Skip to content

Commit 8edb9e7

Browse files
dkaplan2bp3tk0v
dkaplan2
authored and
bp3tk0v
committed
x86/bugs: Use early_param() for spectre_v2_user
Most of the mitigations in bugs.c use early_param() to parse their command line options. Modify spectre_v2_user to use early_param() for consistency. Remove spec_v2_user_print_cond() because informing a user about their cmdline choice isn't very interesting and the chosen mitigation is already printed in spectre_v2_user_update_mitigation(). Signed-off-by: David Kaplan <david.kaplan@amd.com> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Link: https://lore.kernel.org/r/20250819192200.2003074-2-david.kaplan@amd.com
1 parent 5799d5d commit 8edb9e7

1 file changed

Lines changed: 26 additions & 42 deletions

File tree

arch/x86/kernel/cpu/bugs.c

Lines changed: 26 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -1847,7 +1847,7 @@ enum spectre_v2_mitigation_cmd {
18471847

18481848
static enum spectre_v2_mitigation_cmd spectre_v2_cmd __ro_after_init = SPECTRE_V2_CMD_AUTO;
18491849

1850-
enum spectre_v2_user_cmd {
1850+
enum spectre_v2_user_mitigation_cmd {
18511851
SPECTRE_V2_USER_CMD_NONE,
18521852
SPECTRE_V2_USER_CMD_AUTO,
18531853
SPECTRE_V2_USER_CMD_FORCE,
@@ -1857,6 +1857,9 @@ enum spectre_v2_user_cmd {
18571857
SPECTRE_V2_USER_CMD_SECCOMP_IBPB,
18581858
};
18591859

1860+
static enum spectre_v2_user_mitigation_cmd spectre_v2_user_cmd __ro_after_init =
1861+
IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2) ? SPECTRE_V2_USER_CMD_AUTO : SPECTRE_V2_USER_CMD_NONE;
1862+
18601863
static const char * const spectre_v2_user_strings[] = {
18611864
[SPECTRE_V2_USER_NONE] = "User space: Vulnerable",
18621865
[SPECTRE_V2_USER_STRICT] = "User space: Mitigation: STIBP protection",
@@ -1865,50 +1868,31 @@ static const char * const spectre_v2_user_strings[] = {
18651868
[SPECTRE_V2_USER_SECCOMP] = "User space: Mitigation: STIBP via seccomp and prctl",
18661869
};
18671870

1868-
static const struct {
1869-
const char *option;
1870-
enum spectre_v2_user_cmd cmd;
1871-
bool secure;
1872-
} v2_user_options[] __initconst = {
1873-
{ "auto", SPECTRE_V2_USER_CMD_AUTO, false },
1874-
{ "off", SPECTRE_V2_USER_CMD_NONE, false },
1875-
{ "on", SPECTRE_V2_USER_CMD_FORCE, true },
1876-
{ "prctl", SPECTRE_V2_USER_CMD_PRCTL, false },
1877-
{ "prctl,ibpb", SPECTRE_V2_USER_CMD_PRCTL_IBPB, false },
1878-
{ "seccomp", SPECTRE_V2_USER_CMD_SECCOMP, false },
1879-
{ "seccomp,ibpb", SPECTRE_V2_USER_CMD_SECCOMP_IBPB, false },
1880-
};
1881-
1882-
static void __init spec_v2_user_print_cond(const char *reason, bool secure)
1883-
{
1884-
if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2) != secure)
1885-
pr_info("spectre_v2_user=%s forced on command line.\n", reason);
1886-
}
1887-
1888-
static enum spectre_v2_user_cmd __init spectre_v2_parse_user_cmdline(void)
1871+
static int __init spectre_v2_user_parse_cmdline(char *str)
18891872
{
1890-
char arg[20];
1891-
int ret, i;
1892-
1893-
if (!IS_ENABLED(CONFIG_MITIGATION_SPECTRE_V2))
1894-
return SPECTRE_V2_USER_CMD_NONE;
1895-
1896-
ret = cmdline_find_option(boot_command_line, "spectre_v2_user",
1897-
arg, sizeof(arg));
1898-
if (ret < 0)
1899-
return SPECTRE_V2_USER_CMD_AUTO;
1873+
if (!str)
1874+
return -EINVAL;
19001875

1901-
for (i = 0; i < ARRAY_SIZE(v2_user_options); i++) {
1902-
if (match_option(arg, ret, v2_user_options[i].option)) {
1903-
spec_v2_user_print_cond(v2_user_options[i].option,
1904-
v2_user_options[i].secure);
1905-
return v2_user_options[i].cmd;
1906-
}
1907-
}
1876+
if (!strcmp(str, "auto"))
1877+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_AUTO;
1878+
else if (!strcmp(str, "off"))
1879+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_NONE;
1880+
else if (!strcmp(str, "on"))
1881+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_FORCE;
1882+
else if (!strcmp(str, "prctl"))
1883+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL;
1884+
else if (!strcmp(str, "prctl,ibpb"))
1885+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_PRCTL_IBPB;
1886+
else if (!strcmp(str, "seccomp"))
1887+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP;
1888+
else if (!strcmp(str, "seccomp,ibpb"))
1889+
spectre_v2_user_cmd = SPECTRE_V2_USER_CMD_SECCOMP_IBPB;
1890+
else
1891+
pr_err("Ignoring unknown spectre_v2_user option (%s).", str);
19081892

1909-
pr_err("Unknown user space protection option (%s). Switching to default\n", arg);
1910-
return SPECTRE_V2_USER_CMD_AUTO;
1893+
return 0;
19111894
}
1895+
early_param("spectre_v2_user", spectre_v2_user_parse_cmdline);
19121896

19131897
static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode)
19141898
{
@@ -1920,7 +1904,7 @@ static void __init spectre_v2_user_select_mitigation(void)
19201904
if (!boot_cpu_has(X86_FEATURE_IBPB) && !boot_cpu_has(X86_FEATURE_STIBP))
19211905
return;
19221906

1923-
switch (spectre_v2_parse_user_cmdline()) {
1907+
switch (spectre_v2_user_cmd) {
19241908
case SPECTRE_V2_USER_CMD_NONE:
19251909
return;
19261910
case SPECTRE_V2_USER_CMD_FORCE:

0 commit comments

Comments
 (0)