Commit 2178ac58 authored by David Kaplan's avatar David Kaplan Committed by Borislav Petkov (AMD)
Browse files

x86/bugs: Restructure SRBDS mitigation 



Restructure SRBDS to use select/apply functions to create consistent
vulnerability handling.

Define new AUTO mitigation for SRBDS.

Signed-off-by: default avatarDavid Kaplan <david.kaplan@amd.com>
Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: default avatarJosh Poimboeuf <jpoimboe@kernel.org>
Link: https://lore.kernel.org/20250418161721.1855190-7-david.kaplan@amd.com
parent 6f0960a7

arch/x86/kernel/cpu/bugs.c

+16 −4
Original line number Diff line number Diff line
@@ -72,6 +72,7 @@ static void __init rfds_select_mitigation(void); 
static void __init rfds_update_mitigation(void);

static void __init rfds_apply_mitigation(void);

static void __init srbds_select_mitigation(void);

static void __init srbds_apply_mitigation(void);

static void __init l1d_flush_select_mitigation(void);

static void __init srso_select_mitigation(void);

static void __init gds_select_mitigation(void);
@@ -225,6 +226,7 @@ void __init cpu_select_mitigations(void) 
	taa_apply_mitigation();

	mmio_apply_mitigation();

	rfds_apply_mitigation();

	srbds_apply_mitigation();

}



/*
@@ -693,6 +695,7 @@ early_param("reg_file_data_sampling", rfds_parse_cmdline); 


enum srbds_mitigations {

	SRBDS_MITIGATION_OFF,

	SRBDS_MITIGATION_AUTO,

	SRBDS_MITIGATION_UCODE_NEEDED,

	SRBDS_MITIGATION_FULL,

	SRBDS_MITIGATION_TSX_OFF,
@@ -700,7 +703,7 @@ enum srbds_mitigations { 
};



static enum srbds_mitigations srbds_mitigation __ro_after_init =

	IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_FULL : SRBDS_MITIGATION_OFF;

	IS_ENABLED(CONFIG_MITIGATION_SRBDS) ? SRBDS_MITIGATION_AUTO : SRBDS_MITIGATION_OFF;



static const char * const srbds_strings[] = {

	[SRBDS_MITIGATION_OFF]		= "Vulnerable",
@@ -751,8 +754,13 @@ void update_srbds_msr(void) 


static void __init srbds_select_mitigation(void)

{

	if (!boot_cpu_has_bug(X86_BUG_SRBDS))

	if (!boot_cpu_has_bug(X86_BUG_SRBDS) || cpu_mitigations_off()) {

		srbds_mitigation = SRBDS_MITIGATION_OFF;

		return;

	}



	if (srbds_mitigation == SRBDS_MITIGATION_AUTO)

		srbds_mitigation = SRBDS_MITIGATION_FULL;



	/*

	 * Check to see if this is one of the MDS_NO systems supporting TSX that
@@ -766,13 +774,17 @@ static void __init srbds_select_mitigation(void) 
		srbds_mitigation = SRBDS_MITIGATION_HYPERVISOR;

	else if (!boot_cpu_has(X86_FEATURE_SRBDS_CTRL))

		srbds_mitigation = SRBDS_MITIGATION_UCODE_NEEDED;

	else if (cpu_mitigations_off() || srbds_off)

	else if (srbds_off)

		srbds_mitigation = SRBDS_MITIGATION_OFF;



	update_srbds_msr();

	pr_info("%s\n", srbds_strings[srbds_mitigation]);

}



static void __init srbds_apply_mitigation(void)

{

	update_srbds_msr();

}



static int __init srbds_parse_cmdline(char *str)

{

	if (!str)