Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2935620rwd; Fri, 16 Jun 2023 10:01:38 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4hpJMAjXjmCaRyTtspyou5dhqiQmHP8f4WQ2xiIGSHSb3gh9drtTGn8O9qwqEylFwiG2IW X-Received: by 2002:a05:6870:e1c3:b0:1a6:5f0d:f964 with SMTP id g3-20020a056870e1c300b001a65f0df964mr2199775oab.26.1686934897648; Fri, 16 Jun 2023 10:01:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686934897; cv=none; d=google.com; s=arc-20160816; b=PWMKCkU1ZIvj7J6eHKwqej/t+iqZfixxvM16kxv8ozUdzSPTjdrSzc4OND25rPe2Ph HO+hGptireYAlvtNQxJ44F8hCccJoMwOSzP3RllJu72bevZfIBzEsYqaxOw756wxUAUl 1iojZtdWTQbGC9xJEeblodsXtnkxFjfAx5Lya5BU2TTGy8pAK+z76lANmU1HbasTq8Hf oEQw8CPuRocRV6wWwm7AiXnzFMAjCCLPgN6RSI7rUaNpc0dnxBwLFfKRV83nEjdt29ps YZPE6JDX+WzELVr4VCDm+H4F3z3pL81QUikECZzSTdhdCJ55pZp/6P+ptcvMU38AFjNg hwPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=7uhzZuJe360nFGAcunJNwjhI8gCVocTqioPQqrIFFiQ=; b=mHvaNSdLanoulrmCFDv63w6ZLn2rqM5sRdbj+zqeLPxXG/0wXpH5KfLkPXYrK8OPGz WPSwE61+t1QW1AM+R95Jmsy8YLKQ6uDUihzlpKN8DAiixnt4GWYVXvPDg29YQh9FI2mI Mo+2m+dM/TpsFF373wHQIznINskHSvBfcpR7uWiiqpm1lNqUD6z9sRpOivFdxItj5AnG SBU9USQDWJ2fvRy5r3Hin9HEHipvoNO5LidHvKlLAm0Mk7rnFjtRWVy3UoxffTr4yCN1 OY5dDNM2bUw3getXcK/iiYgjkh2v9TW3L31CvPyyHUbFr4uk8B7Pbexd5PhINC/fiaXz 8iCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r4-20020a632b04000000b0052c8234a858si5861933pgr.168.2023.06.16.10.01.13; Fri, 16 Jun 2023 10:01:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235564AbjFPQt6 (ORCPT + 99 others); Fri, 16 Jun 2023 12:49:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345382AbjFPQtp (ORCPT ); Fri, 16 Jun 2023 12:49:45 -0400 Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BACFC3599 for ; Fri, 16 Jun 2023 09:49:40 -0700 (PDT) Received: by mail-wr1-f45.google.com with SMTP id ffacd0b85a97d-311183ef595so687344f8f.0 for ; Fri, 16 Jun 2023 09:49:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686934179; x=1689526179; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7uhzZuJe360nFGAcunJNwjhI8gCVocTqioPQqrIFFiQ=; b=DsLgA1fLkx4QAIY4ds8anmyBbyqUPAskgnvF85pgrxBkZc4j4bdAt4Q3+SREdOtgfl wF0g5M0KRmcBwUwJ8HWr4048uT6AoPmRrVUqgTixwK9Dz00A0ts2Ecn3bKMslAMt/IAL UxTIqCex5kzN0SbwORwyx+mXO/LJaSCoOziRPt7yJGn6E6nWY0bddJLQSWbgpzkGsPiD jiEac83CDUVbvXrqS340shJ5IVVt8EkEsUUi7lB/jNNpvenvk3ezQMTI9KjDfi2q7P1O 9DAaXLy/I30up2bf1rhp9TR0WTUZDOJcPGyIIG0r/bztCxCTs8czW4M4H1lYcOA30cuw SDAw== X-Gm-Message-State: AC+VfDxzIIHqKDoFwVQTysIXW0ECIF2m19imqGx5Z8s3lWaMIypDaTUR CF++f6J6eZSk/6dm1ocq0cs= X-Received: by 2002:adf:d0c8:0:b0:2ee:f77f:3d02 with SMTP id z8-20020adfd0c8000000b002eef77f3d02mr1756166wrh.0.1686934178869; Fri, 16 Jun 2023 09:49:38 -0700 (PDT) Received: from localhost (fwdproxy-cln-005.fbsv.net. [2a03:2880:31ff:5::face:b00c]) by smtp.gmail.com with ESMTPSA id r17-20020a5d52d1000000b002c71b4d476asm24041377wrv.106.2023.06.16.09.49.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Jun 2023 09:49:38 -0700 (PDT) From: Breno Leitao To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: leit@fb.com, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v2] x86/bugs: Break down mitigations configurations Date: Fri, 16 Jun 2023 09:48:50 -0700 Message-Id: <20230616164851.2559415-1-leitao@debian.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org There is no way to disable MDS, TAA, MMIO Stale data mitigation today at compilation time. These mitigations are enabled even if CONFIG_SPECULATION_MITIGATIONS is unset. Create a new KCONFIG option for each mitigation under CONFIG_SPECULATION_MITIGATIONS that allows these mitigations to be disabled by default at compilation time. It is still possible to enable these mitigations by passing kernel parameters, even if they are disabled by default. Signed-off-by: Breno Leitao --- V1->V2: Change the default value of the global mitigation flag, other than disabling at the function itself, so, it could be re-enabled/overwritten if a parameter is passed. --- arch/x86/Kconfig | 31 +++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/bugs.c | 12 ++++++++++++ 2 files changed, 43 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 53bab123a8ee..ba64f7c9b08d 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2649,6 +2649,37 @@ config SLS against straight line speculation. The kernel image might be slightly larger. +config MITIGATE_MDS + bool "Mitigate Microarchitectural Data Sampling (MDS) hardware bug" + depends on CPU_SUP_INTEL && X86_64 + default y + help + Enable mitigation for Microarchitectural Data Sampling (MDS). MDS is + a hardware vulnerability which allows unprivileged speculative access + to data which is available in various CPU internal buffer. Deeper + technical information is available in the MDS specific x86 architecture + section: Documentation/arch/x86/mds.rst. + +config MITIGATE_TAA + bool "Mitigate TSX Asynchronous Abort (TAA) hardware bug" + depends on CPU_SUP_INTEL && X86_64 + default y + help + Enable mitigation for TSX Asynchronous Abort (TAA). TAA is a hardware + vulnerability that allows unprivileged speculative access to data + which is available in various CPU internal buffers by using + asynchronous aborts within an Intel TSX transactional region. + +config MITIGATE_MMIO_STALE_DATA + bool "Mitigate MMIO Stale Data hardware bug" + depends on CPU_SUP_INTEL && X86_64 + default y + help + Enable mitigation for MMIO Stale Data hardware bugs. Processor MMIO + Stale Data Vulnerabilities are a class of memory-mapped I/O (MMIO) + vulnerabilities that can expose data. The vulnerabilities require the + attacker to have access to MMIO. + endif config ARCH_HAS_ADD_PAGES diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 182af64387d0..ba653830796f 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -267,7 +267,11 @@ static void x86_amd_ssb_disable(void) #define pr_fmt(fmt) "MDS: " fmt /* Default mitigation for MDS-affected CPUs */ +#if IS_ENABLED(CONFIG_MITIGATE_MDS) static enum mds_mitigations mds_mitigation __ro_after_init = MDS_MITIGATION_FULL; +#else +static enum mds_mitigations mds_mitigation __ro_after_init = MDS_MITIGATION_OFF; +#endif static bool mds_nosmt __ro_after_init = false; static const char * const mds_strings[] = { @@ -327,7 +331,11 @@ enum taa_mitigations { }; /* Default mitigation for TAA-affected CPUs */ +#if IS_ENABLED(CONFIG_MITIGATE_TAA) static enum taa_mitigations taa_mitigation __ro_after_init = TAA_MITIGATION_VERW; +#else +static enum taa_mitigations taa_mitigation __ro_after_init = TAA_MITIGATION_OFF; +#endif static bool taa_nosmt __ro_after_init; static const char * const taa_strings[] = { @@ -428,7 +436,11 @@ enum mmio_mitigations { }; /* Default mitigation for Processor MMIO Stale Data vulnerabilities */ +#if IS_ENABLED(CONFIG_MITIGATE_MMIO_STALE_DATA) static enum mmio_mitigations mmio_mitigation __ro_after_init = MMIO_MITIGATION_VERW; +#else +static enum mmio_mitigations mmio_mitigation __ro_after_init = MMIO_MITIGATION_OFF; +#endif static bool mmio_nosmt __ro_after_init = false; static const char * const mmio_strings[] = { -- 2.34.1