From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F04FD3B2A0; Tue, 23 Jun 2026 17:33:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.8 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782236037; cv=none; b=Su1wxXe+mRfjY5OHC6Yf5yZYuHeRtUccvBTsdPbxS0x6m1Bah8JbRq5Ml1SDIKn4gu1hEiDsPz9mHkf+mHX74tSmGwIvbi8zqeHH30i9jncGAVmDogNKJ2hUShex1DJOHYRczOZ36ZmEkVvFRIBEz0e+dcNxj9qv3tmZPdyTHa8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782236037; c=relaxed/simple; bh=Z+UBFYvZmhxdkKBWIZKrd5/Lkbp8grvu2K8zVnKyDK0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=fZBsQQGfWgvuludhJjL3p7+HcEFR999hqh7qUKcqJ5wcFdEWOMVJoQr5L1pGvp7VK5i+AbeEJgQ9zkX2xtlkar/WN4V7j120RXf9CItIaYMieQjjiG1tsFxFbkyTH93lpYCkPx061rzrWSV+q6v9b6ei1RPasxHTcvfCGlVhACQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=pass smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=DIQ7RB9S; arc=none smtp.client-ip=192.198.163.8 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="DIQ7RB9S" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1782236036; x=1813772036; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=Z+UBFYvZmhxdkKBWIZKrd5/Lkbp8grvu2K8zVnKyDK0=; b=DIQ7RB9SLZbyddyt1JddQ6VzTcJzaKC+Z6mMVg0NdUfQq/5ATMCPXsQG BBHgfnmW7puvr4rCbf3Z3EP6b8d46var+3nIfBIPQ3KlqdmHM/t6A9AuH UpjVDSBQ23b+6nhEazmyUk/uS8EDHQuH+eSVMmg7B5QkU3QIegD3Z48i7 gFq0nkUdZ0gP6bwyfGUWxwkS0C1C2vU3vwnRO8VUE0YIZdhq0WckjQy+V zT8oMV26QL4PIdsHLxmQPOKPnROLWA9n78lPw8cKBQSAFkp43KaYHhL5H jQ0wY4Tg9aeGtwR9gCelDIxTlpfzuCKnGtJjUEP7MQvKQU1sgbejKkATc Q==; X-CSE-ConnectionGUID: OmlCYye7RqidHu75ClNMxQ== X-CSE-MsgGUID: 2/BWkCD/TQi7FlqA/QnXXA== X-IronPort-AV: E=McAfee;i="6800,10657,11826"; a="100538911" X-IronPort-AV: E=Sophos;i="6.24,221,1774335600"; d="scan'208";a="100538911" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Jun 2026 10:33:55 -0700 X-CSE-ConnectionGUID: Kkoub9noTrauJdBPrt2/fw== X-CSE-MsgGUID: hZ8sT9knTOeO6g6JrLuYng== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.24,221,1774335600"; d="scan'208";a="273646784" Received: from guptapa-desk.jf.intel.com (HELO desk) ([10.165.239.46]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Jun 2026 10:33:54 -0700 Date: Tue, 23 Jun 2026 10:33:54 -0700 From: Pawan Gupta To: x86@kernel.org, Jon Kohler , Nikolay Borisov , "H. Peter Anvin" , Josh Poimboeuf , David Kaplan , Sean Christopherson , Borislav Petkov , Dave Hansen , Peter Zijlstra , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , KP Singh , Jiri Olsa , "David S. Miller" , David Laight , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , David Ahern , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , John Fastabend , Stanislav Fomichev , Hao Luo , Paolo Bonzini , Jonathan Corbet , Jason Baron , Alice Ryhl , Steven Rostedt , Ard Biesheuvel , Shuah Khan Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Asit Mallick , Tao Zhang , bpf@vger.kernel.org, netdev@vger.kernel.org, linux-doc@vger.kernel.org Subject: [PATCH v12 05/12] x86/vmscape: Move mitigation selection to a switch() Message-ID: <20260622-vmscape-bhb-v12-5-76cbda0ae3e5@linux.intel.com> X-Mailer: b4 0.16-dev References: <20260622-vmscape-bhb-v12-0-76cbda0ae3e5@linux.intel.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260622-vmscape-bhb-v12-0-76cbda0ae3e5@linux.intel.com> This ensures that all mitigation modes are explicitly handled, while keeping the mitigation selection for each mode together. This also prepares for adding BHB-clearing mitigation mode for VMSCAPE. Tested-by: Jon Kohler Reviewed-by: Nikolay Borisov Signed-off-by: Pawan Gupta --- arch/x86/kernel/cpu/bugs.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 002bf4adccc3..636280c612f0 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -3088,17 +3088,33 @@ early_param("vmscape", vmscape_parse_cmdline); static void __init vmscape_select_mitigation(void) { - if (!boot_cpu_has_bug(X86_BUG_VMSCAPE) || - !boot_cpu_has(X86_FEATURE_IBPB)) { + if (!boot_cpu_has_bug(X86_BUG_VMSCAPE)) { vmscape_mitigation = VMSCAPE_MITIGATION_NONE; return; } - if (vmscape_mitigation == VMSCAPE_MITIGATION_AUTO) { - if (should_mitigate_vuln(X86_BUG_VMSCAPE)) + if ((vmscape_mitigation == VMSCAPE_MITIGATION_AUTO) && + !should_mitigate_vuln(X86_BUG_VMSCAPE)) + vmscape_mitigation = VMSCAPE_MITIGATION_NONE; + + switch (vmscape_mitigation) { + case VMSCAPE_MITIGATION_NONE: + break; + + case VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER: + if (!boot_cpu_has(X86_FEATURE_IBPB)) + vmscape_mitigation = VMSCAPE_MITIGATION_NONE; + break; + + case VMSCAPE_MITIGATION_AUTO: + if (boot_cpu_has(X86_FEATURE_IBPB)) vmscape_mitigation = VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER; else vmscape_mitigation = VMSCAPE_MITIGATION_NONE; + break; + + default: + break; } } -- 2.34.1