Patch "[PATCH 70/76] x86/speculation: Support 'mitigations=' cmdline option" has been added to the 4.9-stable tree

gregkh at linuxfoundation.org gregkh at linuxfoundation.org
Wed May 15 03:05:49 AEST 2019 

This is a note to let you know that I've just added the patch titled

    [PATCH 70/76] x86/speculation: Support 'mitigations=' cmdline option

to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     0070-x86-speculation-Support-mitigations-cmdline-option.patch
and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable at vger.kernel.org> know about it.


>From 9137d21d9fdd50e1615bdd4be82dd9921376c2b7 Mon Sep 17 00:00:00 2001
From: Josh Poimboeuf <jpoimboe at redhat.com>
Date: Fri, 12 Apr 2019 15:39:29 -0500
Subject: [PATCH 70/76] x86/speculation: Support 'mitigations=' cmdline option

commit d68be4c4d31295ff6ae34a8ddfaa4c1a8ff42812 upstream.

Configure x86 runtime CPU speculation bug mitigations in accordance with
the 'mitigations=' cmdline option.  This affects Meltdown, Spectre v2,
Speculative Store Bypass, and L1TF.

The default behavior is unchanged.

Signed-off-by: Josh Poimboeuf <jpoimboe at redhat.com>
Signed-off-by: Thomas Gleixner <tglx at linutronix.de>
Tested-by: Jiri Kosina <jkosina at suse.cz> (on x86)
Reviewed-by: Jiri Kosina <jkosina at suse.cz>
Cc: Borislav Petkov <bp at alien8.de>
Cc: "H . Peter Anvin" <hpa at zytor.com>
Cc: Andy Lutomirski <luto at kernel.org>
Cc: Peter Zijlstra <peterz at infradead.org>
Cc: Jiri Kosina <jikos at kernel.org>
Cc: Waiman Long <longman at redhat.com>
Cc: Andrea Arcangeli <aarcange at redhat.com>
Cc: Jon Masters <jcm at redhat.com>
Cc: Benjamin Herrenschmidt <benh at kernel.crashing.org>
Cc: Paul Mackerras <paulus at samba.org>
Cc: Michael Ellerman <mpe at ellerman.id.au>
Cc: linuxppc-dev at lists.ozlabs.org
Cc: Martin Schwidefsky <schwidefsky at de.ibm.com>
Cc: Heiko Carstens <heiko.carstens at de.ibm.com>
Cc: linux-s390 at vger.kernel.org
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Will Deacon <will.deacon at arm.com>
Cc: linux-arm-kernel at lists.infradead.org
Cc: linux-arch at vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
Cc: Tyler Hicks <tyhicks at canonical.com>
Cc: Linus Torvalds <torvalds at linux-foundation.org>
Cc: Randy Dunlap <rdunlap at infradead.org>
Cc: Steven Price <steven.price at arm.com>
Cc: Phil Auld <pauld at redhat.com>
Link: https://lkml.kernel.org/r/6616d0ae169308516cfdf5216bedd169f8a8291b.1555085500.git.jpoimboe@redhat.com
[bwh: Backported to 4.9: adjust filenames, context]
Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
---
 Documentation/kernel-parameters.txt | 16 +++++++++++-----
 arch/x86/kernel/cpu/bugs.c          | 11 +++++++++--
 arch/x86/mm/kaiser.c                |  4 +++-
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 23af0afe24d1..5f81df18b2be 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2474,15 +2474,20 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 			http://repo.or.cz/w/linux-2.6/mini2440.git
 
 	mitigations=
-			Control optional mitigations for CPU vulnerabilities.
-			This is a set of curated, arch-independent options, each
-			of which is an aggregation of existing arch-specific
-			options.
+			[X86] Control optional mitigations for CPU
+			vulnerabilities.  This is a set of curated,
+			arch-independent options, each of which is an
+			aggregation of existing arch-specific options.
 
 			off
 				Disable all optional CPU mitigations.  This
 				improves system performance, but it may also
 				expose users to several CPU vulnerabilities.
+				Equivalent to: nopti [X86]
+					       nospectre_v2 [X86]
+					       spectre_v2_user=off [X86]
+					       spec_store_bypass_disable=off [X86]
+					       l1tf=off [X86]
 
 			auto (default)
 				Mitigate all CPU vulnerabilities, but leave SMT
@@ -2490,12 +2495,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 				users who don't want to be surprised by SMT
 				getting disabled across kernel upgrades, or who
 				have other ways of avoiding SMT-based attacks.
-				This is the default behavior.
+				Equivalent to: (default behavior)
 
 			auto,nosmt
 				Mitigate all CPU vulnerabilities, disabling SMT
 				if needed.  This is for users who always want to
 				be fully mitigated, even if it means losing SMT.
+				Equivalent to: l1tf=flush,nosmt [X86]
 
 	mminit_loglevel=
 			[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index d81f55e4ca5c..c2e07be3773c 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -500,7 +500,8 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
 	char arg[20];
 	int ret, i;
 
-	if (cmdline_find_option_bool(boot_command_line, "nospectre_v2"))
+	if (cmdline_find_option_bool(boot_command_line, "nospectre_v2") ||
+	    cpu_mitigations_off())
 		return SPECTRE_V2_CMD_NONE;
 
 	ret = cmdline_find_option(boot_command_line, "spectre_v2", arg, sizeof(arg));
@@ -764,7 +765,8 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void)
 	char arg[20];
 	int ret, i;
 
-	if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disable")) {
+	if (cmdline_find_option_bool(boot_command_line, "nospec_store_bypass_disable") ||
+	    cpu_mitigations_off()) {
 		return SPEC_STORE_BYPASS_CMD_NONE;
 	} else {
 		ret = cmdline_find_option(boot_command_line, "spec_store_bypass_disable",
@@ -1085,6 +1087,11 @@ static void __init l1tf_select_mitigation(void)
 	if (!boot_cpu_has_bug(X86_BUG_L1TF))
 		return;
 
+	if (cpu_mitigations_off())
+		l1tf_mitigation = L1TF_MITIGATION_OFF;
+	else if (cpu_mitigations_auto_nosmt())
+		l1tf_mitigation = L1TF_MITIGATION_FLUSH_NOSMT;
+
 	override_cache_bits(&boot_cpu_data);
 
 	switch (l1tf_mitigation) {
diff --git a/arch/x86/mm/kaiser.c b/arch/x86/mm/kaiser.c
index 3f729e20f0e3..12522dbae615 100644
--- a/arch/x86/mm/kaiser.c
+++ b/arch/x86/mm/kaiser.c
@@ -9,6 +9,7 @@
 #include <linux/spinlock.h>
 #include <linux/mm.h>
 #include <linux/uaccess.h>
+#include <linux/cpu.h>
 
 #undef pr_fmt
 #define pr_fmt(fmt)     "Kernel/User page tables isolation: " fmt
@@ -297,7 +298,8 @@ void __init kaiser_check_boottime_disable(void)
 			goto skip;
 	}
 
-	if (cmdline_find_option_bool(boot_command_line, "nopti"))
+	if (cmdline_find_option_bool(boot_command_line, "nopti") ||
+	    cpu_mitigations_off())
 		goto disable;
 
 skip:
-- 
2.21.0



Patches currently in stable-queue which might be from jpoimboe at redhat.com are

queue-4.9/0037-x86-speculation-Add-command-line-control-for-indirec.patch
queue-4.9/0026-x86-speculation-Disable-STIBP-when-enhanced-IBRS-is-.patch
queue-4.9/0022-x86-speculation-Update-the-TIF_SSBD-comment.patch
queue-4.9/0046-x86-speculation-Enable-prctl-mode-for-spectre_v2_use.patch
queue-4.9/0042-x86-speculation-Split-out-TIF-update.patch
queue-4.9/0044-x86-speculation-Prevent-stale-SPEC_CTRL-msr-content.patch
queue-4.9/0069-cpu-speculation-Add-mitigations-cmdline-option.patch
queue-4.9/0047-x86-speculation-Add-seccomp-Spectre-v2-user-space-pr.patch
queue-4.9/0038-x86-speculation-Prepare-for-per-task-indirect-branch.patch
queue-4.9/0034-x86-speculation-Mark-string-arrays-const-correctly.patch
queue-4.9/0068-x86-speculation-mds-Print-SMT-vulnerable-on-MSBDS-wi.patch
queue-4.9/0035-x86-speculataion-Mark-command-line-parser-data-__ini.patch
queue-4.9/0041-x86-speculation-Prepare-for-conditional-IBPB-in-swit.patch
queue-4.9/0033-x86-speculation-Reorder-the-spec_v2-code.patch
queue-4.9/0045-x86-speculation-Add-prctl-control-for-indirect-branc.patch
queue-4.9/0025-x86-speculation-Move-STIPB-IBPB-string-conditionals-.patch
queue-4.9/0040-x86-speculation-Avoid-__switch_to_xtra-calls.patch
queue-4.9/0043-x86-speculation-Prepare-arch_smt_update-for-PRCTL-mo.patch
queue-4.9/0028-x86-speculation-Reorganize-speculation-control-MSRs-.patch
queue-4.9/0031-x86-speculation-Rework-SMT-state-change.patch
queue-4.9/0024-x86-speculation-Remove-unnecessary-ret-variable-in-c.patch
queue-4.9/0018-x86-speculation-Apply-IBPB-more-strictly-to-avoid-cr.patch
queue-4.9/0029-x86-Kconfig-Select-SCHED_SMT-if-SMP-enabled.patch
queue-4.9/0071-x86-speculation-mds-Add-mitigations-support-for-MDS.patch
queue-4.9/0070-x86-speculation-Support-mitigations-cmdline-option.patch
queue-4.9/0065-x86-speculation-Move-arch_smt_update-call-to-after-m.patch
queue-4.9/0017-Documentation-l1tf-Fix-small-spelling-typo.patch
queue-4.9/0067-x86-speculation-mds-Fix-comment.patch
queue-4.9/0064-x86-speculation-mds-Add-mds-full-nosmt-cmdline-optio.patch
queue-4.9/0036-x86-speculation-Unify-conditional-spectre-v2-print-f.patch
queue-4.9/0027-x86-speculation-Rename-SSBD-update-functions.patch
queue-4.9/0074-x86-speculation-mds-Fix-documentation-typo.patch
queue-4.9/0020-x86-speculation-Propagate-information-about-RSB-fill.patch
queue-4.9/0032-x86-l1tf-Show-actual-SMT-state.patch
queue-4.9/0023-x86-speculation-Clean-up-spectre_v2_parse_cmdline.patch
queue-4.9/0066-x86-speculation-mds-Add-SMT-warning-message.patch
queue-4.9/0048-x86-speculation-Provide-IBPB-always-command-line-opt.patch
queue-4.9/0039-x86-process-Consolidate-and-simplify-switch_to_xtra-.patch
queue-4.9/0019-x86-speculation-Enable-cross-hyperthread-spectre-v2-.patch
queue-4.9/0011-x86-mm-Use-WRITE_ONCE-when-setting-PTEs.patch

More information about the Linuxppc-dev mailing list