x86/speculation/mds: Add mds=full,nosmt cmdline option

author Josh Poimboeuf <jpoimboe@redhat.com>

Tue, 2 Apr 2019 14:59:33 +0000 (09:59 -0500)

committer Mihai Carabas <mihai.carabas@oracle.com>

Mon, 22 Apr 2019 18:16:19 +0000 (21:16 +0300)
author Josh Poimboeuf <jpoimboe@redhat.com>
Tue, 2 Apr 2019 14:59:33 +0000 (09:59 -0500)
committer Mihai Carabas <mihai.carabas@oracle.com>
Mon, 22 Apr 2019 18:16:19 +0000 (21:16 +0300)
diff --git a/Documentation/admin-guide/hw-vuln/mds.rst b/Documentation/admin-guide/hw-vuln/mds.rst

index 1de29d28903d069b4612bc954d1c4d82c71c6438..244ab47d1fb3a367336f659b25a8c33716df64c0 100644 (file)
--- a/Documentation/admin-guide/hw-vuln/mds.rst
+++ b/Documentation/admin-guide/hw-vuln/mds.rst
@@ -260,6 +260,9 @@ time with the option "mds=". The valid arguments for this option are:
  
                 It does not automatically disable SMT.
  
+  full,nosmt   The same as mds=full, with SMT disabled on vulnerable
+               CPUs.  This is the complete mitigation.
+
    off          Disables MDS mitigations completely.
  
    ============  =============================================================
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt

index 91c5d98efdcb713c6e18db6cad3dadf295748a8f..55d180c14e0d645aa173849c41bd2504ef33e099 100644 (file)
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2065,8 +2065,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
                         This parameter controls the MDS mitigation. The
                         options are:
  
-                       full    - Enable MDS mitigation on vulnerable CPUs
-                       off     - Unconditionally disable MDS mitigation
+                       full       - Enable MDS mitigation on vulnerable CPUs
+                       full,nosmt - Enable MDS mitigation and disable
+                                    SMT on vulnerable CPUs
+                       off        - Unconditionally disable MDS mitigation
  
                         Not specifying this option is equivalent to
                         mds=full.
diff --git a/arch/x86/kernel/cpu/bugs_64.c b/arch/x86/kernel/cpu/bugs_64.c

index 3237a76441a78184b425ee0320b08226fd845794..41b485b160b2d70f3da80fd987dc968926d73b31 100644 (file)
--- a/arch/x86/kernel/cpu/bugs_64.c
+++ b/arch/x86/kernel/cpu/bugs_64.c
@@ -1319,6 +1319,7 @@ void mds_idle_clear_disable(void)
  
  /* Default mitigation for L1TF-affected CPUs */
  static enum mds_mitigations mds_mitigation __read_mostly = MDS_MITIGATION_FULL;
+static bool mds_nosmt = false;
  
  static const char * const mds_strings[] = {
         [MDS_MITIGATION_OFF]    = "Vulnerable",
@@ -1358,6 +1359,8 @@ static void mds_select_mitigation(void)
          if (ret > 0) {
                 if (match_option(arg, ret, "off"))
                         mds_mitigation = MDS_MITIGATION_OFF;
+               else if (match_option(arg, ret, "full,nosmt"))
+                       mds_nosmt = true;
                 else if (!match_option(arg, ret, "full"))
                         pr_warn("mds: unknown option %s\n", arg);
         }
@@ -1365,7 +1368,12 @@ static void mds_select_mitigation(void)
         if (mds_mitigation == MDS_MITIGATION_FULL) {
                 if (!boot_cpu_has(X86_FEATURE_MD_CLEAR))
                         mds_mitigation = MDS_MITIGATION_VMWERV;
+
                 static_branch_enable(&mds_user_clear);
+               
+               if (mds_nosmt && !boot_cpu_has(X86_BUG_MSBDS_ONLY))
+                       cpu_smt_disable(false);
+
                 update_mds_branch_idle();
         }
         pr_info("%s\n", mds_strings[mds_mitigation]);
author	Josh Poimboeuf <jpoimboe@redhat.com>
	Tue, 2 Apr 2019 14:59:33 +0000 (09:59 -0500)
committer	Mihai Carabas <mihai.carabas@oracle.com>
	Mon, 22 Apr 2019 18:16:19 +0000 (21:16 +0300)
Documentation/admin-guide/hw-vuln/mds.rst		patch \| blob \| history
Documentation/kernel-parameters.txt		patch \| blob \| history
arch/x86/kernel/cpu/bugs_64.c		patch \| blob \| history