Lines Matching +full:conditional +full:- +full:select
1 // SPDX-License-Identifier: GPL-2.0
6 * - Rafael R. Reilova (moved everything from head.S),
8 * - Channing Corn (tests & fixes),
9 * - Andrew D. Balsa (code cleanup).
20 #include <asm/spec-ctrl.h>
24 #include <asm/processor-flags.h>
54 /* The base value of the SPEC_CTRL MSR without task-specific bits set */
58 /* The current value of the SPEC_CTRL MSR with task-specific bits set */
97 * When KERNEL_IBRS this MSR is written on return-to-user, unless in update_spec_ctrl_cond()
117 /* Control conditional STIBP in switch_to() */
119 /* Control conditional IBPB in switch_mm() */
163 /* Select the proper CPU mitigations before patching alternatives: */ in cpu_select_mitigations()
219 hostval = ssbd_tif_to_spec_ctrl(ti->flags); in x86_virt_spec_ctrl()
248 /* Default mitigation for MDS-affected CPUs */
267 /* Default mitigation for TAA-affected CPUs */
321 return -EINVAL; in mds_cmdline()
393 * TSX is enabled, select alternate mitigation for TAA which is in taa_select_mitigation()
411 return -EINVAL; in tsx_async_abort_parse_cmdline()
459 * mitigations, disable KVM-only mitigation in that case. in mmio_select_mitigation()
467 * If Processor-MMIO-Stale-Data bug is present and Fill Buffer data can in mmio_select_mitigation()
499 return -EINVAL; in mmio_stale_data_parse_cmdline()
544 return -EINVAL; in rfds_parse_cmdline()
617 * As these mitigations are inter-related and rely on VERW instruction in md_clear_select_mitigation()
712 return -EINVAL; in srbds_parse_cmdline()
738 pr_info("Conditional flush on switch_mm() enabled\n"); in l1d_flush_select_mitigation()
876 return -EINVAL; in gds_parse_cmdline()
919 * Consider SMAP to be non-functional as a mitigation on these in smap_works_speculatively()
938 * path of a conditional swapgs with a user-controlled GS in spectre_v1_select_mitigation()
963 * Enable lfences in the kernel entry (non-swapgs) in spectre_v1_select_mitigation()
1022 return -EINVAL; in retbleed_parse_cmdline()
1147 * software-based untraining so clear those in case some in retbleed_select_mitigation()
1232 return -EINVAL; in its_parse_cmdline()
1280 pr_err("WARNING: Spectre-v2 mitigation is off, disabling ITS\n"); in its_select_mitigation()
1362 return spectre_v2_bad_module ? " - vulnerable module loaded" : ""; in spectre_v2_module_string()
1429 [SPECTRE_V2_USER_STRICT_PREFERRED] = "User space: Mitigation: STIBP always-on protection",
1550 "always-on" : "conditional"); in spectre_v2_user_select_mitigation()
1557 * Intel's Enhanced IBRS also protects against cross-thread branch target in spectre_v2_user_select_mitigation()
1558 * injection in user-mode as the IBRS bit remains always set which in spectre_v2_user_select_mitigation()
1559 * implicitly enables cross-thread protections. However, in legacy IBRS in spectre_v2_user_select_mitigation()
1562 * These modes therefore disable the implicit cross-thread protection, in spectre_v2_user_select_mitigation()
1573 * If STIBP support is not being forced, check if STIBP always-on in spectre_v2_user_select_mitigation()
1584 pr_info("Selecting STIBP always-on mode to complement retbleed mitigation\n"); in spectre_v2_user_select_mitigation()
1661 pr_err("%s selected but not compiled in. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1670 pr_err("%s selected but CPU doesn't have Enhanced or Automatic IBRS. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1678 pr_err("%s selected, but CPU doesn't have a serializing LFENCE. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1684 pr_err("%s selected but not compiled in. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1690 pr_err("%s selected but not Intel CPU. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1696 pr_err("%s selected but CPU doesn't have IBRS. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1702 pr_err("%s selected but running as XenPV guest. Switching to AUTO select\n", in spectre_v2_parse_cmdline()
1724 /* Disable in-kernel use of non-RSB RET predictors */
1747 * code related to RSB-related mitigations. Before doing so, carefully in spectre_v2_select_rsb_mitigation()
1750 * Documentation/admin-guide/hw-vuln/rsb.rst in spectre_v2_select_rsb_mitigation()
1754 * - User->user RSB attacks are conditionally mitigated during in spectre_v2_select_rsb_mitigation()
1755 * context switches by cond_mitigation -> write_ibpb(). in spectre_v2_select_rsb_mitigation()
1757 * - User->kernel and guest->host attacks are mitigated by eIBRS or in spectre_v2_select_rsb_mitigation()
1773 pr_info("Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT\n"); in spectre_v2_select_rsb_mitigation()
1821 return -EINVAL; in spectre_bhi_parse_cmdline()
1970 * JMPs gets protection against BHI and Intramode-BTI, but RET in spectre_v2_select_mitigation()
1971 * prediction from a non-RSB predictor is still a risk. in spectre_v2_select_mitigation()
1993 * the user might select retpoline on the kernel command line and if in spectre_v2_select_mitigation()
1994 * the CPU supports Enhanced IBRS, kernel might un-intentionally not in spectre_v2_select_mitigation()
2034 mask & SPEC_CTRL_STIBP ? "always-on" : "off"); in update_stibp_strict()
2073 …n, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for…
2074 …n, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_ab…
2075 …n, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mm…
2240 * - X86_BUG_SPEC_STORE_BYPASS - CPU is susceptible. in __ssb_select_mitigation()
2241 * - X86_FEATURE_SSBD - CPU is able to turn off speculative store bypass in __ssb_select_mitigation()
2242 * - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation in __ssb_select_mitigation()
2280 * task, but for a non-current task delay setting the CPU in task_update_spec_tif()
2294 return -EPERM; in l1d_flush_prctl_set()
2298 set_ti_thread_flag(&task->thread_info, TIF_SPEC_L1D_FLUSH); in l1d_flush_prctl_set()
2301 clear_ti_thread_flag(&task->thread_info, TIF_SPEC_L1D_FLUSH); in l1d_flush_prctl_set()
2304 return -ERANGE; in l1d_flush_prctl_set()
2312 return -ENXIO; in ssb_prctl_set()
2318 return -EPERM; in ssb_prctl_set()
2336 return -EPERM; in ssb_prctl_set()
2342 return -ERANGE; in ssb_prctl_set()
2370 * If either is set to conditional, allow the task flag to be in ib_prctl_set()
2371 * updated, unless it was force-disabled by a previous prctl in ib_prctl_set()
2380 return -EPERM; in ib_prctl_set()
2393 return -EPERM; in ib_prctl_set()
2406 return -ERANGE; in ib_prctl_set()
2422 return -ENODEV; in arch_prctl_spec_ctrl_set()
2442 if (test_ti_thread_flag(&task->thread_info, TIF_SPEC_L1D_FLUSH)) in l1d_flush_prctl_get()
2502 return -ENODEV; in arch_prctl_spec_ctrl_get()
2521 /* Default mitigation for L1TF-affected CPUs */
2546 if (c->x86 != 6) in override_cache_bits()
2549 switch (c->x86_vfm) { in override_cache_bits()
2563 if (c->x86_cache_bits < 44) in override_cache_bits()
2564 c->x86_cache_bits = 44; in override_cache_bits()
2604 e820__mapped_any(half_pa, ULLONG_MAX - half_pa, E820_TYPE_RAM)) { in l1tf_select_mitigation()
2609 …pr_info("Reading https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html might help y… in l1tf_select_mitigation()
2622 return -EINVAL; in l1tf_cmdline()
2680 return -EINVAL; in srso_parse_cmdline()
2686 else if (!strcmp(str, "safe-ret")) in srso_parse_cmdline()
2690 else if (!strcmp(str, "ibpb-vmexit")) in srso_parse_cmdline()
2699 #define SRSO_NOTICE "WARNING: See https://kernel.org/doc/html/latest/admin-guide/hw-vuln/srso.html …
2730 pr_warn("IBPB-extending microcode not applied!\n"); in srso_select_mitigation()
2782 * software-based untraining so clear those in case some in srso_select_mitigation()
2851 [VMENTER_L1D_FLUSH_COND] = "conditional cache flushes",
2969 return "; STIBP: always-on"; in stibp_state()
2973 return "; STIBP: conditional"; in stibp_state()
2982 return "; IBPB: always-on"; in ibpb_state()
2984 return "; IBPB: conditional"; in ibpb_state()
2995 return "; PBRSB-eIBRS: SW sequence"; in pbrsb_eibrs_state()
2997 return "; PBRSB-eIBRS: Vulnerable"; in pbrsb_eibrs_state()
2999 return "; PBRSB-eIBRS: Not affected"; in pbrsb_eibrs_state()
3056 return sysfs_emit(buf, "Vulnerable: untrained return thunk / IBPB on non-AMD based uarch\n"); in retbleed_show_state()