tjh.dev
+9
-13
Documentation/admin-guide/hw-vuln/spectre.rst
+9
-13
Documentation/admin-guide/hw-vuln/spectre.rst
···
439
439
- System is protected by retpoline
440
440
* - BHI: BHI_DIS_S
441
441
- System is protected by BHI_DIS_S
442
-
* - BHI: SW loop; KVM SW loop
442
+
* - BHI: SW loop, KVM SW loop
443
443
- System is protected by software clearing sequence
444
-
* - BHI: Syscall hardening
445
-
- Syscalls are hardened against BHI
446
-
* - BHI: Syscall hardening; KVM: SW loop
447
-
- System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence
444
+
* - BHI: Vulnerable
445
+
- System is vulnerable to BHI
446
+
* - BHI: Vulnerable, KVM: SW loop
447
+
- System is vulnerable; KVM is protected by software clearing sequence
448
448
449
449
Full mitigation might require a microcode update from the CPU
450
450
vendor. When the necessary microcode is not available, the kernel will
···
661
661
spectre_bhi=
662
662
663
663
[X86] Control mitigation of Branch History Injection
664
-
(BHI) vulnerability. Syscalls are hardened against BHI
665
-
regardless of this setting. This setting affects the deployment
664
+
(BHI) vulnerability. This setting affects the deployment
666
665
of the HW BHI control and the SW BHB clearing sequence.
667
666
668
667
on
669
-
unconditionally enable.
668
+
(default) Enable the HW or SW mitigation as
669
+
needed.
670
670
off
671
-
unconditionally disable.
672
-
auto
673
-
enable if hardware mitigation
674
-
control(BHI_DIS_S) is available, otherwise
675
-
enable alternate mitigation in KVM.
671
+
Disable the mitigation.
676
672
677
673
For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt
678
674
+5
-7
Documentation/admin-guide/kernel-parameters.txt
+5
-7
Documentation/admin-guide/kernel-parameters.txt
···
3444
3444
retbleed=off [X86]
3445
3445
spec_rstack_overflow=off [X86]
3446
3446
spec_store_bypass_disable=off [X86,PPC]
3447
+
spectre_bhi=off [X86]
3447
3448
spectre_v2_user=off [X86]
3448
3449
srbds=off [X86,INTEL]
3449
3450
ssbd=force-off [ARM64]
···
6065
6064
See Documentation/admin-guide/laptops/sonypi.rst
6066
6065
6067
6066
spectre_bhi= [X86] Control mitigation of Branch History Injection
6068
-
(BHI) vulnerability. Syscalls are hardened against BHI
6069
-
reglardless of this setting. This setting affects the
6067
+
(BHI) vulnerability. This setting affects the
6070
6068
deployment of the HW BHI control and the SW BHB
6071
6069
clearing sequence.
6072
6070
6073
-
on - unconditionally enable.
6074
-
off - unconditionally disable.
6075
-
auto - (default) enable hardware mitigation
6076
-
(BHI_DIS_S) if available, otherwise enable
6077
-
alternate mitigation in KVM.
6071
+
on - (default) Enable the HW or SW mitigation
6072
+
as needed.
6073
+
off - Disable the mitigation.
6078
6074
6079
6075
spectre_v2= [X86,EARLY] Control mitigation of Spectre variant 2
6080
6076
(indirect branch speculation) vulnerability.
+3
-19
arch/x86/Kconfig
+3
-19
arch/x86/Kconfig
···
2633
2633
stored in floating point, vector and integer registers.
2634
2634
See also <file:Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst>
2635
2635
2636
-
choice
2637
-
prompt "Clear branch history"
2636
+
config MITIGATION_SPECTRE_BHI
2637
+
bool "Mitigate Spectre-BHB (Branch History Injection)"
2638
2638
depends on CPU_SUP_INTEL
2639
-
default SPECTRE_BHI_ON
2639
+
default y
2640
2640
help
2641
2641
Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks
2642
2642
where the branch history buffer is poisoned to speculatively steer
2643
2643
indirect branches.
2644
2644
See <file:Documentation/admin-guide/hw-vuln/spectre.rst>
2645
-
2646
-
config SPECTRE_BHI_ON
2647
-
bool "on"
2648
-
help
2649
-
Equivalent to setting spectre_bhi=on command line parameter.
2650
-
config SPECTRE_BHI_OFF
2651
-
bool "off"
2652
-
help
2653
-
Equivalent to setting spectre_bhi=off command line parameter.
2654
-
config SPECTRE_BHI_AUTO
2655
-
bool "auto"
2656
-
depends on BROKEN
2657
-
help
2658
-
Equivalent to setting spectre_bhi=auto command line parameter.
2659
-
2660
-
endchoice
2661
2645
2662
2646
endif
2663
2647
+2
-1
arch/x86/include/asm/apic.h
+2
-1
arch/x86/include/asm/apic.h
···
13
13
#include <asm/mpspec.h>
14
14
#include <asm/msr.h>
15
15
#include <asm/hardirq.h>
16
+
#include <asm/io.h>
16
17
17
18
#define ARCH_APICTIMER_STOPS_ON_C3 1
18
19
···
99
98
100
99
static inline u32 native_apic_mem_read(u32 reg)
101
100
{
102
-
return *((volatile u32 *)(APIC_BASE + reg));
101
+
return readl((void __iomem *)(APIC_BASE + reg));
103
102
}
104
103
105
104
static inline void native_apic_mem_eoi(void)
+3
-3
arch/x86/kernel/apic/apic.c
+3
-3
arch/x86/kernel/apic/apic.c
···
1687
1687
1688
1688
static bool x2apic_hw_locked(void)
1689
1689
{
1690
-
u64 ia32_cap;
1690
+
u64 x86_arch_cap_msr;
1691
1691
u64 msr;
1692
1692
1693
-
ia32_cap = x86_read_arch_cap_msr();
1694
-
if (ia32_cap & ARCH_CAP_XAPIC_DISABLE) {
1693
+
x86_arch_cap_msr = x86_read_arch_cap_msr();
1694
+
if (x86_arch_cap_msr & ARCH_CAP_XAPIC_DISABLE) {
1695
1695
rdmsrl(MSR_IA32_XAPIC_DISABLE_STATUS, msr);
1696
1696
return (msr & LEGACY_XAPIC_DISABLED);
1697
1697
}
-15
arch/x86/kernel/cpu/amd.c
-15
arch/x86/kernel/cpu/amd.c
···
535
535
536
536
static void early_init_amd(struct cpuinfo_x86 *c)
537
537
{
538
-
u64 value;
539
538
u32 dummy;
540
539
541
540
if (c->x86 >= 0xf)
···
601
602
msr_set_bit(MSR_AMD64_LS_CFG, 15);
602
603
603
604
early_detect_mem_encrypt(c);
604
-
605
-
/* Re-enable TopologyExtensions if switched off by BIOS */
606
-
if (c->x86 == 0x15 &&
607
-
(c->x86_model >= 0x10 && c->x86_model <= 0x6f) &&
608
-
!cpu_has(c, X86_FEATURE_TOPOEXT)) {
609
-
610
-
if (msr_set_bit(0xc0011005, 54) > 0) {
611
-
rdmsrl(0xc0011005, value);
612
-
if (value & BIT_64(54)) {
613
-
set_cpu_cap(c, X86_FEATURE_TOPOEXT);
614
-
pr_info_once(FW_INFO "CPU: Re-enabling disabled Topology Extensions Support.\n");
615
-
}
616
-
}
617
-
}
618
605
619
606
if (!cpu_has(c, X86_FEATURE_HYPERVISOR) && !cpu_has(c, X86_FEATURE_IBPB_BRTYPE)) {
620
607
if (c->x86 == 0x17 && boot_cpu_has(X86_FEATURE_AMD_IBPB))
+36
-46
arch/x86/kernel/cpu/bugs.c
+36
-46
arch/x86/kernel/cpu/bugs.c
···
61
61
u64 x86_pred_cmd __ro_after_init = PRED_CMD_IBPB;
62
62
EXPORT_SYMBOL_GPL(x86_pred_cmd);
63
63
64
+
static u64 __ro_after_init x86_arch_cap_msr;
65
+
64
66
static DEFINE_MUTEX(spec_ctrl_mutex);
65
67
66
68
void (*x86_return_thunk)(void) __ro_after_init = __x86_return_thunk;
···
145
143
*/
146
144
x86_spec_ctrl_base &= ~SPEC_CTRL_MITIGATIONS_MASK;
147
145
}
146
+
147
+
x86_arch_cap_msr = x86_read_arch_cap_msr();
148
148
149
149
/* Select the proper CPU mitigations before patching alternatives: */
150
150
spectre_v1_select_mitigation();
···
305
301
306
302
static void __init taa_select_mitigation(void)
307
303
{
308
-
u64 ia32_cap;
309
-
310
304
if (!boot_cpu_has_bug(X86_BUG_TAA)) {
311
305
taa_mitigation = TAA_MITIGATION_OFF;
312
306
return;
···
343
341
* On MDS_NO=1 CPUs if ARCH_CAP_TSX_CTRL_MSR is not set, microcode
344
342
* update is required.
345
343
*/
346
-
ia32_cap = x86_read_arch_cap_msr();
347
-
if ( (ia32_cap & ARCH_CAP_MDS_NO) &&
348
-
!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR))
344
+
if ( (x86_arch_cap_msr & ARCH_CAP_MDS_NO) &&
345
+
!(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR))
349
346
taa_mitigation = TAA_MITIGATION_UCODE_NEEDED;
350
347
351
348
/*
···
402
401
403
402
static void __init mmio_select_mitigation(void)
404
403
{
405
-
u64 ia32_cap;
406
-
407
404
if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) ||
408
405
boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN) ||
409
406
cpu_mitigations_off()) {
···
411
412
412
413
if (mmio_mitigation == MMIO_MITIGATION_OFF)
413
414
return;
414
-
415
-
ia32_cap = x86_read_arch_cap_msr();
416
415
417
416
/*
418
417
* Enable CPU buffer clear mitigation for host and VMM, if also affected
···
434
437
* be propagated to uncore buffers, clearing the Fill buffers on idle
435
438
* is required irrespective of SMT state.
436
439
*/
437
-
if (!(ia32_cap & ARCH_CAP_FBSDP_NO))
440
+
if (!(x86_arch_cap_msr & ARCH_CAP_FBSDP_NO))
438
441
static_branch_enable(&mds_idle_clear);
439
442
440
443
/*
···
444
447
* FB_CLEAR or by the presence of both MD_CLEAR and L1D_FLUSH on MDS
445
448
* affected systems.
446
449
*/
447
-
if ((ia32_cap & ARCH_CAP_FB_CLEAR) ||
450
+
if ((x86_arch_cap_msr & ARCH_CAP_FB_CLEAR) ||
448
451
(boot_cpu_has(X86_FEATURE_MD_CLEAR) &&
449
452
boot_cpu_has(X86_FEATURE_FLUSH_L1D) &&
450
-
!(ia32_cap & ARCH_CAP_MDS_NO)))
453
+
!(x86_arch_cap_msr & ARCH_CAP_MDS_NO)))
451
454
mmio_mitigation = MMIO_MITIGATION_VERW;
452
455
else
453
456
mmio_mitigation = MMIO_MITIGATION_UCODE_NEEDED;
···
505
508
if (rfds_mitigation == RFDS_MITIGATION_OFF)
506
509
return;
507
510
508
-
if (x86_read_arch_cap_msr() & ARCH_CAP_RFDS_CLEAR)
511
+
if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)
509
512
setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
510
513
else
511
514
rfds_mitigation = RFDS_MITIGATION_UCODE_NEEDED;
···
656
659
657
660
static void __init srbds_select_mitigation(void)
658
661
{
659
-
u64 ia32_cap;
660
-
661
662
if (!boot_cpu_has_bug(X86_BUG_SRBDS))
662
663
return;
663
664
···
664
669
* are only exposed to SRBDS when TSX is enabled or when CPU is affected
665
670
* by Processor MMIO Stale Data vulnerability.
666
671
*/
667
-
ia32_cap = x86_read_arch_cap_msr();
668
-
if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
672
+
if ((x86_arch_cap_msr & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
669
673
!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA))
670
674
srbds_mitigation = SRBDS_MITIGATION_TSX_OFF;
671
675
else if (boot_cpu_has(X86_FEATURE_HYPERVISOR))
···
807
813
/* Will verify below that mitigation _can_ be disabled */
808
814
809
815
/* No microcode */
810
-
if (!(x86_read_arch_cap_msr() & ARCH_CAP_GDS_CTRL)) {
816
+
if (!(x86_arch_cap_msr & ARCH_CAP_GDS_CTRL)) {
811
817
if (gds_mitigation == GDS_MITIGATION_FORCE) {
812
818
/*
813
819
* This only needs to be done on the boot CPU so do it
···
1538
1544
return SPECTRE_V2_RETPOLINE;
1539
1545
}
1540
1546
1547
+
static bool __ro_after_init rrsba_disabled;
1548
+
1541
1549
/* Disable in-kernel use of non-RSB RET predictors */
1542
1550
static void __init spec_ctrl_disable_kernel_rrsba(void)
1543
1551
{
1544
-
u64 ia32_cap;
1552
+
if (rrsba_disabled)
1553
+
return;
1554
+
1555
+
if (!(x86_arch_cap_msr & ARCH_CAP_RRSBA)) {
1556
+
rrsba_disabled = true;
1557
+
return;
1558
+
}
1545
1559
1546
1560
if (!boot_cpu_has(X86_FEATURE_RRSBA_CTRL))
1547
1561
return;
1548
1562
1549
-
ia32_cap = x86_read_arch_cap_msr();
1550
-
1551
-
if (ia32_cap & ARCH_CAP_RRSBA) {
1552
-
x86_spec_ctrl_base |= SPEC_CTRL_RRSBA_DIS_S;
1553
-
update_spec_ctrl(x86_spec_ctrl_base);
1554
-
}
1563
+
x86_spec_ctrl_base |= SPEC_CTRL_RRSBA_DIS_S;
1564
+
update_spec_ctrl(x86_spec_ctrl_base);
1565
+
rrsba_disabled = true;
1555
1566
}
1556
1567
1557
1568
static void __init spectre_v2_determine_rsb_fill_type_at_vmexit(enum spectre_v2_mitigation mode)
···
1625
1626
enum bhi_mitigations {
1626
1627
BHI_MITIGATION_OFF,
1627
1628
BHI_MITIGATION_ON,
1628
-
BHI_MITIGATION_AUTO,
1629
1629
};
1630
1630
1631
1631
static enum bhi_mitigations bhi_mitigation __ro_after_init =
1632
-
IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON :
1633
-
IS_ENABLED(CONFIG_SPECTRE_BHI_OFF) ? BHI_MITIGATION_OFF :
1634
-
BHI_MITIGATION_AUTO;
1632
+
IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
1635
1633
1636
1634
static int __init spectre_bhi_parse_cmdline(char *str)
1637
1635
{
···
1639
1643
bhi_mitigation = BHI_MITIGATION_OFF;
1640
1644
else if (!strcmp(str, "on"))
1641
1645
bhi_mitigation = BHI_MITIGATION_ON;
1642
-
else if (!strcmp(str, "auto"))
1643
-
bhi_mitigation = BHI_MITIGATION_AUTO;
1644
1646
else
1645
1647
pr_err("Ignoring unknown spectre_bhi option (%s)", str);
1646
1648
···
1652
1658
return;
1653
1659
1654
1660
/* Retpoline mitigates against BHI unless the CPU has RRSBA behavior */
1655
-
if (cpu_feature_enabled(X86_FEATURE_RETPOLINE) &&
1656
-
!(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA))
1657
-
return;
1661
+
if (cpu_feature_enabled(X86_FEATURE_RETPOLINE)) {
1662
+
spec_ctrl_disable_kernel_rrsba();
1663
+
if (rrsba_disabled)
1664
+
return;
1665
+
}
1658
1666
1659
1667
if (spec_ctrl_bhi_dis())
1660
1668
return;
···
1667
1671
/* Mitigate KVM by default */
1668
1672
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT);
1669
1673
pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n");
1670
-
1671
-
if (bhi_mitigation == BHI_MITIGATION_AUTO)
1672
-
return;
1673
1674
1674
1675
/* Mitigate syscalls when the mitigation is forced =on */
1675
1676
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP);
···
1901
1908
/* Update the static key controlling the MDS CPU buffer clear in idle */
1902
1909
static void update_mds_branch_idle(void)
1903
1910
{
1904
-
u64 ia32_cap = x86_read_arch_cap_msr();
1905
-
1906
1911
/*
1907
1912
* Enable the idle clearing if SMT is active on CPUs which are
1908
1913
* affected only by MSBDS and not any other MDS variant.
···
1915
1924
if (sched_smt_active()) {
1916
1925
static_branch_enable(&mds_idle_clear);
1917
1926
} else if (mmio_mitigation == MMIO_MITIGATION_OFF ||
1918
-
(ia32_cap & ARCH_CAP_FBSDP_NO)) {
1927
+
(x86_arch_cap_msr & ARCH_CAP_FBSDP_NO)) {
1919
1928
static_branch_disable(&mds_idle_clear);
1920
1929
}
1921
1930
}
···
2800
2809
}
2801
2810
}
2802
2811
2803
-
static const char * const spectre_bhi_state(void)
2812
+
static const char *spectre_bhi_state(void)
2804
2813
{
2805
2814
if (!boot_cpu_has_bug(X86_BUG_BHI))
2806
2815
return "; BHI: Not affected";
···
2808
2817
return "; BHI: BHI_DIS_S";
2809
2818
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP))
2810
2819
return "; BHI: SW loop, KVM: SW loop";
2811
-
else if (boot_cpu_has(X86_FEATURE_RETPOLINE) &&
2812
-
!(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA))
2820
+
else if (boot_cpu_has(X86_FEATURE_RETPOLINE) && rrsba_disabled)
2813
2821
return "; BHI: Retpoline";
2814
-
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT))
2815
-
return "; BHI: Syscall hardening, KVM: SW loop";
2822
+
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT))
2823
+
return "; BHI: Vulnerable, KVM: SW loop";
2816
2824
2817
-
return "; BHI: Vulnerable (Syscall hardening enabled)";
2825
+
return "; BHI: Vulnerable";
2818
2826
}
2819
2827
2820
2828
static ssize_t spectre_v2_show_state(char *buf)
+24
-24
arch/x86/kernel/cpu/common.c
+24
-24
arch/x86/kernel/cpu/common.c
···
1284
1284
1285
1285
u64 x86_read_arch_cap_msr(void)
1286
1286
{
1287
-
u64 ia32_cap = 0;
1287
+
u64 x86_arch_cap_msr = 0;
1288
1288
1289
1289
if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES))
1290
-
rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap);
1290
+
rdmsrl(MSR_IA32_ARCH_CAPABILITIES, x86_arch_cap_msr);
1291
1291
1292
-
return ia32_cap;
1292
+
return x86_arch_cap_msr;
1293
1293
}
1294
1294
1295
-
static bool arch_cap_mmio_immune(u64 ia32_cap)
1295
+
static bool arch_cap_mmio_immune(u64 x86_arch_cap_msr)
1296
1296
{
1297
-
return (ia32_cap & ARCH_CAP_FBSDP_NO &&
1298
-
ia32_cap & ARCH_CAP_PSDP_NO &&
1299
-
ia32_cap & ARCH_CAP_SBDR_SSDP_NO);
1297
+
return (x86_arch_cap_msr & ARCH_CAP_FBSDP_NO &&
1298
+
x86_arch_cap_msr & ARCH_CAP_PSDP_NO &&
1299
+
x86_arch_cap_msr & ARCH_CAP_SBDR_SSDP_NO);
1300
1300
}
1301
1301
1302
-
static bool __init vulnerable_to_rfds(u64 ia32_cap)
1302
+
static bool __init vulnerable_to_rfds(u64 x86_arch_cap_msr)
1303
1303
{
1304
1304
/* The "immunity" bit trumps everything else: */
1305
-
if (ia32_cap & ARCH_CAP_RFDS_NO)
1305
+
if (x86_arch_cap_msr & ARCH_CAP_RFDS_NO)
1306
1306
return false;
1307
1307
1308
1308
/*
···
1310
1310
* indicate that mitigation is needed because guest is running on a
1311
1311
* vulnerable hardware or may migrate to such hardware:
1312
1312
*/
1313
-
if (ia32_cap & ARCH_CAP_RFDS_CLEAR)
1313
+
if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)
1314
1314
return true;
1315
1315
1316
1316
/* Only consult the blacklist when there is no enumeration: */
···
1319
1319
1320
1320
static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
1321
1321
{
1322
-
u64 ia32_cap = x86_read_arch_cap_msr();
1322
+
u64 x86_arch_cap_msr = x86_read_arch_cap_msr();
1323
1323
1324
1324
/* Set ITLB_MULTIHIT bug if cpu is not in the whitelist and not mitigated */
1325
1325
if (!cpu_matches(cpu_vuln_whitelist, NO_ITLB_MULTIHIT) &&
1326
-
!(ia32_cap & ARCH_CAP_PSCHANGE_MC_NO))
1326
+
!(x86_arch_cap_msr & ARCH_CAP_PSCHANGE_MC_NO))
1327
1327
setup_force_cpu_bug(X86_BUG_ITLB_MULTIHIT);
1328
1328
1329
1329
if (cpu_matches(cpu_vuln_whitelist, NO_SPECULATION))
···
1335
1335
setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
1336
1336
1337
1337
if (!cpu_matches(cpu_vuln_whitelist, NO_SSB) &&
1338
-
!(ia32_cap & ARCH_CAP_SSB_NO) &&
1338
+
!(x86_arch_cap_msr & ARCH_CAP_SSB_NO) &&
1339
1339
!cpu_has(c, X86_FEATURE_AMD_SSB_NO))
1340
1340
setup_force_cpu_bug(X86_BUG_SPEC_STORE_BYPASS);
1341
1341
···
1346
1346
* Don't use AutoIBRS when SNP is enabled because it degrades host
1347
1347
* userspace indirect branch performance.
1348
1348
*/
1349
-
if ((ia32_cap & ARCH_CAP_IBRS_ALL) ||
1349
+
if ((x86_arch_cap_msr & ARCH_CAP_IBRS_ALL) ||
1350
1350
(cpu_has(c, X86_FEATURE_AUTOIBRS) &&
1351
1351
!cpu_feature_enabled(X86_FEATURE_SEV_SNP))) {
1352
1352
setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED);
1353
1353
if (!cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB) &&
1354
-
!(ia32_cap & ARCH_CAP_PBRSB_NO))
1354
+
!(x86_arch_cap_msr & ARCH_CAP_PBRSB_NO))
1355
1355
setup_force_cpu_bug(X86_BUG_EIBRS_PBRSB);
1356
1356
}
1357
1357
1358
1358
if (!cpu_matches(cpu_vuln_whitelist, NO_MDS) &&
1359
-
!(ia32_cap & ARCH_CAP_MDS_NO)) {
1359
+
!(x86_arch_cap_msr & ARCH_CAP_MDS_NO)) {
1360
1360
setup_force_cpu_bug(X86_BUG_MDS);
1361
1361
if (cpu_matches(cpu_vuln_whitelist, MSBDS_ONLY))
1362
1362
setup_force_cpu_bug(X86_BUG_MSBDS_ONLY);
···
1375
1375
* TSX_CTRL check alone is not sufficient for cases when the microcode
1376
1376
* update is not present or running as guest that don't get TSX_CTRL.
1377
1377
*/
1378
-
if (!(ia32_cap & ARCH_CAP_TAA_NO) &&
1378
+
if (!(x86_arch_cap_msr & ARCH_CAP_TAA_NO) &&
1379
1379
(cpu_has(c, X86_FEATURE_RTM) ||
1380
-
(ia32_cap & ARCH_CAP_TSX_CTRL_MSR)))
1380
+
(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR)))
1381
1381
setup_force_cpu_bug(X86_BUG_TAA);
1382
1382
1383
1383
/*
···
1403
1403
* Set X86_BUG_MMIO_UNKNOWN for CPUs that are neither in the blacklist,
1404
1404
* nor in the whitelist and also don't enumerate MSR ARCH_CAP MMIO bits.
1405
1405
*/
1406
-
if (!arch_cap_mmio_immune(ia32_cap)) {
1406
+
if (!arch_cap_mmio_immune(x86_arch_cap_msr)) {
1407
1407
if (cpu_matches(cpu_vuln_blacklist, MMIO))
1408
1408
setup_force_cpu_bug(X86_BUG_MMIO_STALE_DATA);
1409
1409
else if (!cpu_matches(cpu_vuln_whitelist, NO_MMIO))
···
1411
1411
}
1412
1412
1413
1413
if (!cpu_has(c, X86_FEATURE_BTC_NO)) {
1414
-
if (cpu_matches(cpu_vuln_blacklist, RETBLEED) || (ia32_cap & ARCH_CAP_RSBA))
1414
+
if (cpu_matches(cpu_vuln_blacklist, RETBLEED) || (x86_arch_cap_msr & ARCH_CAP_RSBA))
1415
1415
setup_force_cpu_bug(X86_BUG_RETBLEED);
1416
1416
}
1417
1417
···
1429
1429
* disabling AVX2. The only way to do this in HW is to clear XCR0[2],
1430
1430
* which means that AVX will be disabled.
1431
1431
*/
1432
-
if (cpu_matches(cpu_vuln_blacklist, GDS) && !(ia32_cap & ARCH_CAP_GDS_NO) &&
1432
+
if (cpu_matches(cpu_vuln_blacklist, GDS) && !(x86_arch_cap_msr & ARCH_CAP_GDS_NO) &&
1433
1433
boot_cpu_has(X86_FEATURE_AVX))
1434
1434
setup_force_cpu_bug(X86_BUG_GDS);
1435
1435
1436
-
if (vulnerable_to_rfds(ia32_cap))
1436
+
if (vulnerable_to_rfds(x86_arch_cap_msr))
1437
1437
setup_force_cpu_bug(X86_BUG_RFDS);
1438
1438
1439
1439
/* When virtualized, eIBRS could be hidden, assume vulnerable */
1440
-
if (!(ia32_cap & ARCH_CAP_BHI_NO) &&
1440
+
if (!(x86_arch_cap_msr & ARCH_CAP_BHI_NO) &&
1441
1441
!cpu_matches(cpu_vuln_whitelist, NO_BHI) &&
1442
1442
(boot_cpu_has(X86_FEATURE_IBRS_ENHANCED) ||
1443
1443
boot_cpu_has(X86_FEATURE_HYPERVISOR)))
···
1447
1447
return;
1448
1448
1449
1449
/* Rogue Data Cache Load? No! */
1450
-
if (ia32_cap & ARCH_CAP_RDCL_NO)
1450
+
if (x86_arch_cap_msr & ARCH_CAP_RDCL_NO)
1451
1451
return;
1452
1452
1453
1453
setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
+5
-2
arch/x86/kernel/cpu/topology.c
+5
-2
arch/x86/kernel/cpu/topology.c
···
123
123
early_per_cpu(x86_cpu_to_apicid, cpu) = apic_id;
124
124
early_per_cpu(x86_cpu_to_acpiid, cpu) = acpi_id;
125
125
#endif
126
-
set_cpu_possible(cpu, true);
127
126
set_cpu_present(cpu, true);
128
127
}
129
128
···
209
210
topo_info.nr_disabled_cpus++;
210
211
}
211
212
212
-
/* Register present and possible CPUs in the domain maps */
213
+
/*
214
+
* Register present and possible CPUs in the domain
215
+
* maps. cpu_possible_map will be updated in
216
+
* topology_init_possible_cpus() after enumeration is done.
217
+
*/
213
218
for (dom = TOPO_SMT_DOMAIN; dom < TOPO_MAX_DOMAIN; dom++)
214
219
set_bit(topo_apicid(apic_id, dom), apic_maps[dom].map);
215
220
}
+42
-9
arch/x86/kernel/cpu/topology_amd.c
+42
-9
arch/x86/kernel/cpu/topology_amd.c
···
29
29
if (!sft)
30
30
sft = get_count_order(ecx.cpu_nthreads + 1);
31
31
32
-
topology_set_dom(tscan, TOPO_SMT_DOMAIN, sft, ecx.cpu_nthreads + 1);
32
+
/*
33
+
* cpu_nthreads describes the number of threads in the package
34
+
* sft is the number of APIC ID bits per package
35
+
*
36
+
* As the number of actual threads per core is not described in
37
+
* this leaf, just set the CORE domain shift and let the later
38
+
* parsers set SMT shift. Assume one thread per core by default
39
+
* which is correct if there are no other CPUID leafs to parse.
40
+
*/
41
+
topology_update_dom(tscan, TOPO_SMT_DOMAIN, 0, 1);
42
+
topology_set_dom(tscan, TOPO_CORE_DOMAIN, sft, ecx.cpu_nthreads + 1);
33
43
return true;
34
44
}
35
45
36
-
static void store_node(struct topo_scan *tscan, unsigned int nr_nodes, u16 node_id)
46
+
static void store_node(struct topo_scan *tscan, u16 nr_nodes, u16 node_id)
37
47
{
38
48
/*
39
49
* Starting with Fam 17h the DIE domain could probably be used to
···
83
73
tscan->c->topo.initial_apicid = leaf.ext_apic_id;
84
74
85
75
/*
86
-
* If leaf 0xb is available, then SMT shift is set already. If not
87
-
* take it from ecx.threads_per_core and use topo_update_dom() -
88
-
* topology_set_dom() would propagate and overwrite the already
89
-
* propagated CORE level.
76
+
* If leaf 0xb is available, then the domain shifts are set
77
+
* already and nothing to do here.
90
78
*/
91
79
if (!has_0xb) {
80
+
/*
81
+
* Leaf 0x80000008 set the CORE domain shift already.
82
+
* Update the SMT domain, but do not propagate it.
83
+
*/
92
84
unsigned int nthreads = leaf.core_nthreads + 1;
93
85
94
86
topology_update_dom(tscan, TOPO_SMT_DOMAIN, get_count_order(nthreads), nthreads);
···
121
109
122
110
static bool parse_fam10h_node_id(struct topo_scan *tscan)
123
111
{
124
-
struct {
125
-
union {
112
+
union {
113
+
struct {
126
114
u64 node_id : 3,
127
115
nodes_per_pkg : 3,
128
116
unused : 58;
129
-
u64 msr;
130
117
};
118
+
u64 msr;
131
119
} nid;
132
120
133
121
if (!boot_cpu_has(X86_FEATURE_NODEID_MSR))
···
145
133
146
134
/* parse_8000_0008() set everything up except llc_id */
147
135
tscan->c->topo.llc_id = apicid >> tscan->dom_shifts[TOPO_CORE_DOMAIN];
136
+
}
137
+
138
+
static void topoext_fixup(struct topo_scan *tscan)
139
+
{
140
+
struct cpuinfo_x86 *c = tscan->c;
141
+
u64 msrval;
142
+
143
+
/* Try to re-enable TopologyExtensions if switched off by BIOS */
144
+
if (cpu_has(c, X86_FEATURE_TOPOEXT) || c->x86_vendor != X86_VENDOR_AMD ||
145
+
c->x86 != 0x15 || c->x86_model < 0x10 || c->x86_model > 0x6f)
146
+
return;
147
+
148
+
if (msr_set_bit(0xc0011005, 54) <= 0)
149
+
return;
150
+
151
+
rdmsrl(0xc0011005, msrval);
152
+
if (msrval & BIT_64(54)) {
153
+
set_cpu_cap(c, X86_FEATURE_TOPOEXT);
154
+
pr_info_once(FW_INFO "CPU: Re-enabling disabled Topology Extensions Support.\n");
155
+
}
148
156
}
149
157
150
158
static void parse_topology_amd(struct topo_scan *tscan)
···
196
164
void cpu_parse_topology_amd(struct topo_scan *tscan)
197
165
{
198
166
tscan->amd_nodes_per_pkg = 1;
167
+
topoext_fixup(tscan);
199
168
parse_topology_amd(tscan);
200
169
201
170
if (tscan->amd_nodes_per_pkg > 1)
+2
-1
kernel/cpu.c
+2
-1
kernel/cpu.c
···
3207
3207
};
3208
3208
3209
3209
static enum cpu_mitigations cpu_mitigations __ro_after_init =
3210
-
CPU_MITIGATIONS_AUTO;
3210
+
IS_ENABLED(CONFIG_SPECULATION_MITIGATIONS) ? CPU_MITIGATIONS_AUTO :
3211
+
CPU_MITIGATIONS_OFF;
3211
3212
3212
3213
static int __init mitigations_parse_cmdline(char *arg)
3213
3214
{