From: Borislav Petkov <bp@alien8.de>
To: Anthony Steinhauser <asteinhauser@google.com>
Cc: linux-tip-commits@vger.kernel.org,
Anthony Steinhauser <asteinhauser@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
stable@vger.kernel.org, x86 <x86@kernel.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [tip: x86/urgent] x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.
Date: Thu, 11 Jun 2020 16:09:51 +0200 [thread overview]
Message-ID: <20200611140951.GD30352@zn.tnic> (raw)
In-Reply-To: <159169282952.17951.3529693809120577424.tip-bot2@tip-bot2>
On Tue, Jun 09, 2020 at 08:53:49AM -0000, tip-bot2 for Anthony Steinhauser wrote:
> @@ -672,23 +665,36 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
> pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n",
> static_key_enabled(&switch_mm_always_ibpb) ?
> "always-on" : "conditional");
> +
> + spectre_v2_user_ibpb = mode;
> }
>
> - /* If enhanced IBRS is enabled no STIBP required */
> - if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
> + /*
> + * If enhanced IBRS is enabled or SMT impossible, STIBP is not
> + * required.
> + */
> + if (!smt_possible || spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
> return;
>
> /*
> - * If SMT is not possible or STIBP is not available clear the STIBP
> - * mode.
> + * At this point, an STIBP mode other than "off" has been set.
> + * If STIBP support is not being forced, check if STIBP always-on
> + * is preferred.
> + */
> + if (mode != SPECTRE_V2_USER_STRICT &&
> + boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON))
> + mode = SPECTRE_V2_USER_STRICT_PREFERRED;
> +
> + /*
> + * If STIBP is not available, clear the STIBP mode.
> */
> - if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP))
> + if (!boot_cpu_has(X86_FEATURE_STIBP))
> mode = SPECTRE_V2_USER_NONE;
Can we merge this test into the one above? Diff ontop:
---
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 8d57562b1d2c..05b3163e1b8c 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -673,7 +673,9 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
* If enhanced IBRS is enabled or SMT impossible, STIBP is not
* required.
*/
- if (!smt_possible || spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
+ if (!boot_cpu_has(X86_FEATURE_STIBP) ||
+ !smt_possible ||
+ spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
return;
/*
@@ -685,12 +687,6 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON))
mode = SPECTRE_V2_USER_STRICT_PREFERRED;
- /*
- * If STIBP is not available, clear the STIBP mode.
- */
- if (!boot_cpu_has(X86_FEATURE_STIBP))
- mode = SPECTRE_V2_USER_NONE;
-
spectre_v2_user_stibp = mode;
set_mode:
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
next prev parent reply other threads:[~2020-06-11 14:10 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-09 8:53 [tip: x86/urgent] x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS tip-bot2 for Anthony Steinhauser
2020-06-11 14:09 ` Borislav Petkov [this message]
2020-06-11 14:35 ` Anthony Steinhauser
2020-06-11 15:43 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200611140951.GD30352@zn.tnic \
--to=bp@alien8.de \
--cc=asteinhauser@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox