Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp767887lqt; Fri, 19 Apr 2024 09:47:09 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWfNzqOzPkk8iRQUzNay1sVuM/+VrEOkrQpSJkxanmwf6PywHHJ0DOf1HoJsAR/+uSTWdjBTJ0yXa5dvmMi1LLyqrAul9BH35NJD8y2Pw== X-Google-Smtp-Source: AGHT+IERkwktFdNjSl2Fbfp36/rg79Jv9PGuC71dJdym4v8bc51fYN/s6U+SmMFh8sO07gZgXhzE X-Received: by 2002:a17:907:1186:b0:a52:241b:b450 with SMTP id uz6-20020a170907118600b00a52241bb450mr1910238ejb.36.1713545229747; Fri, 19 Apr 2024 09:47:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713545229; cv=pass; d=google.com; s=arc-20160816; b=D0eS3/8vCMfizq27fnqh1vvsmcb466YaPucJMyhiODuiVdhUh9Nfguw0wi78XqW7my 93BbsQE/TFxntSi09qBqPlutodCGgp/QOaQKchU/GZmkMLQgy7Z1vrwnxImpjRBgE5sQ fbwjB5x8YCkWrcx0siycFQjL14i6a87V7rEBf9yhhp8d4tUurwGQNrtkAZSHRQGyuUN5 ECcV+m9lixusQbY9TnYE+nLoUVcqt5+Iwghvha5S/ZtnPdrQ2VH/iPzQgiR98pumqnGd naOMwNADCWhMk5Scfxhmbdh/TwZqctVmCDBpw7yY4g1sGd9L5bE43HAe3HN//xsgNUU/ ox1w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=jgTuoKjvUJwd1St1Ysaygwu9RtHx37o8FxEW9+VLH3g=; fh=cSwREv8mMKugTyGY0Yhdox26yQRyOEndCYBQQs/kjN0=; b=s7rxdPQ25Yi7hI+iMSk0PS+uKZZ2kGWyuiceHHVXidPB7oBg0mxhAD3NtYyZJ2zmA+ CDHuMRyklSZpvsE/JWYCvh9ktHglfMGWipdcAs6RX4qpzuua/KSOQCuU7iNq/kluBoJ4 S3qVhhTuCGpYqvKlHSqSGQTJpKkQ0NJtMd0ax1kgSS/x2SlH9sZ13nu08D8uaoSsBfdE B5GOXuH8k0MJ0WO2fNVuQPDqZp4Yc23GeqcbGP8o+TsJKmsSX2vN4Nf97HJ7J+71fJVF cqHPVVLr0ICeQ1NSDZ18qPeuAWbRIi+4z6agzf2m/KixdIDPPNMWlDRskQTDVUJg6lVr NQsg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=A+YXP2Mx; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-151763-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151763-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id mf22-20020a170906cb9600b00a51d3658a7asi2364964ejb.594.2024.04.19.09.47.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 09:47:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-151763-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=A+YXP2Mx; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-151763-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151763-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 42DD41F23103 for ; Fri, 19 Apr 2024 16:47:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C7400136E20; Fri, 19 Apr 2024 16:47:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="A+YXP2Mx" Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E77A3136678 for ; Fri, 19 Apr 2024 16:47:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713545222; cv=none; b=lxuc79b+9qr1AGNWpHAXosqLgRejCiA8pIC/ZomR46pVGfmlvUwEH/x3T1O0vSBMf2hQH1UWdSbqZsxw9CG+LdCM0ve7XqckNhbXbStnhJ1Cv7Z0qhZsuL+NcPKtLnVFPm9nLlosK7rxczddsLbmkxNcaejaRwfEd310+R51mIk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713545222; c=relaxed/simple; bh=XlVHXmoOoZJBxQK11P4e0G5gKO3J4n/iNHjCxcHwO6Q=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=oa6FxQk5I//H4HkFkx0GKZUDGgroLbyw+pjqiTwz2wSGz7PJe6DjfHQBYovaMuLVz207+dXWb572frSMC5ASCqSgGMQNixH9g1Roxa2ZUYtfyOc/5U5E6kfX4L9aD3FfCCjatzkmVJXBxDwyFa77McTmjgHTFg24Jb86mmlePsQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=A+YXP2Mx; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dbf618042daso4155682276.0 for ; Fri, 19 Apr 2024 09:47:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1713545220; x=1714150020; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=jgTuoKjvUJwd1St1Ysaygwu9RtHx37o8FxEW9+VLH3g=; b=A+YXP2MxlMlVxYSeS2g4hUJF7OfTdb2OCi0vElncwMhiBYObPyX/jCE799XN0fj08m 3QQatMxIKXR6o2a7Lv7AZDolFTm5ZSgzxRyXqsM8Cqzj9p9T34ttiJdtvOof4+CTlYlL WVzLGBrOB5eRlULiPVugaGXKSDcpHavZ9jgZPhmR7E5Rps9LjXFpNhGNRdcb2IfQbfc/ 6i5U/68tz407tr43dHvbRAXGwAxaaRGvZU8pSjF60vNu8sU5+8KAIgKHvJCCwiPNFDyb qvbC3x0tqZsb7NrGy3XNMFB6XOtfN0RvszIGaFU4BdpQXNgn1dm53pZfA4JDygZUwcah B41Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713545220; x=1714150020; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=jgTuoKjvUJwd1St1Ysaygwu9RtHx37o8FxEW9+VLH3g=; b=YmvUKt8+XNwGRss9r3ih2Z9LN/hlT9RS7eH1UWe97Uzc7AgFr3SHBtBnN/g+IY7IXv jORVFYROpSnOp5NoiYs04ziXN/HDSN1alNuKJ3eQuCMLGjpm1225RgHWkotHam7aKSNg OCOGqYBCNy8NjAzRR10CYE6aMxO5oU3C+F4jFZu0WuF0EHf7ZKRmC5RBgdzQaaRVFtfS tQVxHehIVGkoGKd3mS/EYP/8D2A4cWtaa8c0rJHReEAd22E1IgrqmBQtCAGfkhg9N6Ce +SxcueaMVjMAzV0pERJvXVdKl1vwNuf43jDpa4dtAi30GfwnkbsDeTQ9cZ/+R3ksNTPE Ei/w== X-Forwarded-Encrypted: i=1; AJvYcCXyYPvFXkoXVfgEtqxy6Mw6URDAL9gXcOFMTcwV9nFT4ttNf4TGxNBFOcHcAuOiakBxCbgLTc11hFqYeRMbBPAHD3jRxbWSzJPLOcfp X-Gm-Message-State: AOJu0Yws0IZN77FqSCOMcO2d8zoM5jxT+nyYc7LMN8fNReU/OwfH7vkW DnEQsEbHp1du/G/r7nMUCo8pCFUUOGJZFiJbdT9zQA5aYAjUqLKYzqkJtP380owC6+ul8nxMXpR loA== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:6908:0:b0:de1:21b4:76a5 with SMTP id e8-20020a256908000000b00de121b476a5mr160741ybc.13.1713545220035; Fri, 19 Apr 2024 09:47:00 -0700 (PDT) Date: Fri, 19 Apr 2024 09:46:58 -0700 In-Reply-To: <20240419160537.namt5yaxhhvwwa3r@treble> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240417001507.2264512-1-seanjc@google.com> <20240417001507.2264512-2-seanjc@google.com> <20240419160537.namt5yaxhhvwwa3r@treble> Message-ID: Subject: Re: [PATCH 1/2] cpu: Re-enable CPU mitigations by default for !X86 architectures From: Sean Christopherson To: Josh Poimboeuf Cc: Jonathan Corbet , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Greg Kroah-Hartman , Peter Zijlstra , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, Stephen Rothwell , Michael Ellerman , Geert Uytterhoeven Content-Type: text/plain; charset="us-ascii" On Fri, Apr 19, 2024, Josh Poimboeuf wrote: > On Tue, Apr 16, 2024 at 05:15:06PM -0700, Sean Christopherson wrote: > > Add a generic Kconfig, CPU_MITIGATIONS, to control whether or not CPU > > mitigations are enabled by default, and force it on for all architectures > > except x86. A recent commit to turn mitigations off by default if > > SPECULATION_MITIGATIONS=n kinda sorta missed that "cpu_mitigations" is > > completely generic, where as SPECULATION_MITIGATIONS is x86 specific. > > > > Alternatively, SPECULATION_MITIGATIONS could simply be defined in common > > code, but that creates weirdness for x86 because SPECULATION_MITIGATIONS > > ends up being defined twice, and the default behavior would likely depend > > on the arbitrary include order (if the two definitions diverged). > > > > Ideally, CPU_MITIGATIONS would be unconditionally on by default for all > > architectures, and manually turned off, but there is no way to unselect a > > Kconfig. > > > > Reported-by: Stephen Rothwell > > Reported-by: Michael Ellerman > > Reported-by: Geert Uytterhoeven > > Closes: https://lkml.kernel.org/r/20240413115324.53303a68%40canb.auug.org.au > > Fixes: f337a6a21e2f ("x86/cpu: Actually turn off mitigations by default for SPECULATION_MITIGATIONS=n") > > Cc: stable@vger.kernel.org > > Signed-off-by: Sean Christopherson > > It seems confusing to have two config options which have very similar > names and similar purposes (with subtle differences depending on the > arch). > > How about we instead just get rid of the x86-specific > SPECULATION_MITIGATIONS and replace it with a menu which depends on > CPU_MITIGATIONS: Huh, didn't realize that was possible. I agree that having two things for the same thing is confusing, though Boris' idea to do s/SPECULATION_MITIGATIONS/X86_CPU_MITIGATIONS would help a fair bit on that front. My only hesitation is that x86's menu and the common config knob end up in completely different locations. And AFAICT, the parser doesn't allow sourcing menu entires from a different file: init/Kconfig:1959: 'menu' in different file than 'menu' e.g. we can't declare the menuconfig in common code and then include arch definitions. Regardless of whether or not we shuffle things around, CPU_MITIGATIONS really should be in init/Kconfig, not drivers/base/Kconfig, e.g. so that if we make it a user-selectable option, it shows up under "General setup" instead of being buried two layers deep in drivers. That makes it less hard to find CPU_MITIGATIONS, but I still find it cumbersome to have to enable CPU_MITIGATIONS, and then go hunting for x86's menu.