From: David Kaplan <david.kaplan@amd.com>
To: Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>,
Peter Zijlstra <peterz@infradead.org>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>, <x86@kernel.org>,
"H . Peter Anvin" <hpa@zytor.com>
Cc: <linux-kernel@vger.kernel.org>
Subject: [PATCH v2 00/35] x86/bugs: Attack vector controls
Date: Tue, 5 Nov 2024 15:54:20 -0600 [thread overview]
Message-ID: <20241105215455.359471-1-david.kaplan@amd.com> (raw)
This series restructures arch/x86/kernel/cpu/bugs.c and proposes new
command line options to make it easier to control which CPU mitigations
are applied. These options select relevant mitigations based on chosen
attack vectors, which are hopefully easier for users to understand.
There are two parts to this patch series:
The first 18 patches restructure the existing mitigation selection logic
to use a uniform set of functions. First, the "select" function is
called for each mitigation to select an appropriate mitigation. Unless
a mitigation is explicitly selected or disabled with a command line
option, the default mitigation is AUTO and the "select" function will
then choose the best mitigation. After the "select" function is called
for each mitigation, some mitigations define an "update" function which
can be used to update the selection, based on the choices made by other
mitigations. Finally, the "apply" function is called which enables the
chosen mitigation.
This structure simplifies the mitigation control logic, especially when
there are dependencies between multiple vulnerabilities. It also
prepares the code for the second set of patches.
The rest of the patches define new "attack vector" command line options
to make it easier to select appropriate mitigations based on the usage
of the system. While many users may not be intimately familiar with the
details of these CPU vulnerabilities, they are likely better able to
understand the intended usage of their system. As a result, unneeded
mitigations may be disabled, allowing users to recoup more performance.
New documentation is included with recommendations on what to consider
when choosing which attack vectors to enable/disable.
Note that this patch series does not change any of the existing
mitigation defaults.
Changes in v2:
- Removed new enum, just use X86_BUG* to identify vulnerabilities
- Mitigate gds if cross-thread protection is selected as pointed out
by Andrew Cooper
- Simplifications around verw-based mitigation handling
- Various bug fixes
David Kaplan (35):
x86/bugs: Add X86_BUG_SPECTRE_V2_USER
x86/bugs: Relocate mds/taa/mmio/rfds defines
x86/bugs: Add AUTO mitigations for mds/taa/mmio/rfds
x86/bugs: Restructure mds mitigation
x86/bugs: Restructure taa mitigation
x86/bugs: Restructure mmio mitigation
x86/bugs: Restructure rfds mitigation
x86/bugs: Remove md_clear_*_mitigation()
x86/bugs: Restructure srbds mitigation
x86/bugs: Restructure gds mitigation
x86/bugs: Restructure spectre_v1 mitigation
x86/bugs: Restructure retbleed mitigation
x86/bugs: Restructure spectre_v2_user mitigation
x86/bugs: Restructure bhi mitigation
x86/bugs: Restructure spectre_v2 mitigation
x86/bugs: Restructure ssb mitigation
x86/bugs: Restructure l1tf mitigation
x86/bugs: Restructure srso mitigation
Documentation/x86: Document the new attack vector controls
x86/bugs: Define attack vectors
x86/bugs: Determine relevant vulnerabilities based on attack vector
controls.
x86/bugs: Add attack vector controls for mds
x86/bugs: Add attack vector controls for taa
x86/bugs: Add attack vector controls for mmio
x86/bugs: Add attack vector controls for rfds
x86/bugs: Add attack vector controls for srbds
x86/bugs: Add attack vector controls for gds
x86/bugs: Add attack vector controls for spectre_v1
x86/bugs: Add attack vector controls for retbleed
x86/bugs: Add attack vector controls for spectre_v2_user
x86/bugs: Add attack vector controls for bhi
x86/bugs: Add attack vector controls for spectre_v2
x86/bugs: Add attack vector controls for l1tf
x86/bugs: Add attack vector controls for srso
x86/pti: Add attack vector controls for pti
.../hw-vuln/attack_vector_controls.rst | 172 +++
Documentation/admin-guide/hw-vuln/index.rst | 1 +
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/processor.h | 2 +
arch/x86/kernel/cpu/bugs.c | 1231 ++++++++++-------
arch/x86/kernel/cpu/common.c | 4 +-
arch/x86/kvm/vmx/vmx.c | 2 +
arch/x86/mm/pti.c | 3 +-
include/linux/cpu.h | 11 +
kernel/cpu.c | 58 +
10 files changed, 1010 insertions(+), 475 deletions(-)
create mode 100644 Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
--
2.34.1
next reply other threads:[~2024-11-05 21:55 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-05 21:54 David Kaplan [this message]
2024-11-05 21:54 ` [PATCH v2 01/35] x86/bugs: Add X86_BUG_SPECTRE_V2_USER David Kaplan
2024-11-05 21:54 ` [PATCH v2 02/35] x86/bugs: Relocate mds/taa/mmio/rfds defines David Kaplan
2024-11-05 21:54 ` [PATCH v2 03/35] x86/bugs: Add AUTO mitigations for mds/taa/mmio/rfds David Kaplan
2024-11-14 2:26 ` Pawan Gupta
2024-11-14 14:59 ` Kaplan, David
2024-11-14 17:14 ` Pawan Gupta
2024-11-14 17:17 ` Kaplan, David
2024-11-05 21:54 ` [PATCH v2 04/35] x86/bugs: Restructure mds mitigation David Kaplan
2024-11-14 3:03 ` Pawan Gupta
2024-11-14 15:01 ` Kaplan, David
2024-12-10 15:24 ` Borislav Petkov
2024-11-05 21:54 ` [PATCH v2 05/35] x86/bugs: Restructure taa mitigation David Kaplan
2024-11-14 4:43 ` Pawan Gupta
2024-11-14 15:08 ` Kaplan, David
2024-11-05 21:54 ` [PATCH v2 06/35] x86/bugs: Restructure mmio mitigation David Kaplan
2024-11-14 5:03 ` Pawan Gupta
2024-11-05 21:54 ` [PATCH v2 07/35] x86/bugs: Restructure rfds mitigation David Kaplan
2024-11-14 5:55 ` Pawan Gupta
2024-11-05 21:54 ` [PATCH v2 08/35] x86/bugs: Remove md_clear_*_mitigation() David Kaplan
2024-11-05 21:54 ` [PATCH v2 09/35] x86/bugs: Restructure srbds mitigation David Kaplan
2024-11-05 21:54 ` [PATCH v2 10/35] x86/bugs: Restructure gds mitigation David Kaplan
2024-11-14 6:21 ` Pawan Gupta
2024-11-05 21:54 ` [PATCH v2 11/35] x86/bugs: Restructure spectre_v1 mitigation David Kaplan
2024-11-14 6:57 ` Pawan Gupta
2024-11-14 15:36 ` Kaplan, David
2024-11-14 15:49 ` Kaplan, David
2024-11-14 16:19 ` Borislav Petkov
2024-11-14 16:45 ` Kaplan, David
2024-11-14 23:33 ` Josh Poimboeuf
2024-12-12 10:41 ` Borislav Petkov
2024-11-14 17:41 ` Pawan Gupta
2024-11-14 17:48 ` Kaplan, David
2024-11-05 21:54 ` [PATCH v2 12/35] x86/bugs: Restructure retbleed mitigation David Kaplan
2024-11-05 21:54 ` [PATCH v2 13/35] x86/bugs: Restructure spectre_v2_user mitigation David Kaplan
2024-11-06 18:56 ` kernel test robot
2024-11-05 21:54 ` [PATCH v2 14/35] x86/bugs: Restructure bhi mitigation David Kaplan
2024-11-05 21:54 ` [PATCH v2 15/35] x86/bugs: Restructure spectre_v2 mitigation David Kaplan
2024-11-05 21:54 ` [PATCH v2 16/35] x86/bugs: Restructure ssb mitigation David Kaplan
2024-11-05 21:54 ` [PATCH v2 17/35] x86/bugs: Restructure l1tf mitigation David Kaplan
2024-11-05 21:54 ` [PATCH v2 18/35] x86/bugs: Restructure srso mitigation David Kaplan
2025-01-02 14:55 ` Borislav Petkov
2024-11-05 21:54 ` [PATCH v2 19/35] Documentation/x86: Document the new attack vector controls David Kaplan
2024-11-06 10:39 ` Borislav Petkov
2024-11-06 14:49 ` Kaplan, David
2024-11-13 3:58 ` Manwaring, Derek
2024-11-13 14:15 ` Brendan Jackman
2024-11-13 15:05 ` Kaplan, David
2024-11-13 15:31 ` Brendan Jackman
2024-11-13 16:00 ` Kaplan, David
2024-11-13 16:19 ` Brendan Jackman
2024-11-14 9:32 ` Brendan Jackman
2024-11-22 16:15 ` Manwaring, Derek
2024-11-22 16:36 ` Brendan Jackman
2024-11-22 17:23 ` Kaplan, David
2024-11-20 0:14 ` Manwaring, Derek
2024-11-13 14:49 ` Kaplan, David
2024-11-13 14:15 ` Brendan Jackman
2024-11-13 15:42 ` Kaplan, David
2024-11-05 21:54 ` [PATCH v2 20/35] x86/bugs: Define attack vectors David Kaplan
2025-01-03 15:19 ` Borislav Petkov
2025-01-03 15:29 ` Kaplan, David
2025-01-03 15:51 ` Borislav Petkov
2024-11-05 21:54 ` [PATCH v2 21/35] x86/bugs: Determine relevant vulnerabilities based on attack vector controls David Kaplan
2024-11-05 21:54 ` [PATCH v2 22/35] x86/bugs: Add attack vector controls for mds David Kaplan
2024-11-05 21:54 ` [PATCH v2 23/35] x86/bugs: Add attack vector controls for taa David Kaplan
2024-11-05 21:54 ` [PATCH v2 24/35] x86/bugs: Add attack vector controls for mmio David Kaplan
2024-11-05 21:54 ` [PATCH v2 25/35] x86/bugs: Add attack vector controls for rfds David Kaplan
2024-11-05 21:54 ` [PATCH v2 26/35] x86/bugs: Add attack vector controls for srbds David Kaplan
2024-11-05 21:54 ` [PATCH v2 27/35] x86/bugs: Add attack vector controls for gds David Kaplan
2024-11-05 21:54 ` [PATCH v2 28/35] x86/bugs: Add attack vector controls for spectre_v1 David Kaplan
2024-11-05 21:54 ` [PATCH v2 29/35] x86/bugs: Add attack vector controls for retbleed David Kaplan
2024-11-05 21:54 ` [PATCH v2 30/35] x86/bugs: Add attack vector controls for spectre_v2_user David Kaplan
2024-11-05 21:54 ` [PATCH v2 31/35] x86/bugs: Add attack vector controls for bhi David Kaplan
2024-11-05 21:54 ` [PATCH v2 32/35] x86/bugs: Add attack vector controls for spectre_v2 David Kaplan
2024-11-05 21:54 ` [PATCH v2 33/35] x86/bugs: Add attack vector controls for l1tf David Kaplan
2024-11-05 21:54 ` [PATCH v2 34/35] x86/bugs: Add attack vector controls for srso David Kaplan
2024-11-05 21:54 ` [PATCH v2 35/35] x86/pti: Add attack vector controls for pti David Kaplan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241105215455.359471-1-david.kaplan@amd.com \
--to=david.kaplan@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox