releases/4.19.43/0027-x86-speculation-mds-Add-mitigations-support-for-MDS.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From 5bf948d37f165a70fb0b682598b7f16df4ec885e Mon Sep 17 00:00:00 2001
 From: Josh Poimboeuf <jpoimboe@redhat.com>
 Date: Wed, 17 Apr 2019 16:39:02 -0500
 Subject: [PATCH 27/30] x86/speculation/mds: Add 'mitigations=' support for MDS

 commit 5c14068f87d04adc73ba3f41c2a303d3c3d1fa12 upstream

 Add MDS to the new 'mitigations=' cmdline option.

 Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
 Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  Documentation/admin-guide/kernel-parameters.txt | 2 ++
  arch/x86/kernel/cpu/bugs.c                      | 5 +++--
  2 files changed, 5 insertions(+), 2 deletions(-)

 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
 index 4f3efaaa46bd..a29301d6e6c6 100644
 --- a/Documentation/admin-guide/kernel-parameters.txt
 +++ b/Documentation/admin-guide/kernel-parameters.txt
 @@ -2519,6 +2519,7 @@
  					       spectre_v2_user=off [X86]
  					       spec_store_bypass_disable=off [X86,PPC]
  					       l1tf=off [X86]
 +					       mds=off [X86]

  			auto (default)
  				Mitigate all CPU vulnerabilities, but leave SMT
 @@ -2533,6 +2534,7 @@
  				if needed.  This is for users who always want to
  				be fully mitigated, even if it means losing SMT.
  				Equivalent to: l1tf=flush,nosmt [X86]
 +					       mds=full,nosmt [X86]

  	mminit_loglevel=
  			[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this
 diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
 index 904d55cf80a2..9b096f26d1c8 100644
 --- a/arch/x86/kernel/cpu/bugs.c
 +++ b/arch/x86/kernel/cpu/bugs.c
 @@ -231,7 +231,7 @@ static const char * const mds_strings[] = {

  static void __init mds_select_mitigation(void)
  {
 -	if (!boot_cpu_has_bug(X86_BUG_MDS)) {
 +	if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) {
  		mds_mitigation = MDS_MITIGATION_OFF;
  		return;
  	}
 @@ -242,7 +242,8 @@ static void __init mds_select_mitigation(void)

  		static_branch_enable(&mds_user_clear);

 -		if (mds_nosmt && !boot_cpu_has(X86_BUG_MSBDS_ONLY))
 +		if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) &&
 +		    (mds_nosmt || cpu_mitigations_auto_nosmt()))
  			cpu_smt_disable(false);
  	}

 --
 2.21.0
	From 5bf948d37f165a70fb0b682598b7f16df4ec885e Mon Sep 17 00:00:00 2001
	From: Josh Poimboeuf <jpoimboe@redhat.com>
	Date: Wed, 17 Apr 2019 16:39:02 -0500
	Subject: [PATCH 27/30] x86/speculation/mds: Add 'mitigations=' support for MDS

	commit 5c14068f87d04adc73ba3f41c2a303d3c3d1fa12 upstream

	Add MDS to the new 'mitigations=' cmdline option.

	Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
	Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	---
	Documentation/admin-guide/kernel-parameters.txt \| 2 ++
	arch/x86/kernel/cpu/bugs.c \| 5 +++--
	2 files changed, 5 insertions(+), 2 deletions(-)

	diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
	index 4f3efaaa46bd..a29301d6e6c6 100644
	--- a/Documentation/admin-guide/kernel-parameters.txt
	+++ b/Documentation/admin-guide/kernel-parameters.txt
	@@ -2519,6 +2519,7 @@
	spectre_v2_user=off [X86]
	spec_store_bypass_disable=off [X86,PPC]
	l1tf=off [X86]
	+ mds=off [X86]

	auto (default)
	Mitigate all CPU vulnerabilities, but leave SMT
	@@ -2533,6 +2534,7 @@
	if needed. This is for users who always want to
	be fully mitigated, even if it means losing SMT.
	Equivalent to: l1tf=flush,nosmt [X86]
	+ mds=full,nosmt [X86]

	mminit_loglevel=
	[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this
	diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
	index 904d55cf80a2..9b096f26d1c8 100644
	--- a/arch/x86/kernel/cpu/bugs.c
	+++ b/arch/x86/kernel/cpu/bugs.c
	@@ -231,7 +231,7 @@ static const char * const mds_strings[] = {

	static void __init mds_select_mitigation(void)
	{
	- if (!boot_cpu_has_bug(X86_BUG_MDS)) {
	+ if (!boot_cpu_has_bug(X86_BUG_MDS) \|\| cpu_mitigations_off()) {
	mds_mitigation = MDS_MITIGATION_OFF;
	return;
	}
	@@ -242,7 +242,8 @@ static void __init mds_select_mitigation(void)

	static_branch_enable(&mds_user_clear);

	- if (mds_nosmt && !boot_cpu_has(X86_BUG_MSBDS_ONLY))
	+ if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) &&
	+ (mds_nosmt \|\| cpu_mitigations_auto_nosmt()))
	cpu_smt_disable(false);
	}

	--
	2.21.0