Commit 2f970a52 authored by David Kaplan's avatar David Kaplan Committed by Borislav Petkov (AMD)
Browse files

x86/bugs: Add attack vector controls for L1TF 



Use attack vector controls to determine if L1TF mitigation is required.

Disable SMT if cross-thread protection is desired.

Signed-off-by: default avatarDavid Kaplan <david.kaplan@amd.com>
Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250707183316.1349127-17-david.kaplan@amd.com
parent fdf99228

arch/x86/kernel/cpu/bugs.c

+12 −6
Original line number Diff line number Diff line
@@ -2995,18 +2995,24 @@ static void override_cache_bits(struct cpuinfo_x86 *c) 


static void __init l1tf_select_mitigation(void)

{

	if (!boot_cpu_has_bug(X86_BUG_L1TF) || cpu_mitigations_off()) {

	if (!boot_cpu_has_bug(X86_BUG_L1TF)) {

		l1tf_mitigation = L1TF_MITIGATION_OFF;

		return;

	}



	if (l1tf_mitigation == L1TF_MITIGATION_AUTO) {

		if (cpu_mitigations_auto_nosmt())

	if (l1tf_mitigation != L1TF_MITIGATION_AUTO)

		return;



	if (!should_mitigate_vuln(X86_BUG_L1TF)) {

		l1tf_mitigation = L1TF_MITIGATION_OFF;

		return;

	}



	if (smt_mitigations == SMT_MITIGATIONS_ON)

		l1tf_mitigation = L1TF_MITIGATION_FLUSH_NOSMT;

	else

		l1tf_mitigation = L1TF_MITIGATION_FLUSH;

}

}



static void __init l1tf_apply_mitigation(void)

{