www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Thomas Gleixner <tglx@linutronix.de>
	Thu, 28 Mar 2019 17:57:21 +0000 (13:57 -0400)
committer	Mihai Carabas <mihai.carabas@oracle.com>
	Mon, 22 Apr 2019 18:16:18 +0000 (21:16 +0300)
commit	b139b02175b56919bf25ca81dae21175c9f1b71e
tree	839d9d92af60c4e2bc23692abd30e61ab711b715	tree
parent	20ee9ad908cae10daf3be450ae261723ed728dc8	commit \| diff

x86/speculation/mds: Add mitigation control for MDS

commit bc1241700acd82ec69fde98c5763ce51086269f8 upstream

Now that the mitigations are in place, add a command line parameter to
control the mitigation, a mitigation selector function and a SMT update
mechanism.

This is the minimal straight forward initial implementation which just
provides an always on/off mode. The command line parameter is:

mds=[full|off]

This is consistent with the existing mitigations for other speculative
hardware vulnerabilities.

The idle invocation is dynamically updated according to the SMT state of
the system similar to the dynamic update of the STIBP mitigation. The idle
mitigation is limited to CPUs which are only affected by MSBDS and not any
other variant, because the other variants cannot be mitigated on SMT
enabled systems.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Jon Masters <jcm@redhat.com>
Tested-by: Jon Masters <jcm@redhat.com>
(cherry picked from commit 4cad86e4abd472f637038e0ad70a70d0d7333f83)

Orabug: 29526900
CVE: CVE-2018-12126
CVE: CVE-2018-12130
CVE: CVE-2018-12127

Signed-off-by: Kanth Ghatraju <kanth.ghatraju@oracle.com>
Reviewed-by: Mihai Carabas <mihai.carabas@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Conflicts:
The changes to arch/x86/kernel/cpu/bugs.c instead need to be made to
arch/x86/kernel/cpu/bugs_64.c.

Documentation/kernel-parameters.txt		diff \| blob \| history
arch/x86/include/asm/processor.h		diff \| blob \| history
arch/x86/kernel/cpu/bugs_64.c		diff \| blob \| history