x86/bugs: Restructure SSB mitigation

author David Kaplan <david.kaplan@amd.com>

Fri, 18 Apr 2025 16:17:19 +0000 (11:17 -0500)

committer Borislav Petkov (AMD) <bp@alien8.de>

Tue, 29 Apr 2025 16:57:26 +0000 (18:57 +0200)
author David Kaplan <david.kaplan@amd.com>
Fri, 18 Apr 2025 16:17:19 +0000 (11:17 -0500)
committer Borislav Petkov (AMD) <bp@alien8.de>
Tue, 29 Apr 2025 16:57:26 +0000 (18:57 +0200)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c

index 93d07438eea78e06fffd32bf4a7cb2e19191b6d2..fbb4f1378de1fce6a31b24d5139f866e9501aece 100644 (file)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -65,6 +65,7 @@ static void __init spectre_v2_user_select_mitigation(void);
  static void __init spectre_v2_user_update_mitigation(void);
  static void __init spectre_v2_user_apply_mitigation(void);
  static void __init ssb_select_mitigation(void);
+static void __init ssb_apply_mitigation(void);
  static void __init l1tf_select_mitigation(void);
  static void __init mds_select_mitigation(void);
  static void __init mds_update_mitigation(void);
@@ -243,6 +244,7 @@ void __init cpu_select_mitigations(void)
         spectre_v2_apply_mitigation();
         retbleed_apply_mitigation();
         spectre_v2_user_apply_mitigation();
+       ssb_apply_mitigation();
         mds_apply_mitigation();
         taa_apply_mitigation();
         mmio_apply_mitigation();
@@ -2219,19 +2221,18 @@ static enum ssb_mitigation_cmd __init ssb_parse_cmdline(void)
         return cmd;
  }
  
-static enum ssb_mitigation __init __ssb_select_mitigation(void)
+static void __init ssb_select_mitigation(void)
  {
-       enum ssb_mitigation mode = SPEC_STORE_BYPASS_NONE;
         enum ssb_mitigation_cmd cmd;
  
         if (!boot_cpu_has(X86_FEATURE_SSBD))
-               return mode;
+               goto out;
  
         cmd = ssb_parse_cmdline();
         if (!boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS) &&
             (cmd == SPEC_STORE_BYPASS_CMD_NONE ||
              cmd == SPEC_STORE_BYPASS_CMD_AUTO))
-               return mode;
+               return;
  
         switch (cmd) {
         case SPEC_STORE_BYPASS_CMD_SECCOMP:
@@ -2240,28 +2241,35 @@ static enum ssb_mitigation __init __ssb_select_mitigation(void)
                  * enabled.
                  */
                 if (IS_ENABLED(CONFIG_SECCOMP))
-                       mode = SPEC_STORE_BYPASS_SECCOMP;
+                       ssb_mode = SPEC_STORE_BYPASS_SECCOMP;
                 else
-                       mode = SPEC_STORE_BYPASS_PRCTL;
+                       ssb_mode = SPEC_STORE_BYPASS_PRCTL;
                 break;
         case SPEC_STORE_BYPASS_CMD_ON:
-               mode = SPEC_STORE_BYPASS_DISABLE;
+               ssb_mode = SPEC_STORE_BYPASS_DISABLE;
                 break;
         case SPEC_STORE_BYPASS_CMD_AUTO:
         case SPEC_STORE_BYPASS_CMD_PRCTL:
-               mode = SPEC_STORE_BYPASS_PRCTL;
+               ssb_mode = SPEC_STORE_BYPASS_PRCTL;
                 break;
         case SPEC_STORE_BYPASS_CMD_NONE:
                 break;
         }
  
+out:
+       if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS))
+               pr_info("%s\n", ssb_strings[ssb_mode]);
+}
+
+static void __init ssb_apply_mitigation(void)
+{
         /*
          * We have three CPU feature flags that are in play here:
          *  - X86_BUG_SPEC_STORE_BYPASS - CPU is susceptible.
          *  - X86_FEATURE_SSBD - CPU is able to turn off speculative store bypass
          *  - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation
          */
-       if (mode == SPEC_STORE_BYPASS_DISABLE) {
+       if (ssb_mode == SPEC_STORE_BYPASS_DISABLE) {
                 setup_force_cpu_cap(X86_FEATURE_SPEC_STORE_BYPASS_DISABLE);
                 /*
                  * Intel uses the SPEC CTRL MSR Bit(2) for this, while AMD may
@@ -2275,16 +2283,6 @@ static enum ssb_mitigation __init __ssb_select_mitigation(void)
                         update_spec_ctrl(x86_spec_ctrl_base);
                 }
         }
-
-       return mode;
-}
-
-static void ssb_select_mitigation(void)
-{
-       ssb_mode = __ssb_select_mitigation();
-
-       if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS))
-               pr_info("%s\n", ssb_strings[ssb_mode]);
  }
  
  #undef pr_fmt
author	David Kaplan <david.kaplan@amd.com>
	Fri, 18 Apr 2025 16:17:19 +0000 (11:17 -0500)
committer	Borislav Petkov (AMD) <bp@alien8.de>
	Tue, 29 Apr 2025 16:57:26 +0000 (18:57 +0200)