x86/speculation/mds: Add 'mitigations=' support for MDS

commit 5c14068f87d04adc73ba3f41c2a303d3c3d1fa12 upstream.

Add MDS to the new 'mitigations=' cmdline option.

Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 5f81df1..55a9bbb 100644 (file)
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2488,6 +2488,7 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
                                               spectre_v2_user=off [X86]
                                               spec_store_bypass_disable=off [X86]
                                               l1tf=off [X86]
+                                              mds=off [X86]
 
                        auto (default)
                                Mitigate all CPU vulnerabilities, but leave SMT
@@ -2502,6 +2503,7 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
                                if needed.  This is for users who always want to
                                be fully mitigated, even if it means losing SMT.
                                Equivalent to: l1tf=flush,nosmt [X86]
+                                              mds=full,nosmt [X86]
 
        mminit_loglevel=
                        [KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index c2e07be..6eef57e 100644 (file)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -230,7 +230,7 @@ static const char * const mds_strings[] = {
 
 static void __init mds_select_mitigation(void)
 {
-       if (!boot_cpu_has_bug(X86_BUG_MDS)) {
+       if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) {
                mds_mitigation = MDS_MITIGATION_OFF;
                return;
        }
@@ -241,7 +241,8 @@ static void __init mds_select_mitigation(void)
 
                static_branch_enable(&mds_user_clear);
 
-               if (mds_nosmt && !boot_cpu_has(X86_BUG_MSBDS_ONLY))
+               if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) &&
+                   (mds_nosmt || cpu_mitigations_auto_nosmt()))
                        cpu_smt_disable(false);
        }