Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp337691rwe; Fri, 26 Aug 2022 06:05:57 -0700 (PDT) X-Google-Smtp-Source: AA6agR4GzR4jQ7ma7OXGk5idmiEthJRLpC8ljHFg1d8NXtDXHtpwjIkZXwSryufx5EEURhMcIVfB X-Received: by 2002:a63:43c7:0:b0:429:7abb:aaf7 with SMTP id q190-20020a6343c7000000b004297abbaaf7mr3167514pga.204.1661519157218; Fri, 26 Aug 2022 06:05:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661519157; cv=none; d=google.com; s=arc-20160816; b=atjOJ18zOicyFnTIDTcQLC6UWYUNmsp/XubRgJBJiIbEeq04wUePG3JjAPXAjLbg03 A28gC3b+PGZFAkbR7CnOga+k5AGQckHiPDpRaJbmF6J8phBumgDcz7LA4l3xCS5x2tuz y8L2B8YlNx8qegJy8kzj7o0A5YY09gmNU5iQ3RkN3qdUnlblKupoIouzXtcPjxgzOE0F 5OjpdvbSffNXY5juHjVBo9gLQ0BQ0aL5k2qZXplH2r3FQHH2toHPSAfZ7VFoqM9+W5JV YOV2baEG65MCWKlXjqg8ADvYl1nrIQexfnvXTTMOqYJPJD8oTyWYjpg9lycyX4MTzsKs YuXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from; bh=4ZnM6+i6ZypkX0aDsvFmgTJ3Mbhkz2DDavI9PHiouV4=; b=krptzNFrSlpgCBnowjjGcZFXne0wYqzy1skZ1y7o3H2JVNtWo+IBeikPNY8TlaAod2 zu1uHTOrNtvBmXgm4Z+24+voKvzZM24kWaO/wG2IFRCHlzZDJoW6tZc/Bd1kHroipcM3 VsXnHrC96Mh5rBf8dPkrMXvreEDROcqwnsWaFerPi5PhBkB0mXfSvJAhvog+LwXzZTb5 PH0bVFiid97e12F+KmzwNItWmiKIEZEPJ5+gJRR54DbS1OpbQ0DYW0waQnAJSC0bgEfs VvyRx+cV9EhWDzuz2PSXdCcl5W6FE00WbicXiO6pPuRP5aLdMZeS379RY+qhnM0lyGoQ +JKg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y3-20020a17090322c300b0016f1e61cfaasi1682392plg.343.2022.08.26.06.05.36; Fri, 26 Aug 2022 06:05:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240077AbiHZMpP (ORCPT + 99 others); Fri, 26 Aug 2022 08:45:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235525AbiHZMpM (ORCPT ); Fri, 26 Aug 2022 08:45:12 -0400 Received: from out30-44.freemail.mail.aliyun.com (out30-44.freemail.mail.aliyun.com [115.124.30.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 164E84AD55 for ; Fri, 26 Aug 2022 05:45:08 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R471e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018045170;MF=liusong@linux.alibaba.com;NM=1;PH=DS;RN=6;SR=0;TI=SMTPD_---0VNJGpjA_1661517885; Received: from localhost(mailfrom:liusong@linux.alibaba.com fp:SMTPD_---0VNJGpjA_1661517885) by smtp.aliyun-inc.com; Fri, 26 Aug 2022 20:45:06 +0800 From: Liu Song To: liusong@linux.alibaba.com Cc: catalin.marinas@arm.com, james.morse@arm.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, will@kernel.org Subject: [PATCH v2] arm64: spectre: increase parameters that can be used to turn off bhb mitigation individually Date: Fri, 26 Aug 2022 20:44:45 +0800 Message-Id: <1661517885-112909-1-git-send-email-liusong@linux.alibaba.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <837426e9-0f24-2ce2-e631-b91276035397@linux.alibaba.com> References: <837426e9-0f24-2ce2-e631-b91276035397@linux.alibaba.com> X-Spam-Status: No, score=-9.9 required=5.0 tests=BAYES_00, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Liu Song In our environment, it was found that the mitigation BHB has a great impact on the benchmark performance. For example, in the lmbench test, the "process fork && exit" test performance drops by 20%. So it is necessary to have the ability to turn off the mitigation individually through cmdline, thus avoiding having to compile the kernel by adjusting the config. Signed-off-by: Liu Song --- Documentation/admin-guide/kernel-parameters.txt | 5 +++++ arch/arm64/kernel/proton-pack.c | 10 +++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index d7f3090..1edc9a6 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -3207,6 +3207,7 @@ spectre_v2_user=off [X86] spec_store_bypass_disable=off [X86,PPC] ssbd=force-off [ARM64] + nospectre_bhb [ARM64] l1tf=off [X86] mds=off [X86] tsx_async_abort=off [X86] @@ -3631,6 +3632,10 @@ vulnerability. System may allow data leaks with this option. + nospectre_bhb [ARM64] Disable all mitigations for Spectre-BHB (branch + history injection) vulnerability. System may allow data leaks + with this option. + nospec_store_bypass_disable [HW] Disable all mitigations for the Speculative Store Bypass vulnerability diff --git a/arch/arm64/kernel/proton-pack.c b/arch/arm64/kernel/proton-pack.c index 40be3a7..bd16903 100644 --- a/arch/arm64/kernel/proton-pack.c +++ b/arch/arm64/kernel/proton-pack.c @@ -988,6 +988,14 @@ static void this_cpu_set_vectors(enum arm64_bp_harden_el1_vectors slot) isb(); } +static bool __read_mostly __nospectre_bhb; +static int __init parse_spectre_bhb_param(char *str) +{ + __nospectre_bhb = true; + return 0; +} +early_param("nospectre_bhb", parse_spectre_bhb_param); + void spectre_bhb_enable_mitigation(const struct arm64_cpu_capabilities *entry) { bp_hardening_cb_t cpu_cb; @@ -1001,7 +1009,7 @@ void spectre_bhb_enable_mitigation(const struct arm64_cpu_capabilities *entry) /* No point mitigating Spectre-BHB alone. */ } else if (!IS_ENABLED(CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY)) { pr_info_once("spectre-bhb mitigation disabled by compile time option\n"); - } else if (cpu_mitigations_off()) { + } else if (cpu_mitigations_off() || __nospectre_bhb) { pr_info_once("spectre-bhb mitigation disabled by command line option\n"); } else if (supports_ecbhb(SCOPE_LOCAL_CPU)) { state = SPECTRE_MITIGATED; -- 1.8.3.1