Received: by 2002:ab2:1347:0:b0:1f4:ac9d:b246 with SMTP id g7csp200532lqg; Wed, 10 Apr 2024 22:59:25 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUVlO/eLFSTLLzRDqjYCY+llKimDZBKydpMEz0S9bdpm7Be5RJDJRu+GV2X1mM5tIsss8WWvIrA6TjQ24scv5+yliEi/Eha62ktib0NvA== X-Google-Smtp-Source: AGHT+IGB7sZcv5q/OmL+JVlCrubNyJngizqZka0rIUcGko/v/Xp3fhnPp86t/PEvbxLjtjyCLm9U X-Received: by 2002:a17:903:120e:b0:1e2:ac38:2657 with SMTP id l14-20020a170903120e00b001e2ac382657mr5315221plh.24.1712815165357; Wed, 10 Apr 2024 22:59:25 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712815165; cv=pass; d=google.com; s=arc-20160816; b=w6bMHGqtbHv4QvoTBpfMggoUoravvL3Y7+AxwvO1Ey9RytCq0K9/hW3LWlMrdCYtdg pcYWwkrtkK9SnfxlFVn1Abv0LgfgZVEzvfuDQSMmsNef1RRJjJ3QCU2RH4hGJEROWcj3 94EUE640SYzq4T1Ht/A5Dfbc4nHHWlS1k8H7RYBGDZXHQUCTlF4PCL5dMiYXaOnnLxlU 4OpIM59zyk0GVHkncMF6YYfJiGJsHJbGogEO0iFfSTOn0pvofWlRPad621ofCnSM8Lp7 XcuAygGJAjsoyeYasb2LLk2zKoswAtSYvgmVt/R3frXGJ+Z9EtWM4R2aiSXqJIiNb/qO rbdA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=x+xesfpO+WxaWOtKdPDjzmW6R+8u2xyfk0G/z4fTTWI=; fh=7OJFrLnOA6s1ycE/HULnfMliS+3S6sqMIgc3sc3R36M=; b=prJgwm0A3tXBFOTcl+r8oXqSMXczJ4hJ3LZqOHfcQwH6EtsKVTBo9a/htnB5yWjJun 92G1wrlt6csxq6sDy8lNofFwomuFG8JFknzcMuCz8qWdO1aPGb8Y6qrRCu2igfWrF0RS ZlN90ZFvMuOzt1l8ZxiMtUhlQbZNL6BxbxstTG9xMg7OMHdGiml0luMv9uDKs2FoAdJo yBBO6gPDKAQtzYFKqNomWF1PsBzjQnFcYW+X1+U5V3/avUqSQDtwX42eqtsTupgA1i+I M9zLObBBd4h17mLfc3GCKuWINfOMd0riJOTWCY/QNcToTYEhQlilQY9izDUVQCazqzfX HZEQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=E6jweK2B; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-139800-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-139800-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id l7-20020a170903120700b001e2b56c8cc5si664858plh.509.2024.04.10.22.59.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Apr 2024 22:59:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-139800-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=E6jweK2B; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-139800-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-139800-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 66C9BB24BE8 for ; Thu, 11 Apr 2024 05:43:15 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 737D813D2BF; Thu, 11 Apr 2024 05:42:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="E6jweK2B" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B4FC13D258 for ; Thu, 11 Apr 2024 05:42:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712814122; cv=none; b=drCxYOY/0QZdlhw4u+hu61BuGLBo+/JGKNUjzcovNLAKjTe32aSnf9FwzmdT27DQYoTyAHbCmCcpNyggWe+nzRaOUupzZfrc+AM3ids2LYT+0AfwCGnEaeaL6xBaIc3hLVparl3SH/yN2NESUzA6hRxaolQA/5DD/ectxpvOgi8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712814122; c=relaxed/simple; bh=RzdXWSgQ28zftPcjGimYeRLCbiSvFoClI4JwbSfruDQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XRdkLCm5OcBLAuwgrhmBbgfciKQk+oHg4XWOkZihSqkR1JD9yd1lMmgFrXrZP/hFHWquxfDGOA270KeWSzOXYTimzATEQ0Z7v1N7Aq5TdnoN/97CB9aCAYFXKrY6tTD9Pwbhd+xKNK7f4ZX0xSIPBF1/+QxmOq+ltImQbRjvupw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=E6jweK2B; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6A8A7C43399; Thu, 11 Apr 2024 05:42:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1712814122; bh=RzdXWSgQ28zftPcjGimYeRLCbiSvFoClI4JwbSfruDQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=E6jweK2BGNl4al5mzH/V4YrdWVwmdu49bwtRUdT3ai47Fc9KetKuDTNCJ64xT4wyz ulLt9XUOimbVk1/bcM2LXQq6C5bOoeag6RBOqFPvqOOrJxpkwlJXZCrZacGNOHh/5o d4HTDE0WHlCDI49V2aLYOokhyPik1Z17m0igoCLPLC1JmTRvMP/ERC6780eO9XVa+f iAWXgzms4rrTv2rbadsdnWTL1T/EHOBZVezgvOZVpM048Ez3t0IDnKAZZ7p5R8Zb/y fEz0DHk5vO21Ly7j1CmhTzNyPbCZE5JrfMBnEW/fwXsC9n72QBGom62LU3nXB9fwuD +8ukIzMlXa6iQ== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Linus Torvalds , Daniel Sneddon , Pawan Gupta , Thomas Gleixner , Alexandre Chartre , Konrad Rzeszutek Wilk , Peter Zijlstra , Greg Kroah-Hartman , Sean Christopherson , Andrew Cooper , Dave Hansen , Nikolay Borisov , KP Singh , Waiman Long , Borislav Petkov Subject: [PATCH 6/7] x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto Date: Wed, 10 Apr 2024 22:40:50 -0700 Message-ID: <412e9dc87971b622bbbaf64740ebc1f140bff343.1712813475.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Unlike most other mitigations' "auto" options, spectre_bhi=auto only mitigates newer systems, which is confusing and not particularly useful. Remove it. Signed-off-by: Josh Poimboeuf --- Documentation/admin-guide/hw-vuln/spectre.rst | 4 ---- Documentation/admin-guide/kernel-parameters.txt | 3 --- arch/x86/Kconfig | 5 ----- arch/x86/kernel/cpu/bugs.c | 10 +--------- 4 files changed, 1 insertion(+), 21 deletions(-) diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst index 5a39acf82483..25a04cda4c2c 100644 --- a/Documentation/admin-guide/hw-vuln/spectre.rst +++ b/Documentation/admin-guide/hw-vuln/spectre.rst @@ -669,10 +669,6 @@ kernel command line. needed. off Disable the mitigation. - auto - Enable the HW mitigation if needed, but - *don't* enable the SW mitigation except for KVM. - The system may be vulnerable. For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index a3874cc97892..902ecd92a29f 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -6072,9 +6072,6 @@ on - (default) Enable the HW or SW mitigation as needed. off - Disable the mitigation. - auto - Enable the HW mitigation if needed, but - *don't* enable the SW mitigation except - for KVM. The system may be vulnerable. spectre_v2= [X86,EARLY] Control mitigation of Spectre variant 2 (indirect branch speculation) vulnerability. diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 10a6251f58f3..b63b6767a63d 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2651,11 +2651,6 @@ config SPECTRE_BHI_OFF bool "off" help Equivalent to setting spectre_bhi=off command line parameter. -config SPECTRE_BHI_AUTO - bool "auto" - depends on BROKEN - help - Equivalent to setting spectre_bhi=auto command line parameter. endchoice diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index efffd87381b1..74ade6d7caa3 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1625,13 +1625,10 @@ static bool __init spec_ctrl_bhi_dis(void) enum bhi_mitigations { BHI_MITIGATION_OFF, BHI_MITIGATION_ON, - BHI_MITIGATION_AUTO, }; static enum bhi_mitigations bhi_mitigation __ro_after_init = - IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : - IS_ENABLED(CONFIG_SPECTRE_BHI_OFF) ? BHI_MITIGATION_OFF : - BHI_MITIGATION_AUTO; + IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF; static int __init spectre_bhi_parse_cmdline(char *str) { @@ -1642,8 +1639,6 @@ static int __init spectre_bhi_parse_cmdline(char *str) bhi_mitigation = BHI_MITIGATION_OFF; else if (!strcmp(str, "on")) bhi_mitigation = BHI_MITIGATION_ON; - else if (!strcmp(str, "auto")) - bhi_mitigation = BHI_MITIGATION_AUTO; else pr_err("Ignoring unknown spectre_bhi option (%s)", str); @@ -1682,9 +1677,6 @@ static void __init bhi_select_mitigation(void) setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT); pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n"); - if (bhi_mitigation == BHI_MITIGATION_AUTO) - return; - /* Mitigate syscalls when the mitigation is forced =on */ setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP); pr_info("Spectre BHI mitigation: SW BHB clearing on syscall\n"); -- 2.44.0