1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (C) 1994 Linus Torvalds
5 * Cyrix stuff, June 1998 by:
6 * - Rafael R. Reilova (moved everything from head.S),
7 * <rreilova@ececs.uc.edu>
8 * - Channing Corn (tests & fixes),
9 * - Andrew D. Balsa (code cleanup).
11 #include <linux/init.h>
12 #include <linux/utsname.h>
13 #include <linux/cpu.h>
14 #include <linux/module.h>
15 #include <linux/nospec.h>
16 #include <linux/prctl.h>
17 #include <linux/sched/smt.h>
19 #include <asm/spec-ctrl.h>
20 #include <asm/cmdline.h>
22 #include <asm/processor.h>
23 #include <asm/processor-flags.h>
24 #include <asm/fpu/internal.h>
27 #include <asm/paravirt.h>
28 #include <asm/alternative.h>
29 #include <asm/pgtable.h>
30 #include <asm/set_memory.h>
31 #include <asm/intel-family.h>
32 #include <asm/e820/api.h>
33 #include <asm/hypervisor.h>
35 static void __init
spectre_v2_select_mitigation(void);
36 static void __init
ssb_select_mitigation(void);
37 static void __init
l1tf_select_mitigation(void);
38 static void __init
mds_select_mitigation(void);
40 /* The base value of the SPEC_CTRL MSR that always has to be preserved. */
41 u64 x86_spec_ctrl_base
;
42 EXPORT_SYMBOL_GPL(x86_spec_ctrl_base
);
43 static DEFINE_MUTEX(spec_ctrl_mutex
);
46 * The vendor and possibly platform specific bits which can be modified in
49 static u64 __ro_after_init x86_spec_ctrl_mask
= SPEC_CTRL_IBRS
;
52 * AMD specific MSR info for Speculative Store Bypass control.
53 * x86_amd_ls_cfg_ssbd_mask is initialized in identify_boot_cpu().
55 u64 __ro_after_init x86_amd_ls_cfg_base
;
56 u64 __ro_after_init x86_amd_ls_cfg_ssbd_mask
;
58 /* Control conditional STIBP in switch_to() */
59 DEFINE_STATIC_KEY_FALSE(switch_to_cond_stibp
);
60 /* Control conditional IBPB in switch_mm() */
61 DEFINE_STATIC_KEY_FALSE(switch_mm_cond_ibpb
);
62 /* Control unconditional IBPB in switch_mm() */
63 DEFINE_STATIC_KEY_FALSE(switch_mm_always_ibpb
);
65 /* Control MDS CPU buffer clear before returning to user space */
66 DEFINE_STATIC_KEY_FALSE(mds_user_clear
);
67 EXPORT_SYMBOL_GPL(mds_user_clear
);
68 /* Control MDS CPU buffer clear before idling (halt, mwait) */
69 DEFINE_STATIC_KEY_FALSE(mds_idle_clear
);
70 EXPORT_SYMBOL_GPL(mds_idle_clear
);
72 void __init
check_bugs(void)
77 * identify_boot_cpu() initialized SMT support information, let the
80 cpu_smt_check_topology_early();
82 if (!IS_ENABLED(CONFIG_SMP
)) {
84 print_cpu_info(&boot_cpu_data
);
88 * Read the SPEC_CTRL MSR to account for reserved bits which may
89 * have unknown values. AMD64_LS_CFG MSR is cached in the early AMD
90 * init code as it is not enumerated and depends on the family.
92 if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL
))
93 rdmsrl(MSR_IA32_SPEC_CTRL
, x86_spec_ctrl_base
);
95 /* Allow STIBP in MSR_SPEC_CTRL if supported */
96 if (boot_cpu_has(X86_FEATURE_STIBP
))
97 x86_spec_ctrl_mask
|= SPEC_CTRL_STIBP
;
99 /* Select the proper spectre mitigation before patching alternatives */
100 spectre_v2_select_mitigation();
103 * Select proper mitigation for any exposure to the Speculative Store
104 * Bypass vulnerability.
106 ssb_select_mitigation();
108 l1tf_select_mitigation();
110 mds_select_mitigation();
114 * Check whether we are able to run this kernel safely on SMP.
116 * - i386 is no longer supported.
117 * - In order to run on anything without a TSC, we need to be
118 * compiled for a i486.
120 if (boot_cpu_data
.x86
< 4)
121 panic("Kernel requires i486+ for 'invlpg' and other features");
123 init_utsname()->machine
[1] =
124 '0' + (boot_cpu_data
.x86
> 6 ? 6 : boot_cpu_data
.x86
);
125 alternative_instructions();
127 fpu__init_check_bugs();
128 #else /* CONFIG_X86_64 */
129 alternative_instructions();
132 * Make sure the first 2MB area is not mapped by huge pages
133 * There are typically fixed size MTRRs in there and overlapping
134 * MTRRs into large pages causes slow downs.
136 * Right now we don't do that with gbpages because there seems
137 * very little benefit for that case.
140 set_memory_4k((unsigned long)__va(0), 1);
145 x86_virt_spec_ctrl(u64 guest_spec_ctrl
, u64 guest_virt_spec_ctrl
, bool setguest
)
147 u64 msrval
, guestval
, hostval
= x86_spec_ctrl_base
;
148 struct thread_info
*ti
= current_thread_info();
150 /* Is MSR_SPEC_CTRL implemented ? */
151 if (static_cpu_has(X86_FEATURE_MSR_SPEC_CTRL
)) {
153 * Restrict guest_spec_ctrl to supported values. Clear the
154 * modifiable bits in the host base value and or the
155 * modifiable bits from the guest value.
157 guestval
= hostval
& ~x86_spec_ctrl_mask
;
158 guestval
|= guest_spec_ctrl
& x86_spec_ctrl_mask
;
160 /* SSBD controlled in MSR_SPEC_CTRL */
161 if (static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD
) ||
162 static_cpu_has(X86_FEATURE_AMD_SSBD
))
163 hostval
|= ssbd_tif_to_spec_ctrl(ti
->flags
);
165 /* Conditional STIBP enabled? */
166 if (static_branch_unlikely(&switch_to_cond_stibp
))
167 hostval
|= stibp_tif_to_spec_ctrl(ti
->flags
);
169 if (hostval
!= guestval
) {
170 msrval
= setguest
? guestval
: hostval
;
171 wrmsrl(MSR_IA32_SPEC_CTRL
, msrval
);
176 * If SSBD is not handled in MSR_SPEC_CTRL on AMD, update
177 * MSR_AMD64_L2_CFG or MSR_VIRT_SPEC_CTRL if supported.
179 if (!static_cpu_has(X86_FEATURE_LS_CFG_SSBD
) &&
180 !static_cpu_has(X86_FEATURE_VIRT_SSBD
))
184 * If the host has SSBD mitigation enabled, force it in the host's
185 * virtual MSR value. If its not permanently enabled, evaluate
186 * current's TIF_SSBD thread flag.
188 if (static_cpu_has(X86_FEATURE_SPEC_STORE_BYPASS_DISABLE
))
189 hostval
= SPEC_CTRL_SSBD
;
191 hostval
= ssbd_tif_to_spec_ctrl(ti
->flags
);
193 /* Sanitize the guest value */
194 guestval
= guest_virt_spec_ctrl
& SPEC_CTRL_SSBD
;
196 if (hostval
!= guestval
) {
199 tif
= setguest
? ssbd_spec_ctrl_to_tif(guestval
) :
200 ssbd_spec_ctrl_to_tif(hostval
);
202 speculation_ctrl_update(tif
);
205 EXPORT_SYMBOL_GPL(x86_virt_spec_ctrl
);
207 static void x86_amd_ssb_disable(void)
209 u64 msrval
= x86_amd_ls_cfg_base
| x86_amd_ls_cfg_ssbd_mask
;
211 if (boot_cpu_has(X86_FEATURE_VIRT_SSBD
))
212 wrmsrl(MSR_AMD64_VIRT_SPEC_CTRL
, SPEC_CTRL_SSBD
);
213 else if (boot_cpu_has(X86_FEATURE_LS_CFG_SSBD
))
214 wrmsrl(MSR_AMD64_LS_CFG
, msrval
);
218 #define pr_fmt(fmt) "MDS: " fmt
220 /* Default mitigation for L1TF-affected CPUs */
221 static enum mds_mitigations mds_mitigation __ro_after_init
= MDS_MITIGATION_FULL
;
222 static bool mds_nosmt __ro_after_init
= false;
224 static const char * const mds_strings
[] = {
225 [MDS_MITIGATION_OFF
] = "Vulnerable",
226 [MDS_MITIGATION_FULL
] = "Mitigation: Clear CPU buffers",
227 [MDS_MITIGATION_VMWERV
] = "Vulnerable: Clear CPU buffers attempted, no microcode",
230 static void mds_select_mitigation(void)
232 if (!boot_cpu_has_bug(X86_BUG_MDS
)) {
233 mds_mitigation
= MDS_MITIGATION_OFF
;
237 if (mds_mitigation
== MDS_MITIGATION_FULL
) {
238 if (!boot_cpu_has(X86_FEATURE_MD_CLEAR
))
239 mds_mitigation
= MDS_MITIGATION_VMWERV
;
241 static_branch_enable(&mds_user_clear
);
243 if (mds_nosmt
&& !boot_cpu_has(X86_BUG_MSBDS_ONLY
))
244 cpu_smt_disable(false);
247 pr_info("%s\n", mds_strings
[mds_mitigation
]);
250 static int __init
mds_cmdline(char *str
)
252 if (!boot_cpu_has_bug(X86_BUG_MDS
))
258 if (!strcmp(str
, "off"))
259 mds_mitigation
= MDS_MITIGATION_OFF
;
260 else if (!strcmp(str
, "full"))
261 mds_mitigation
= MDS_MITIGATION_FULL
;
262 else if (!strcmp(str
, "full,nosmt")) {
263 mds_mitigation
= MDS_MITIGATION_FULL
;
269 early_param("mds", mds_cmdline
);
272 #define pr_fmt(fmt) "Spectre V2 : " fmt
274 static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init
=
277 static enum spectre_v2_user_mitigation spectre_v2_user __ro_after_init
=
278 SPECTRE_V2_USER_NONE
;
280 #ifdef CONFIG_RETPOLINE
281 static bool spectre_v2_bad_module
;
283 bool retpoline_module_ok(bool has_retpoline
)
285 if (spectre_v2_enabled
== SPECTRE_V2_NONE
|| has_retpoline
)
288 pr_err("System may be vulnerable to spectre v2\n");
289 spectre_v2_bad_module
= true;
293 static inline const char *spectre_v2_module_string(void)
295 return spectre_v2_bad_module
? " - vulnerable module loaded" : "";
298 static inline const char *spectre_v2_module_string(void) { return ""; }
301 static inline bool match_option(const char *arg
, int arglen
, const char *opt
)
303 int len
= strlen(opt
);
305 return len
== arglen
&& !strncmp(arg
, opt
, len
);
308 /* The kernel command line selection for spectre v2 */
309 enum spectre_v2_mitigation_cmd
{
312 SPECTRE_V2_CMD_FORCE
,
313 SPECTRE_V2_CMD_RETPOLINE
,
314 SPECTRE_V2_CMD_RETPOLINE_GENERIC
,
315 SPECTRE_V2_CMD_RETPOLINE_AMD
,
318 enum spectre_v2_user_cmd
{
319 SPECTRE_V2_USER_CMD_NONE
,
320 SPECTRE_V2_USER_CMD_AUTO
,
321 SPECTRE_V2_USER_CMD_FORCE
,
322 SPECTRE_V2_USER_CMD_PRCTL
,
323 SPECTRE_V2_USER_CMD_PRCTL_IBPB
,
324 SPECTRE_V2_USER_CMD_SECCOMP
,
325 SPECTRE_V2_USER_CMD_SECCOMP_IBPB
,
328 static const char * const spectre_v2_user_strings
[] = {
329 [SPECTRE_V2_USER_NONE
] = "User space: Vulnerable",
330 [SPECTRE_V2_USER_STRICT
] = "User space: Mitigation: STIBP protection",
331 [SPECTRE_V2_USER_STRICT_PREFERRED
] = "User space: Mitigation: STIBP always-on protection",
332 [SPECTRE_V2_USER_PRCTL
] = "User space: Mitigation: STIBP via prctl",
333 [SPECTRE_V2_USER_SECCOMP
] = "User space: Mitigation: STIBP via seccomp and prctl",
336 static const struct {
338 enum spectre_v2_user_cmd cmd
;
340 } v2_user_options
[] __initdata
= {
341 { "auto", SPECTRE_V2_USER_CMD_AUTO
, false },
342 { "off", SPECTRE_V2_USER_CMD_NONE
, false },
343 { "on", SPECTRE_V2_USER_CMD_FORCE
, true },
344 { "prctl", SPECTRE_V2_USER_CMD_PRCTL
, false },
345 { "prctl,ibpb", SPECTRE_V2_USER_CMD_PRCTL_IBPB
, false },
346 { "seccomp", SPECTRE_V2_USER_CMD_SECCOMP
, false },
347 { "seccomp,ibpb", SPECTRE_V2_USER_CMD_SECCOMP_IBPB
, false },
350 static void __init
spec_v2_user_print_cond(const char *reason
, bool secure
)
352 if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2
) != secure
)
353 pr_info("spectre_v2_user=%s forced on command line.\n", reason
);
356 static enum spectre_v2_user_cmd __init
357 spectre_v2_parse_user_cmdline(enum spectre_v2_mitigation_cmd v2_cmd
)
363 case SPECTRE_V2_CMD_NONE
:
364 return SPECTRE_V2_USER_CMD_NONE
;
365 case SPECTRE_V2_CMD_FORCE
:
366 return SPECTRE_V2_USER_CMD_FORCE
;
371 ret
= cmdline_find_option(boot_command_line
, "spectre_v2_user",
374 return SPECTRE_V2_USER_CMD_AUTO
;
376 for (i
= 0; i
< ARRAY_SIZE(v2_user_options
); i
++) {
377 if (match_option(arg
, ret
, v2_user_options
[i
].option
)) {
378 spec_v2_user_print_cond(v2_user_options
[i
].option
,
379 v2_user_options
[i
].secure
);
380 return v2_user_options
[i
].cmd
;
384 pr_err("Unknown user space protection option (%s). Switching to AUTO select\n", arg
);
385 return SPECTRE_V2_USER_CMD_AUTO
;
389 spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd
)
391 enum spectre_v2_user_mitigation mode
= SPECTRE_V2_USER_NONE
;
392 bool smt_possible
= IS_ENABLED(CONFIG_SMP
);
393 enum spectre_v2_user_cmd cmd
;
395 if (!boot_cpu_has(X86_FEATURE_IBPB
) && !boot_cpu_has(X86_FEATURE_STIBP
))
398 if (cpu_smt_control
== CPU_SMT_FORCE_DISABLED
||
399 cpu_smt_control
== CPU_SMT_NOT_SUPPORTED
)
400 smt_possible
= false;
402 cmd
= spectre_v2_parse_user_cmdline(v2_cmd
);
404 case SPECTRE_V2_USER_CMD_NONE
:
406 case SPECTRE_V2_USER_CMD_FORCE
:
407 mode
= SPECTRE_V2_USER_STRICT
;
409 case SPECTRE_V2_USER_CMD_PRCTL
:
410 case SPECTRE_V2_USER_CMD_PRCTL_IBPB
:
411 mode
= SPECTRE_V2_USER_PRCTL
;
413 case SPECTRE_V2_USER_CMD_AUTO
:
414 case SPECTRE_V2_USER_CMD_SECCOMP
:
415 case SPECTRE_V2_USER_CMD_SECCOMP_IBPB
:
416 if (IS_ENABLED(CONFIG_SECCOMP
))
417 mode
= SPECTRE_V2_USER_SECCOMP
;
419 mode
= SPECTRE_V2_USER_PRCTL
;
424 * At this point, an STIBP mode other than "off" has been set.
425 * If STIBP support is not being forced, check if STIBP always-on
428 if (mode
!= SPECTRE_V2_USER_STRICT
&&
429 boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON
))
430 mode
= SPECTRE_V2_USER_STRICT_PREFERRED
;
432 /* Initialize Indirect Branch Prediction Barrier */
433 if (boot_cpu_has(X86_FEATURE_IBPB
)) {
434 setup_force_cpu_cap(X86_FEATURE_USE_IBPB
);
437 case SPECTRE_V2_USER_CMD_FORCE
:
438 case SPECTRE_V2_USER_CMD_PRCTL_IBPB
:
439 case SPECTRE_V2_USER_CMD_SECCOMP_IBPB
:
440 static_branch_enable(&switch_mm_always_ibpb
);
442 case SPECTRE_V2_USER_CMD_PRCTL
:
443 case SPECTRE_V2_USER_CMD_AUTO
:
444 case SPECTRE_V2_USER_CMD_SECCOMP
:
445 static_branch_enable(&switch_mm_cond_ibpb
);
451 pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n",
452 static_key_enabled(&switch_mm_always_ibpb
) ?
453 "always-on" : "conditional");
456 /* If enhanced IBRS is enabled no STIBP required */
457 if (spectre_v2_enabled
== SPECTRE_V2_IBRS_ENHANCED
)
461 * If SMT is not possible or STIBP is not available clear the STIBP
464 if (!smt_possible
|| !boot_cpu_has(X86_FEATURE_STIBP
))
465 mode
= SPECTRE_V2_USER_NONE
;
467 spectre_v2_user
= mode
;
468 /* Only print the STIBP mode when SMT possible */
470 pr_info("%s\n", spectre_v2_user_strings
[mode
]);
473 static const char * const spectre_v2_strings
[] = {
474 [SPECTRE_V2_NONE
] = "Vulnerable",
475 [SPECTRE_V2_RETPOLINE_GENERIC
] = "Mitigation: Full generic retpoline",
476 [SPECTRE_V2_RETPOLINE_AMD
] = "Mitigation: Full AMD retpoline",
477 [SPECTRE_V2_IBRS_ENHANCED
] = "Mitigation: Enhanced IBRS",
480 static const struct {
482 enum spectre_v2_mitigation_cmd cmd
;
484 } mitigation_options
[] __initdata
= {
485 { "off", SPECTRE_V2_CMD_NONE
, false },
486 { "on", SPECTRE_V2_CMD_FORCE
, true },
487 { "retpoline", SPECTRE_V2_CMD_RETPOLINE
, false },
488 { "retpoline,amd", SPECTRE_V2_CMD_RETPOLINE_AMD
, false },
489 { "retpoline,generic", SPECTRE_V2_CMD_RETPOLINE_GENERIC
, false },
490 { "auto", SPECTRE_V2_CMD_AUTO
, false },
493 static void __init
spec_v2_print_cond(const char *reason
, bool secure
)
495 if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2
) != secure
)
496 pr_info("%s selected on command line.\n", reason
);
499 static enum spectre_v2_mitigation_cmd __init
spectre_v2_parse_cmdline(void)
501 enum spectre_v2_mitigation_cmd cmd
= SPECTRE_V2_CMD_AUTO
;
505 if (cmdline_find_option_bool(boot_command_line
, "nospectre_v2"))
506 return SPECTRE_V2_CMD_NONE
;
508 ret
= cmdline_find_option(boot_command_line
, "spectre_v2", arg
, sizeof(arg
));
510 return SPECTRE_V2_CMD_AUTO
;
512 for (i
= 0; i
< ARRAY_SIZE(mitigation_options
); i
++) {
513 if (!match_option(arg
, ret
, mitigation_options
[i
].option
))
515 cmd
= mitigation_options
[i
].cmd
;
519 if (i
>= ARRAY_SIZE(mitigation_options
)) {
520 pr_err("unknown option (%s). Switching to AUTO select\n", arg
);
521 return SPECTRE_V2_CMD_AUTO
;
524 if ((cmd
== SPECTRE_V2_CMD_RETPOLINE
||
525 cmd
== SPECTRE_V2_CMD_RETPOLINE_AMD
||
526 cmd
== SPECTRE_V2_CMD_RETPOLINE_GENERIC
) &&
527 !IS_ENABLED(CONFIG_RETPOLINE
)) {
528 pr_err("%s selected but not compiled in. Switching to AUTO select\n", mitigation_options
[i
].option
);
529 return SPECTRE_V2_CMD_AUTO
;
532 if (cmd
== SPECTRE_V2_CMD_RETPOLINE_AMD
&&
533 boot_cpu_data
.x86_vendor
!= X86_VENDOR_AMD
) {
534 pr_err("retpoline,amd selected but CPU is not AMD. Switching to AUTO select\n");
535 return SPECTRE_V2_CMD_AUTO
;
538 spec_v2_print_cond(mitigation_options
[i
].option
,
539 mitigation_options
[i
].secure
);
543 static void __init
spectre_v2_select_mitigation(void)
545 enum spectre_v2_mitigation_cmd cmd
= spectre_v2_parse_cmdline();
546 enum spectre_v2_mitigation mode
= SPECTRE_V2_NONE
;
549 * If the CPU is not affected and the command line mode is NONE or AUTO
550 * then nothing to do.
552 if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2
) &&
553 (cmd
== SPECTRE_V2_CMD_NONE
|| cmd
== SPECTRE_V2_CMD_AUTO
))
557 case SPECTRE_V2_CMD_NONE
:
560 case SPECTRE_V2_CMD_FORCE
:
561 case SPECTRE_V2_CMD_AUTO
:
562 if (boot_cpu_has(X86_FEATURE_IBRS_ENHANCED
)) {
563 mode
= SPECTRE_V2_IBRS_ENHANCED
;
564 /* Force it so VMEXIT will restore correctly */
565 x86_spec_ctrl_base
|= SPEC_CTRL_IBRS
;
566 wrmsrl(MSR_IA32_SPEC_CTRL
, x86_spec_ctrl_base
);
567 goto specv2_set_mode
;
569 if (IS_ENABLED(CONFIG_RETPOLINE
))
572 case SPECTRE_V2_CMD_RETPOLINE_AMD
:
573 if (IS_ENABLED(CONFIG_RETPOLINE
))
576 case SPECTRE_V2_CMD_RETPOLINE_GENERIC
:
577 if (IS_ENABLED(CONFIG_RETPOLINE
))
578 goto retpoline_generic
;
580 case SPECTRE_V2_CMD_RETPOLINE
:
581 if (IS_ENABLED(CONFIG_RETPOLINE
))
585 pr_err("Spectre mitigation: kernel not compiled with retpoline; no mitigation available!");
589 if (boot_cpu_data
.x86_vendor
== X86_VENDOR_AMD
) {
591 if (!boot_cpu_has(X86_FEATURE_LFENCE_RDTSC
)) {
592 pr_err("Spectre mitigation: LFENCE not serializing, switching to generic retpoline\n");
593 goto retpoline_generic
;
595 mode
= SPECTRE_V2_RETPOLINE_AMD
;
596 setup_force_cpu_cap(X86_FEATURE_RETPOLINE_AMD
);
597 setup_force_cpu_cap(X86_FEATURE_RETPOLINE
);
600 mode
= SPECTRE_V2_RETPOLINE_GENERIC
;
601 setup_force_cpu_cap(X86_FEATURE_RETPOLINE
);
605 spectre_v2_enabled
= mode
;
606 pr_info("%s\n", spectre_v2_strings
[mode
]);
609 * If spectre v2 protection has been enabled, unconditionally fill
610 * RSB during a context switch; this protects against two independent
613 * - RSB underflow (and switch to BTB) on Skylake+
614 * - SpectreRSB variant of spectre v2 on X86_BUG_SPECTRE_V2 CPUs
616 setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW
);
617 pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n");
620 * Retpoline means the kernel is safe because it has no indirect
621 * branches. Enhanced IBRS protects firmware too, so, enable restricted
622 * speculation around firmware calls only when Enhanced IBRS isn't
625 * Use "mode" to check Enhanced IBRS instead of boot_cpu_has(), because
626 * the user might select retpoline on the kernel command line and if
627 * the CPU supports Enhanced IBRS, kernel might un-intentionally not
628 * enable IBRS around firmware calls.
630 if (boot_cpu_has(X86_FEATURE_IBRS
) && mode
!= SPECTRE_V2_IBRS_ENHANCED
) {
631 setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW
);
632 pr_info("Enabling Restricted Speculation for firmware calls\n");
635 /* Set up IBPB and STIBP depending on the general spectre V2 command */
636 spectre_v2_user_select_mitigation(cmd
);
638 /* Enable STIBP if appropriate */
642 static void update_stibp_msr(void * __unused
)
644 wrmsrl(MSR_IA32_SPEC_CTRL
, x86_spec_ctrl_base
);
647 /* Update x86_spec_ctrl_base in case SMT state changed. */
648 static void update_stibp_strict(void)
650 u64 mask
= x86_spec_ctrl_base
& ~SPEC_CTRL_STIBP
;
652 if (sched_smt_active())
653 mask
|= SPEC_CTRL_STIBP
;
655 if (mask
== x86_spec_ctrl_base
)
658 pr_info("Update user space SMT mitigation: STIBP %s\n",
659 mask
& SPEC_CTRL_STIBP
? "always-on" : "off");
660 x86_spec_ctrl_base
= mask
;
661 on_each_cpu(update_stibp_msr
, NULL
, 1);
664 /* Update the static key controlling the evaluation of TIF_SPEC_IB */
665 static void update_indir_branch_cond(void)
667 if (sched_smt_active())
668 static_branch_enable(&switch_to_cond_stibp
);
670 static_branch_disable(&switch_to_cond_stibp
);
673 /* Update the static key controlling the MDS CPU buffer clear in idle */
674 static void update_mds_branch_idle(void)
677 * Enable the idle clearing on CPUs which are affected only by
678 * MDBDS and not any other MDS variant. The other variants cannot
679 * be mitigated when SMT is enabled, so clearing the buffers on
680 * idle would be a window dressing exercise.
682 if (!boot_cpu_has(X86_BUG_MSBDS_ONLY
))
685 if (sched_smt_active())
686 static_branch_enable(&mds_idle_clear
);
688 static_branch_disable(&mds_idle_clear
);
691 void arch_smt_update(void)
693 /* Enhanced IBRS implies STIBP. No update required. */
694 if (spectre_v2_enabled
== SPECTRE_V2_IBRS_ENHANCED
)
697 mutex_lock(&spec_ctrl_mutex
);
699 switch (spectre_v2_user
) {
700 case SPECTRE_V2_USER_NONE
:
702 case SPECTRE_V2_USER_STRICT
:
703 case SPECTRE_V2_USER_STRICT_PREFERRED
:
704 update_stibp_strict();
706 case SPECTRE_V2_USER_PRCTL
:
707 case SPECTRE_V2_USER_SECCOMP
:
708 update_indir_branch_cond();
712 switch(mds_mitigation
) {
713 case MDS_MITIGATION_FULL
:
714 case MDS_MITIGATION_VMWERV
:
715 update_mds_branch_idle();
717 case MDS_MITIGATION_OFF
:
721 mutex_unlock(&spec_ctrl_mutex
);
725 #define pr_fmt(fmt) "Speculative Store Bypass: " fmt
727 static enum ssb_mitigation ssb_mode __ro_after_init
= SPEC_STORE_BYPASS_NONE
;
729 /* The kernel command line selection */
730 enum ssb_mitigation_cmd
{
731 SPEC_STORE_BYPASS_CMD_NONE
,
732 SPEC_STORE_BYPASS_CMD_AUTO
,
733 SPEC_STORE_BYPASS_CMD_ON
,
734 SPEC_STORE_BYPASS_CMD_PRCTL
,
735 SPEC_STORE_BYPASS_CMD_SECCOMP
,
738 static const char * const ssb_strings
[] = {
739 [SPEC_STORE_BYPASS_NONE
] = "Vulnerable",
740 [SPEC_STORE_BYPASS_DISABLE
] = "Mitigation: Speculative Store Bypass disabled",
741 [SPEC_STORE_BYPASS_PRCTL
] = "Mitigation: Speculative Store Bypass disabled via prctl",
742 [SPEC_STORE_BYPASS_SECCOMP
] = "Mitigation: Speculative Store Bypass disabled via prctl and seccomp",
745 static const struct {
747 enum ssb_mitigation_cmd cmd
;
748 } ssb_mitigation_options
[] __initdata
= {
749 { "auto", SPEC_STORE_BYPASS_CMD_AUTO
}, /* Platform decides */
750 { "on", SPEC_STORE_BYPASS_CMD_ON
}, /* Disable Speculative Store Bypass */
751 { "off", SPEC_STORE_BYPASS_CMD_NONE
}, /* Don't touch Speculative Store Bypass */
752 { "prctl", SPEC_STORE_BYPASS_CMD_PRCTL
}, /* Disable Speculative Store Bypass via prctl */
753 { "seccomp", SPEC_STORE_BYPASS_CMD_SECCOMP
}, /* Disable Speculative Store Bypass via prctl and seccomp */
756 static enum ssb_mitigation_cmd __init
ssb_parse_cmdline(void)
758 enum ssb_mitigation_cmd cmd
= SPEC_STORE_BYPASS_CMD_AUTO
;
762 if (cmdline_find_option_bool(boot_command_line
, "nospec_store_bypass_disable")) {
763 return SPEC_STORE_BYPASS_CMD_NONE
;
765 ret
= cmdline_find_option(boot_command_line
, "spec_store_bypass_disable",
768 return SPEC_STORE_BYPASS_CMD_AUTO
;
770 for (i
= 0; i
< ARRAY_SIZE(ssb_mitigation_options
); i
++) {
771 if (!match_option(arg
, ret
, ssb_mitigation_options
[i
].option
))
774 cmd
= ssb_mitigation_options
[i
].cmd
;
778 if (i
>= ARRAY_SIZE(ssb_mitigation_options
)) {
779 pr_err("unknown option (%s). Switching to AUTO select\n", arg
);
780 return SPEC_STORE_BYPASS_CMD_AUTO
;
787 static enum ssb_mitigation __init
__ssb_select_mitigation(void)
789 enum ssb_mitigation mode
= SPEC_STORE_BYPASS_NONE
;
790 enum ssb_mitigation_cmd cmd
;
792 if (!boot_cpu_has(X86_FEATURE_SSBD
))
795 cmd
= ssb_parse_cmdline();
796 if (!boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS
) &&
797 (cmd
== SPEC_STORE_BYPASS_CMD_NONE
||
798 cmd
== SPEC_STORE_BYPASS_CMD_AUTO
))
802 case SPEC_STORE_BYPASS_CMD_AUTO
:
803 case SPEC_STORE_BYPASS_CMD_SECCOMP
:
805 * Choose prctl+seccomp as the default mode if seccomp is
808 if (IS_ENABLED(CONFIG_SECCOMP
))
809 mode
= SPEC_STORE_BYPASS_SECCOMP
;
811 mode
= SPEC_STORE_BYPASS_PRCTL
;
813 case SPEC_STORE_BYPASS_CMD_ON
:
814 mode
= SPEC_STORE_BYPASS_DISABLE
;
816 case SPEC_STORE_BYPASS_CMD_PRCTL
:
817 mode
= SPEC_STORE_BYPASS_PRCTL
;
819 case SPEC_STORE_BYPASS_CMD_NONE
:
824 * We have three CPU feature flags that are in play here:
825 * - X86_BUG_SPEC_STORE_BYPASS - CPU is susceptible.
826 * - X86_FEATURE_SSBD - CPU is able to turn off speculative store bypass
827 * - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation
829 if (mode
== SPEC_STORE_BYPASS_DISABLE
) {
830 setup_force_cpu_cap(X86_FEATURE_SPEC_STORE_BYPASS_DISABLE
);
832 * Intel uses the SPEC CTRL MSR Bit(2) for this, while AMD may
833 * use a completely different MSR and bit dependent on family.
835 if (!static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD
) &&
836 !static_cpu_has(X86_FEATURE_AMD_SSBD
)) {
837 x86_amd_ssb_disable();
839 x86_spec_ctrl_base
|= SPEC_CTRL_SSBD
;
840 x86_spec_ctrl_mask
|= SPEC_CTRL_SSBD
;
841 wrmsrl(MSR_IA32_SPEC_CTRL
, x86_spec_ctrl_base
);
848 static void ssb_select_mitigation(void)
850 ssb_mode
= __ssb_select_mitigation();
852 if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS
))
853 pr_info("%s\n", ssb_strings
[ssb_mode
]);
857 #define pr_fmt(fmt) "Speculation prctl: " fmt
859 static void task_update_spec_tif(struct task_struct
*tsk
)
861 /* Force the update of the real TIF bits */
862 set_tsk_thread_flag(tsk
, TIF_SPEC_FORCE_UPDATE
);
865 * Immediately update the speculation control MSRs for the current
866 * task, but for a non-current task delay setting the CPU
867 * mitigation until it is scheduled next.
869 * This can only happen for SECCOMP mitigation. For PRCTL it's
870 * always the current task.
873 speculation_ctrl_update_current();
876 static int ssb_prctl_set(struct task_struct
*task
, unsigned long ctrl
)
878 if (ssb_mode
!= SPEC_STORE_BYPASS_PRCTL
&&
879 ssb_mode
!= SPEC_STORE_BYPASS_SECCOMP
)
884 /* If speculation is force disabled, enable is not allowed */
885 if (task_spec_ssb_force_disable(task
))
887 task_clear_spec_ssb_disable(task
);
888 task_update_spec_tif(task
);
890 case PR_SPEC_DISABLE
:
891 task_set_spec_ssb_disable(task
);
892 task_update_spec_tif(task
);
894 case PR_SPEC_FORCE_DISABLE
:
895 task_set_spec_ssb_disable(task
);
896 task_set_spec_ssb_force_disable(task
);
897 task_update_spec_tif(task
);
905 static int ib_prctl_set(struct task_struct
*task
, unsigned long ctrl
)
909 if (spectre_v2_user
== SPECTRE_V2_USER_NONE
)
912 * Indirect branch speculation is always disabled in strict
915 if (spectre_v2_user
== SPECTRE_V2_USER_STRICT
||
916 spectre_v2_user
== SPECTRE_V2_USER_STRICT_PREFERRED
)
918 task_clear_spec_ib_disable(task
);
919 task_update_spec_tif(task
);
921 case PR_SPEC_DISABLE
:
922 case PR_SPEC_FORCE_DISABLE
:
924 * Indirect branch speculation is always allowed when
925 * mitigation is force disabled.
927 if (spectre_v2_user
== SPECTRE_V2_USER_NONE
)
929 if (spectre_v2_user
== SPECTRE_V2_USER_STRICT
||
930 spectre_v2_user
== SPECTRE_V2_USER_STRICT_PREFERRED
)
932 task_set_spec_ib_disable(task
);
933 if (ctrl
== PR_SPEC_FORCE_DISABLE
)
934 task_set_spec_ib_force_disable(task
);
935 task_update_spec_tif(task
);
943 int arch_prctl_spec_ctrl_set(struct task_struct
*task
, unsigned long which
,
947 case PR_SPEC_STORE_BYPASS
:
948 return ssb_prctl_set(task
, ctrl
);
949 case PR_SPEC_INDIRECT_BRANCH
:
950 return ib_prctl_set(task
, ctrl
);
956 #ifdef CONFIG_SECCOMP
957 void arch_seccomp_spec_mitigate(struct task_struct
*task
)
959 if (ssb_mode
== SPEC_STORE_BYPASS_SECCOMP
)
960 ssb_prctl_set(task
, PR_SPEC_FORCE_DISABLE
);
961 if (spectre_v2_user
== SPECTRE_V2_USER_SECCOMP
)
962 ib_prctl_set(task
, PR_SPEC_FORCE_DISABLE
);
966 static int ssb_prctl_get(struct task_struct
*task
)
969 case SPEC_STORE_BYPASS_DISABLE
:
970 return PR_SPEC_DISABLE
;
971 case SPEC_STORE_BYPASS_SECCOMP
:
972 case SPEC_STORE_BYPASS_PRCTL
:
973 if (task_spec_ssb_force_disable(task
))
974 return PR_SPEC_PRCTL
| PR_SPEC_FORCE_DISABLE
;
975 if (task_spec_ssb_disable(task
))
976 return PR_SPEC_PRCTL
| PR_SPEC_DISABLE
;
977 return PR_SPEC_PRCTL
| PR_SPEC_ENABLE
;
979 if (boot_cpu_has_bug(X86_BUG_SPEC_STORE_BYPASS
))
980 return PR_SPEC_ENABLE
;
981 return PR_SPEC_NOT_AFFECTED
;
985 static int ib_prctl_get(struct task_struct
*task
)
987 if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2
))
988 return PR_SPEC_NOT_AFFECTED
;
990 switch (spectre_v2_user
) {
991 case SPECTRE_V2_USER_NONE
:
992 return PR_SPEC_ENABLE
;
993 case SPECTRE_V2_USER_PRCTL
:
994 case SPECTRE_V2_USER_SECCOMP
:
995 if (task_spec_ib_force_disable(task
))
996 return PR_SPEC_PRCTL
| PR_SPEC_FORCE_DISABLE
;
997 if (task_spec_ib_disable(task
))
998 return PR_SPEC_PRCTL
| PR_SPEC_DISABLE
;
999 return PR_SPEC_PRCTL
| PR_SPEC_ENABLE
;
1000 case SPECTRE_V2_USER_STRICT
:
1001 case SPECTRE_V2_USER_STRICT_PREFERRED
:
1002 return PR_SPEC_DISABLE
;
1004 return PR_SPEC_NOT_AFFECTED
;
1008 int arch_prctl_spec_ctrl_get(struct task_struct
*task
, unsigned long which
)
1011 case PR_SPEC_STORE_BYPASS
:
1012 return ssb_prctl_get(task
);
1013 case PR_SPEC_INDIRECT_BRANCH
:
1014 return ib_prctl_get(task
);
1020 void x86_spec_ctrl_setup_ap(void)
1022 if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL
))
1023 wrmsrl(MSR_IA32_SPEC_CTRL
, x86_spec_ctrl_base
);
1025 if (ssb_mode
== SPEC_STORE_BYPASS_DISABLE
)
1026 x86_amd_ssb_disable();
1030 #define pr_fmt(fmt) "L1TF: " fmt
1032 /* Default mitigation for L1TF-affected CPUs */
1033 enum l1tf_mitigations l1tf_mitigation __ro_after_init
= L1TF_MITIGATION_FLUSH
;
1034 #if IS_ENABLED(CONFIG_KVM_INTEL)
1035 EXPORT_SYMBOL_GPL(l1tf_mitigation
);
1037 enum vmx_l1d_flush_state l1tf_vmx_mitigation
= VMENTER_L1D_FLUSH_AUTO
;
1038 EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation
);
1042 * These CPUs all support 44bits physical address space internally in the
1043 * cache but CPUID can report a smaller number of physical address bits.
1045 * The L1TF mitigation uses the top most address bit for the inversion of
1046 * non present PTEs. When the installed memory reaches into the top most
1047 * address bit due to memory holes, which has been observed on machines
1048 * which report 36bits physical address bits and have 32G RAM installed,
1049 * then the mitigation range check in l1tf_select_mitigation() triggers.
1050 * This is a false positive because the mitigation is still possible due to
1051 * the fact that the cache uses 44bit internally. Use the cache bits
1052 * instead of the reported physical bits and adjust them on the affected
1053 * machines to 44bit if the reported bits are less than 44.
1055 static void override_cache_bits(struct cpuinfo_x86
*c
)
1060 switch (c
->x86_model
) {
1061 case INTEL_FAM6_NEHALEM
:
1062 case INTEL_FAM6_WESTMERE
:
1063 case INTEL_FAM6_SANDYBRIDGE
:
1064 case INTEL_FAM6_IVYBRIDGE
:
1065 case INTEL_FAM6_HASWELL_CORE
:
1066 case INTEL_FAM6_HASWELL_ULT
:
1067 case INTEL_FAM6_HASWELL_GT3E
:
1068 case INTEL_FAM6_BROADWELL_CORE
:
1069 case INTEL_FAM6_BROADWELL_GT3E
:
1070 case INTEL_FAM6_SKYLAKE_MOBILE
:
1071 case INTEL_FAM6_SKYLAKE_DESKTOP
:
1072 case INTEL_FAM6_KABYLAKE_MOBILE
:
1073 case INTEL_FAM6_KABYLAKE_DESKTOP
:
1074 if (c
->x86_cache_bits
< 44)
1075 c
->x86_cache_bits
= 44;
1080 static void __init
l1tf_select_mitigation(void)
1084 if (!boot_cpu_has_bug(X86_BUG_L1TF
))
1087 override_cache_bits(&boot_cpu_data
);
1089 switch (l1tf_mitigation
) {
1090 case L1TF_MITIGATION_OFF
:
1091 case L1TF_MITIGATION_FLUSH_NOWARN
:
1092 case L1TF_MITIGATION_FLUSH
:
1094 case L1TF_MITIGATION_FLUSH_NOSMT
:
1095 case L1TF_MITIGATION_FULL
:
1096 cpu_smt_disable(false);
1098 case L1TF_MITIGATION_FULL_FORCE
:
1099 cpu_smt_disable(true);
1103 #if CONFIG_PGTABLE_LEVELS == 2
1104 pr_warn("Kernel not compiled for PAE. No mitigation for L1TF\n");
1108 half_pa
= (u64
)l1tf_pfn_limit() << PAGE_SHIFT
;
1109 if (e820__mapped_any(half_pa
, ULLONG_MAX
- half_pa
, E820_TYPE_RAM
)) {
1110 pr_warn("System has more than MAX_PA/2 memory. L1TF mitigation not effective.\n");
1111 pr_info("You may make it effective by booting the kernel with mem=%llu parameter.\n",
1113 pr_info("However, doing so will make a part of your RAM unusable.\n");
1114 pr_info("Reading https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html might help you decide.\n");
1118 setup_force_cpu_cap(X86_FEATURE_L1TF_PTEINV
);
1121 static int __init
l1tf_cmdline(char *str
)
1123 if (!boot_cpu_has_bug(X86_BUG_L1TF
))
1129 if (!strcmp(str
, "off"))
1130 l1tf_mitigation
= L1TF_MITIGATION_OFF
;
1131 else if (!strcmp(str
, "flush,nowarn"))
1132 l1tf_mitigation
= L1TF_MITIGATION_FLUSH_NOWARN
;
1133 else if (!strcmp(str
, "flush"))
1134 l1tf_mitigation
= L1TF_MITIGATION_FLUSH
;
1135 else if (!strcmp(str
, "flush,nosmt"))
1136 l1tf_mitigation
= L1TF_MITIGATION_FLUSH_NOSMT
;
1137 else if (!strcmp(str
, "full"))
1138 l1tf_mitigation
= L1TF_MITIGATION_FULL
;
1139 else if (!strcmp(str
, "full,force"))
1140 l1tf_mitigation
= L1TF_MITIGATION_FULL_FORCE
;
1144 early_param("l1tf", l1tf_cmdline
);
1150 #define L1TF_DEFAULT_MSG "Mitigation: PTE Inversion"
1152 #if IS_ENABLED(CONFIG_KVM_INTEL)
1153 static const char * const l1tf_vmx_states
[] = {
1154 [VMENTER_L1D_FLUSH_AUTO
] = "auto",
1155 [VMENTER_L1D_FLUSH_NEVER
] = "vulnerable",
1156 [VMENTER_L1D_FLUSH_COND
] = "conditional cache flushes",
1157 [VMENTER_L1D_FLUSH_ALWAYS
] = "cache flushes",
1158 [VMENTER_L1D_FLUSH_EPT_DISABLED
] = "EPT disabled",
1159 [VMENTER_L1D_FLUSH_NOT_REQUIRED
] = "flush not necessary"
1162 static ssize_t
l1tf_show_state(char *buf
)
1164 if (l1tf_vmx_mitigation
== VMENTER_L1D_FLUSH_AUTO
)
1165 return sprintf(buf
, "%s\n", L1TF_DEFAULT_MSG
);
1167 if (l1tf_vmx_mitigation
== VMENTER_L1D_FLUSH_EPT_DISABLED
||
1168 (l1tf_vmx_mitigation
== VMENTER_L1D_FLUSH_NEVER
&&
1169 sched_smt_active())) {
1170 return sprintf(buf
, "%s; VMX: %s\n", L1TF_DEFAULT_MSG
,
1171 l1tf_vmx_states
[l1tf_vmx_mitigation
]);
1174 return sprintf(buf
, "%s; VMX: %s, SMT %s\n", L1TF_DEFAULT_MSG
,
1175 l1tf_vmx_states
[l1tf_vmx_mitigation
],
1176 sched_smt_active() ? "vulnerable" : "disabled");
1179 static ssize_t
l1tf_show_state(char *buf
)
1181 return sprintf(buf
, "%s\n", L1TF_DEFAULT_MSG
);
1185 static ssize_t
mds_show_state(char *buf
)
1187 if (!hypervisor_is_type(X86_HYPER_NATIVE
)) {
1188 return sprintf(buf
, "%s; SMT Host state unknown\n",
1189 mds_strings
[mds_mitigation
]);
1192 if (boot_cpu_has(X86_BUG_MSBDS_ONLY
)) {
1193 return sprintf(buf
, "%s; SMT %s\n", mds_strings
[mds_mitigation
],
1194 sched_smt_active() ? "mitigated" : "disabled");
1197 return sprintf(buf
, "%s; SMT %s\n", mds_strings
[mds_mitigation
],
1198 sched_smt_active() ? "vulnerable" : "disabled");
1201 static char *stibp_state(void)
1203 if (spectre_v2_enabled
== SPECTRE_V2_IBRS_ENHANCED
)
1206 switch (spectre_v2_user
) {
1207 case SPECTRE_V2_USER_NONE
:
1208 return ", STIBP: disabled";
1209 case SPECTRE_V2_USER_STRICT
:
1210 return ", STIBP: forced";
1211 case SPECTRE_V2_USER_STRICT_PREFERRED
:
1212 return ", STIBP: always-on";
1213 case SPECTRE_V2_USER_PRCTL
:
1214 case SPECTRE_V2_USER_SECCOMP
:
1215 if (static_key_enabled(&switch_to_cond_stibp
))
1216 return ", STIBP: conditional";
1221 static char *ibpb_state(void)
1223 if (boot_cpu_has(X86_FEATURE_IBPB
)) {
1224 if (static_key_enabled(&switch_mm_always_ibpb
))
1225 return ", IBPB: always-on";
1226 if (static_key_enabled(&switch_mm_cond_ibpb
))
1227 return ", IBPB: conditional";
1228 return ", IBPB: disabled";
1233 static ssize_t
cpu_show_common(struct device
*dev
, struct device_attribute
*attr
,
1234 char *buf
, unsigned int bug
)
1236 if (!boot_cpu_has_bug(bug
))
1237 return sprintf(buf
, "Not affected\n");
1240 case X86_BUG_CPU_MELTDOWN
:
1241 if (boot_cpu_has(X86_FEATURE_PTI
))
1242 return sprintf(buf
, "Mitigation: PTI\n");
1246 case X86_BUG_SPECTRE_V1
:
1247 return sprintf(buf
, "Mitigation: __user pointer sanitization\n");
1249 case X86_BUG_SPECTRE_V2
:
1250 return sprintf(buf
, "%s%s%s%s%s%s\n", spectre_v2_strings
[spectre_v2_enabled
],
1252 boot_cpu_has(X86_FEATURE_USE_IBRS_FW
) ? ", IBRS_FW" : "",
1254 boot_cpu_has(X86_FEATURE_RSB_CTXSW
) ? ", RSB filling" : "",
1255 spectre_v2_module_string());
1257 case X86_BUG_SPEC_STORE_BYPASS
:
1258 return sprintf(buf
, "%s\n", ssb_strings
[ssb_mode
]);
1261 if (boot_cpu_has(X86_FEATURE_L1TF_PTEINV
))
1262 return l1tf_show_state(buf
);
1266 return mds_show_state(buf
);
1272 return sprintf(buf
, "Vulnerable\n");
1275 ssize_t
cpu_show_meltdown(struct device
*dev
, struct device_attribute
*attr
, char *buf
)
1277 return cpu_show_common(dev
, attr
, buf
, X86_BUG_CPU_MELTDOWN
);
1280 ssize_t
cpu_show_spectre_v1(struct device
*dev
, struct device_attribute
*attr
, char *buf
)
1282 return cpu_show_common(dev
, attr
, buf
, X86_BUG_SPECTRE_V1
);
1285 ssize_t
cpu_show_spectre_v2(struct device
*dev
, struct device_attribute
*attr
, char *buf
)
1287 return cpu_show_common(dev
, attr
, buf
, X86_BUG_SPECTRE_V2
);
1290 ssize_t
cpu_show_spec_store_bypass(struct device
*dev
, struct device_attribute
*attr
, char *buf
)
1292 return cpu_show_common(dev
, attr
, buf
, X86_BUG_SPEC_STORE_BYPASS
);
1295 ssize_t
cpu_show_l1tf(struct device
*dev
, struct device_attribute
*attr
, char *buf
)
1297 return cpu_show_common(dev
, attr
, buf
, X86_BUG_L1TF
);
1300 ssize_t
cpu_show_mds(struct device
*dev
, struct device_attribute
*attr
, char *buf
)
1302 return cpu_show_common(dev
, attr
, buf
, X86_BUG_MDS
);