Commit 6449f5ba authored by Pawan Gupta's avatar Pawan Gupta Committed by Dave Hansen
Browse files

x86/bugs: Move cpu_bugs_smt_update() down 



cpu_bugs_smt_update() uses global variables from different mitigations. For
SMT updates it can't currently use vmscape_mitigation that is defined after
it.

Since cpu_bugs_smt_update() depends on many other mitigations, move it
after all mitigations are defined. With that, it can use vmscape_mitigation
in a moment.

No functional change.

Signed-off-by: default avatarPawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
parent 556c1ad6

arch/x86/kernel/cpu/bugs.c

+83 −82
Original line number Diff line number Diff line
@@ -2551,88 +2551,6 @@ static void update_mds_branch_idle(void) 
	}

}



#define MDS_MSG_SMT "MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details.\n"

#define TAA_MSG_SMT "TAA CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html for more details.\n"

#define MMIO_MSG_SMT "MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details.\n"



void cpu_bugs_smt_update(void)

{

	mutex_lock(&spec_ctrl_mutex);



	if (sched_smt_active() && unprivileged_ebpf_enabled() &&

	    spectre_v2_enabled == SPECTRE_V2_EIBRS_LFENCE)

		pr_warn_once(SPECTRE_V2_EIBRS_LFENCE_EBPF_SMT_MSG);



	switch (spectre_v2_user_stibp) {

	case SPECTRE_V2_USER_NONE:

		break;

	case SPECTRE_V2_USER_STRICT:

	case SPECTRE_V2_USER_STRICT_PREFERRED:

		update_stibp_strict();

		break;

	case SPECTRE_V2_USER_PRCTL:

	case SPECTRE_V2_USER_SECCOMP:

		update_indir_branch_cond();

		break;

	}



	switch (mds_mitigation) {

	case MDS_MITIGATION_FULL:

	case MDS_MITIGATION_AUTO:

	case MDS_MITIGATION_VMWERV:

		if (sched_smt_active() && !boot_cpu_has(X86_BUG_MSBDS_ONLY))

			pr_warn_once(MDS_MSG_SMT);

		update_mds_branch_idle();

		break;

	case MDS_MITIGATION_OFF:

		break;

	}



	switch (taa_mitigation) {

	case TAA_MITIGATION_VERW:

	case TAA_MITIGATION_AUTO:

	case TAA_MITIGATION_UCODE_NEEDED:

		if (sched_smt_active())

			pr_warn_once(TAA_MSG_SMT);

		break;

	case TAA_MITIGATION_TSX_DISABLED:

	case TAA_MITIGATION_OFF:

		break;

	}



	switch (mmio_mitigation) {

	case MMIO_MITIGATION_VERW:

	case MMIO_MITIGATION_AUTO:

	case MMIO_MITIGATION_UCODE_NEEDED:

		if (sched_smt_active())

			pr_warn_once(MMIO_MSG_SMT);

		break;

	case MMIO_MITIGATION_OFF:

		break;

	}



	switch (tsa_mitigation) {

	case TSA_MITIGATION_USER_KERNEL:

	case TSA_MITIGATION_VM:

	case TSA_MITIGATION_AUTO:

	case TSA_MITIGATION_FULL:

		/*

		 * TSA-SQ can potentially lead to info leakage between

		 * SMT threads.

		 */

		if (sched_smt_active())

			static_branch_enable(&cpu_buf_idle_clear);

		else

			static_branch_disable(&cpu_buf_idle_clear);

		break;

	case TSA_MITIGATION_NONE:

	case TSA_MITIGATION_UCODE_NEEDED:

		break;

	}



	mutex_unlock(&spec_ctrl_mutex);

}



#undef pr_fmt

#define pr_fmt(fmt)	"Speculative Store Bypass: " fmt
@@ -3402,6 +3320,89 @@ static void __init vmscape_apply_mitigation(void) 
#undef pr_fmt

#define pr_fmt(fmt) fmt



#define MDS_MSG_SMT "MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details.\n"

#define TAA_MSG_SMT "TAA CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html for more details.\n"

#define MMIO_MSG_SMT "MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details.\n"

#define VMSCAPE_MSG_SMT "VMSCAPE: SMT on, STIBP is required for full protection. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/vmscape.html for more details.\n"



void cpu_bugs_smt_update(void)

{

	mutex_lock(&spec_ctrl_mutex);



	if (sched_smt_active() && unprivileged_ebpf_enabled() &&

	    spectre_v2_enabled == SPECTRE_V2_EIBRS_LFENCE)

		pr_warn_once(SPECTRE_V2_EIBRS_LFENCE_EBPF_SMT_MSG);



	switch (spectre_v2_user_stibp) {

	case SPECTRE_V2_USER_NONE:

		break;

	case SPECTRE_V2_USER_STRICT:

	case SPECTRE_V2_USER_STRICT_PREFERRED:

		update_stibp_strict();

		break;

	case SPECTRE_V2_USER_PRCTL:

	case SPECTRE_V2_USER_SECCOMP:

		update_indir_branch_cond();

		break;

	}



	switch (mds_mitigation) {

	case MDS_MITIGATION_FULL:

	case MDS_MITIGATION_AUTO:

	case MDS_MITIGATION_VMWERV:

		if (sched_smt_active() && !boot_cpu_has(X86_BUG_MSBDS_ONLY))

			pr_warn_once(MDS_MSG_SMT);

		update_mds_branch_idle();

		break;

	case MDS_MITIGATION_OFF:

		break;

	}



	switch (taa_mitigation) {

	case TAA_MITIGATION_VERW:

	case TAA_MITIGATION_AUTO:

	case TAA_MITIGATION_UCODE_NEEDED:

		if (sched_smt_active())

			pr_warn_once(TAA_MSG_SMT);

		break;

	case TAA_MITIGATION_TSX_DISABLED:

	case TAA_MITIGATION_OFF:

		break;

	}



	switch (mmio_mitigation) {

	case MMIO_MITIGATION_VERW:

	case MMIO_MITIGATION_AUTO:

	case MMIO_MITIGATION_UCODE_NEEDED:

		if (sched_smt_active())

			pr_warn_once(MMIO_MSG_SMT);

		break;

	case MMIO_MITIGATION_OFF:

		break;

	}



	switch (tsa_mitigation) {

	case TSA_MITIGATION_USER_KERNEL:

	case TSA_MITIGATION_VM:

	case TSA_MITIGATION_AUTO:

	case TSA_MITIGATION_FULL:

		/*

		 * TSA-SQ can potentially lead to info leakage between

		 * SMT threads.

		 */

		if (sched_smt_active())

			static_branch_enable(&cpu_buf_idle_clear);

		else

			static_branch_disable(&cpu_buf_idle_clear);

		break;

	case TSA_MITIGATION_NONE:

	case TSA_MITIGATION_UCODE_NEEDED:

		break;

	}



	mutex_unlock(&spec_ctrl_mutex);

}



#ifdef CONFIG_SYSFS



#define L1TF_DEFAULT_MSG "Mitigation: PTE Inversion"