diff options
| author |   David Kaplan <david.kaplan@amd.com> | 2025-01-08 14:24:41 -0600 |
|---|---|---|
| committer |   Borislav Petkov (AMD) <bp@alien8.de> | 2025-02-28 12:34:30 +0100 |
| commit | 98c7a713db91c5a9a7ffc47cd85e7158e0963cb8 (patch) | |
| tree | ef411f3eb9b069dcdcd1fb372859c4803208534a /arch/x86/kernel/cpu/common.c | |
| parent | x86/bugs: Remove X86_FEATURE_USE_IBPB (diff) | |
| download | wireguard-linux-98c7a713db91c5a9a7ffc47cd85e7158e0963cb8.tar.xz wireguard-linux-98c7a713db91c5a9a7ffc47cd85e7158e0963cb8.zip | |
x86/bugs: Add X86_BUG_SPECTRE_V2_USER
All CPU vulnerabilities with command line options map to a single X86_BUG bit
except for Spectre V2 where both the spectre_v2 and spectre_v2_user command
line options are related to the same bug.
The spectre_v2 command line options mostly relate to user->kernel and
guest->host mitigations, while the spectre_v2_user command line options relate
to user->user or guest->guest protections.
Define a new X86_BUG bit for spectre_v2_user so each *_select_mitigation()
function in bugs.c is related to a unique X86_BUG bit.
No functional changes.
Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20250108202515.385902-2-david.kaplan@amd.com
Diffstat (limited to 'arch/x86/kernel/cpu/common.c')
| -rw-r--r-- | arch/x86/kernel/cpu/common.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 7cce91b19fb2..1e80d76dc9c1 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1331,8 +1331,10 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c) setup_force_cpu_bug(X86_BUG_SPECTRE_V1); - if (!cpu_matches(cpu_vuln_whitelist, NO_SPECTRE_V2)) + if (!cpu_matches(cpu_vuln_whitelist, NO_SPECTRE_V2)) { setup_force_cpu_bug(X86_BUG_SPECTRE_V2); + setup_force_cpu_bug(X86_BUG_SPECTRE_V2_USER); + } if (!cpu_matches(cpu_vuln_whitelist, NO_SSB) && !(x86_arch_cap_msr & ARCH_CAP_SSB_NO) && |