]> git.proxmox.com Git - mirror_ubuntu-disco-kernel.git/commit
projects / mirror_ubuntu-disco-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 65910b9) | patch
cpu/speculation: Add 'mitigations=' cmdline option
authorJosh Poimboeuf <jpoimboe@redhat.com>
Fri, 12 Apr 2019 20:39:28 +0000 (15:39 -0500)
committerStefan Bader <stefan.bader@canonical.com>
Mon, 6 May 2019 15:32:08 +0000 (17:32 +0200)
commit13f48eda02bf62ef36c1953b49ca8ccae7ae439c
tree53d246e76cd0a8d76e5f480cd09cc5c72d328057tree
parent65910b93f10d19c88035a44d00b43588a7617f0ecommit | diff
cpu/speculation: Add 'mitigations=' cmdline option

Keeping track of the number of mitigations for all the CPU speculation
bugs has become overwhelming for many users.  It's getting more and more
complicated to decide which mitigations are needed for a given
architecture.  Complicating matters is the fact that each arch tends to
have its own custom way to mitigate the same vulnerability.

Most users fall into a few basic categories:

a) they want all mitigations off;

b) they want all reasonable mitigations on, with SMT enabled even if
   it's vulnerable; or

c) they want all reasonable mitigations on, with SMT disabled if
   vulnerable.

Define a set of curated, arch-independent options, each of which is an
aggregation of existing options:

- mitigations=off: Disable all mitigations.

- mitigations=auto: [default] Enable all the default mitigations, but
  leave SMT enabled, even if it's vulnerable.

- mitigations=auto,nosmt: Enable all the default mitigations, disabling
  SMT if needed by a mitigation.

Currently, these options are placeholders which don't actually do
anything.  They will be fleshed out in upcoming patches.

Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Jiri Kosina <jkosina@suse.cz> (on x86)
Reviewed-by: Jiri Kosina <jkosina@suse.cz>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H . Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Jiri Kosina <jikos@kernel.org>
Cc: Waiman Long <longman@redhat.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Jon Masters <jcm@redhat.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: linuxppc-dev@lists.ozlabs.org
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: linux-s390@vger.kernel.org
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-arch@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Steven Price <steven.price@arm.com>
Cc: Phil Auld <pauld@redhat.com>
Link: https://lkml.kernel.org/r/b07a8ef9b7c5055c3a4637c87d07c296d5016fe0.1555085500.git.jpoimboe@redhat.com
CVE-2017-5715
CVE-2017-5754
CVE-2018-3639
CVE-2018-3620
CVE-2018-3646

(cherry picked from commit 98af8452945c55652de68536afdde3b520fec429 https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git)
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Forshee <seth.forshee@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Documentation/admin-guide/kernel-parameters.txt diff | blob | blame | history
include/linux/cpu.h diff | blob | blame | history
kernel/cpu.c diff | blob | blame | history
Ubuntu Disco kernel mirror for Proxmox VE and PMG