre V1 (Bounds Check Bypass). Spectre V1 is a + class of side channel attacks that takes advantage of speculative + execution that bypasses conditional branch instructions used for + memory access bounds check. + See also + +config MITIGATION_SPECTRE_V2 + bool "Mitigate SPECTRE V2 hardware bug" + default y + help + Enable mitigation for Spectre V2 (Branch Target Injection). Spectre + V2 is a class of side channel attacks that takes advantage of + indirect branch predictors inside the processor. In Spectre variant 2 + attacks, the attacker can steer speculative indirect branches in the + victim to gadget code by poisoning the branch target buffer of a CPU + used for predicting indirect branch addresses. + See also + +config MITIGATION_SRBDS + bool "Mitigate Special Register Buffer Data Sampling (SRBDS) hardware bug" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Special Register Buffer Data Sampling (SRBDS). + SRBDS is a hardware vulnerability that allows Microarchitectural Data + Sampling (MDS) techniques to infer values returned from special + register accesses. An unprivileged user can extract values returned + from RDRAND and RDSEED executed on another core or sibling thread + using MDS techniques. + See also + + +config MITIGATION_SSB + bool "Mitigate Speculative Store Bypass (SSB) hardware bug" + default y + help + Enable mitigation for Speculative Store Bypass (SSB). SSB is a + hardware security vulnerability and its exploitation takes advantage + of speculative execution in a similar way to the Meltdown and Spectre + security vulnerabilities. + endif config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index a99f8c064682..4f1da92784c6 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -232,7 +232,8 @@ static void x86_amd_ssb_disable(void) #define pr_fmt(fmt) "MDS: " fmt /* Default mitigation for MDS-affected CPUs */ -static enum mds_mitigations mds_mitigation __ro_after_init = MDS_MITIGATION_FULL; +static enum mds_mitigations mds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_MDS) ? MDS_MITIGATION_FULL : MDS_MITIGATION_OFF; static bool mds_nosmt __ro_after_init = false; static const char * const mds_strings[] = { @@ -292,7 +293,8 @@ enum taa_mitigations { }; /* Default mitigation for TAA-affected CPUs */ -static enum taa_mitigations taa_mitigation __ro_after_init = TAA_MITIGATION_VERW; +static enum taa_mitigations taa_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_TAA) ? TAA_MITIGATION_VERW : TAA_MITIGATION_OFF; static bool taa_nosmt __ro_after_init; static const char * const taa_strings[] = { @@ -393,7 +395,8 @@ enum mmio_mitigations { }; /* Default mitigation for Processor MMIO Stale Data vulnerabilities */ -static enum mmio_mitigations mmio_mitigation __ro_after_init = MMIO_MITIGATION_VERW; +static enum mmio_mitigations mmio_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_MMIO_STALE_DATA) ? MMIO_MITIGATION_VERW : MMIO_MITIGATION_OFF; static bool mmio_nosmt __ro_after_init = false; static const char * const mmio_strings[] = { @@ -542,7 +545,8 @@ enum srbds_mitigations { SRBDS_MITIGATION_HYPERVISOR, }; -static enum srbds_mitigations srbds_mitigation __ro_after_init = SRBDS_MITIGATION_FULL; +static enum srbds_mitigations srbds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_FULL : SRBDS_MITIGATION_OFF; static const char * const srbds_strings[] = { [SRBDS_MITIGATION_OFF] = "Vulnerable", @@ -812,7 +816,8 @@ enum spectre_v1_mitigation { }; static enum spectre_v1_mitigation spectre_v1_mitigation __ro_after_init = - SPECTRE_V1_MITIGATION_AUTO; + IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V1) ? + SPECTRE_V1_MITIGATION_AUTO : SPECTRE_V1_MITIGATION_NONE; static const char * const spectre_v1_strings[] = { [SPECTRE_V1_MITIGATION_NONE] = "Vulnerable: __user pointer sanitization and usercopy barriers only; no swapgs barriers", @@ -927,7 +932,7 @@ static const char * const retbleed_strings[] = { static enum retbleed_mitigation retbleed_mitigation __ro_after_init = RETBLEED_MITIGATION_NONE; static enum retbleed_mitigation_cmd retbleed_cmd __ro_after_init = - RETBLEED_CMD_AUTO; + IS_ENABLED(CONFIG_MITIGATION_RETBLEED) ? RETBLEED_CMD_AUTO : RETBLEED_CMD_OFF; static int __ro_after_init retbleed_nosmt = false; @@ -1391,17 +1396,18 @@ static void __init spec_v2_print_cond(const char *reason, bool secure) static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) { - enum spectre_v2_mitigation_cmd cmd = SPECTRE_V2_CMD_AUTO; + enum spectre_v2_mitigation_cmd cmd; char arg[20]; int ret, i; + cmd = IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? SPECTRE_V2_CMD_AUTO : SPECTRE_V2_CMD_NONE; if (cmdline_find_option_bool(boot_command_line, "nospectre_v2") || cpu_mitigations_off()) return SPECTRE_V2_CMD_NONE; ret = cmdline_find_option(boot_command_line, "spectre_v2", arg, sizeof(arg)); if (ret < 0) - return SPECTRE_V2_CMD_AUTO; + return cmd; for (i = 0; i < ARRAY_SIZE(mitigation_options); i++) { if (!match_option(arg, ret, mitigation_options[i].option)) @@ -1411,8 +1417,8 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) } if (i >= ARRAY_SIZE(mitigation_options)) { - pr_err("unknown option (%s). Switching to AUTO select\n", arg); - return SPECTRE_V2_CMD_AUTO; + pr_err("unknown option (%s). Switching to default mode\n", arg); + return cmd; } if ((cmd == SPECTRE_V2_CMD_RETPOLINE || @@ -1885,10 +1891,12 @@ static const struct { static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) { - enum ssb_mitigation_cmd cmd = SPEC_STORE_BYPASS_CMD_AUTO; + enum ssb_mitigation_cmd cmd; char arg[20]; int ret, i; + cmd = IS_ENABLED(CONFIG_MITIGATION_SSB) ? + SPEC_STORE_BYPASS_CMD_AUTO : SPEC_STORE_BYPASS_CMD_NONE; if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disable") || cpu_mitigations_off()) { return SPEC_STORE_BYPASS_CMD_NONE; @@ -1896,7 +1904,7 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) ret = cmdline_find_option(boot_command_line, "spec_store_bypass_disable", arg, sizeof(arg)); if (ret < 0) - return SPEC_STORE_BYPASS_CMD_AUTO; + return cmd; for (i = 0; i < ARRAY_SIZE(ssb_mitigation_options); i++) { if (!match_option(arg, ret, ssb_mitigation_options[i].option)) @@ -1907,8 +1915,8 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void) } if (i >= ARRAY_SIZE(ssb_mitigation_options)) { - pr_err("unknown option (%s). Switching to AUTO select\n", arg); - return SPEC_STORE_BYPASS_CMD_AUTO; + pr_err("unknown option (%s). Switching to default mode\n", arg); + return cmd; } } @@ -2235,7 +2243,8 @@ EXPORT_SYMBOL_GPL(itlb_multihit_kvm_mitigation); #define pr_fmt(fmt) "L1TF: " fmt /* Default mitigation for L1TF-affected CPUs */ -enum l1tf_mitigations l1tf_mitigation __ro_after_init = L1TF_MITIGATION_FLUSH; +enum l1tf_mitigations l1tf_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_L1TF) ? L1TF_MITIGATION_FLUSH : L1TF_MITIGATION_OFF; #if IS_ENABLED(CONFIG_KVM_INTEL) EXPORT_SYMBOL_GPL(l1tf_mitigation); #endif