x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (cb2db5bb) · Commits · git / linux-nf

arch/x86/kernel/cpu/bugs.c

+7 −15

Original line number	Diff line number	Diff line
		@@ -61,6 +61,8 @@ EXPORT_PER_CPU_SYMBOL_GPL(x86_spec_ctrl_current);
		u64 x86_pred_cmd __ro_after_init = PRED_CMD_IBPB;
		EXPORT_SYMBOL_GPL(x86_pred_cmd);

		static u64 __ro_after_init ia32_cap;

		static DEFINE_MUTEX(spec_ctrl_mutex);

		void (*x86_return_thunk)(void) __ro_after_init = __x86_return_thunk;
		@@ -144,6 +146,8 @@ void __init cpu_select_mitigations(void)
		x86_spec_ctrl_base &= ~SPEC_CTRL_MITIGATIONS_MASK;
		}

		ia32_cap = x86_read_arch_cap_msr();

		/* Select the proper CPU mitigations before patching alternatives: */
		spectre_v1_select_mitigation();
		spectre_v2_select_mitigation();
		@@ -301,8 +305,6 @@ static const char * const taa_strings[] = {

		static void __init taa_select_mitigation(void)
		{
		u64 ia32_cap;

		if (!boot_cpu_has_bug(X86_BUG_TAA)) {
		taa_mitigation = TAA_MITIGATION_OFF;
		return;
		@@ -341,7 +343,6 @@ static void __init taa_select_mitigation(void)
		* On MDS_NO=1 CPUs if ARCH_CAP_TSX_CTRL_MSR is not set, microcode
		* update is required.
		*/
		ia32_cap = x86_read_arch_cap_msr();
		if ( (ia32_cap & ARCH_CAP_MDS_NO) &&
		!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR))
		taa_mitigation = TAA_MITIGATION_UCODE_NEEDED;
		@@ -401,8 +402,6 @@ static const char * const mmio_strings[] = {

		static void __init mmio_select_mitigation(void)
		{
		u64 ia32_cap;

		if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) \|\|
		boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN) \|\|
		cpu_mitigations_off()) {
		@@ -413,8 +412,6 @@ static void __init mmio_select_mitigation(void)
		if (mmio_mitigation == MMIO_MITIGATION_OFF)
		return;

		ia32_cap = x86_read_arch_cap_msr();

		/*
		* Enable CPU buffer clear mitigation for host and VMM, if also affected
		* by MDS or TAA. Otherwise, enable mitigation for VMM only.
		@@ -508,7 +505,7 @@ static void __init rfds_select_mitigation(void)
		if (rfds_mitigation == RFDS_MITIGATION_OFF)
		return;

		if (x86_read_arch_cap_msr() & ARCH_CAP_RFDS_CLEAR)
		if (ia32_cap & ARCH_CAP_RFDS_CLEAR)
		setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
		else
		rfds_mitigation = RFDS_MITIGATION_UCODE_NEEDED;
		@@ -659,8 +656,6 @@ void update_srbds_msr(void)

		static void __init srbds_select_mitigation(void)
		{
		u64 ia32_cap;

		if (!boot_cpu_has_bug(X86_BUG_SRBDS))
		return;

		@@ -669,7 +664,6 @@ static void __init srbds_select_mitigation(void)
		* are only exposed to SRBDS when TSX is enabled or when CPU is affected
		* by Processor MMIO Stale Data vulnerability.
		*/
		ia32_cap = x86_read_arch_cap_msr();
		if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
		!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA))
		srbds_mitigation = SRBDS_MITIGATION_TSX_OFF;
		@@ -813,7 +807,7 @@ static void __init gds_select_mitigation(void)
		/* Will verify below that mitigation _can_ be disabled */

		/* No microcode */
		if (!(x86_read_arch_cap_msr() & ARCH_CAP_GDS_CTRL)) {
		if (!(ia32_cap & ARCH_CAP_GDS_CTRL)) {
		if (gds_mitigation == GDS_MITIGATION_FORCE) {
		/*
		* This only needs to be done on the boot CPU so do it
		@@ -1908,8 +1902,6 @@ static void update_indir_branch_cond(void)
		/* Update the static key controlling the MDS CPU buffer clear in idle */
		static void update_mds_branch_idle(void)
		{
		u64 ia32_cap = x86_read_arch_cap_msr();

		/*
		* Enable the idle clearing if SMT is active on CPUs which are
		* affected only by MSBDS and not any other MDS variant.
		@@ -2818,7 +2810,7 @@ static const char *spectre_bhi_state(void)
		else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP))
		return "; BHI: SW loop, KVM: SW loop";
		else if (boot_cpu_has(X86_FEATURE_RETPOLINE) &&
		!(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA))
		!(ia32_cap & ARCH_CAP_RRSBA))
		return "; BHI: Retpoline";
		else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT))
		return "; BHI: Syscall hardening, KVM: SW loop";