Re: [RFC PATCH] cpu/bugs: Disable CPU mitigations at compilation time

From: Pawan Gupta
Date: Thu Feb 02 2023 - 16:44:56 EST

Next message: Yabin Cui: "[PATCH v3] coresight: tmc: Don't enable TMC when it's not ready."
Previous message: Oliver Upton: "Re: [PATCH 0/4] KVM: arm64: Fix CPU resume/on with pKVM"
In reply to: Breno Leitao: "[RFC PATCH] cpu/bugs: Disable CPU mitigations at compilation time"
Next in thread: Breno Leitao: "Re: [RFC PATCH] cpu/bugs: Disable CPU mitigations at compilation time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 02, 2023 at 10:08:58AM -0800, Breno Leitao wrote:
> Right now it is not possible to disable CPU vulnerabilities mitigations
> at build time. Mitigation needs to be disabled passing kernel
> parameters, such as 'mitigations=off'.
>
> This patch creates an easy way to disable mitigation during compilation

s/This patch creates/Create/

Describe your changes in imperative mood, e.g. “make xyzzy do frotz”
instead of “[This patch] makes xyzzy do frotz” or “[I] changed xyzzy to
do frotz”, as if you are giving orders to the codebase to change its
behaviour.

https://www.kernel.org/doc/html/latest/process/submitting-patches.html#describe-your-changes

> time (CONFIG_DEFAULT_CPU_MITIGATIONS_OFF), so, insecure kernel users don't
> need to deal with kernel parameters when booting insecure kernels.
>
> Signed-off-by: Breno Leitao <leitao@xxxxxxxxxx>
> ---
> kernel/cpu.c | 5 +++++
> security/Kconfig | 11 +++++++++++
> 2 files changed, 16 insertions(+)
>
> diff --git a/kernel/cpu.c b/kernel/cpu.c
> index 6c0a92ca6bb5..497e9a3d3d77 100644
> --- a/kernel/cpu.c
> +++ b/kernel/cpu.c
> @@ -2727,8 +2727,13 @@ enum cpu_mitigations {
> CPU_MITIGATIONS_AUTO_NOSMT,
> };
>
> +#ifdef CONFIG_DEFAULT_CPU_MITIGATIONS_OFF
> +static enum cpu_mitigations cpu_mitigations __ro_after_init =
> + CPU_MITIGATIONS_OFF;
> +#else
> static enum cpu_mitigations cpu_mitigations __ro_after_init =
> CPU_MITIGATIONS_AUTO;
> +#endif

With the 80 char limit gone, I think below is more readable:

#ifdef CONFIG_DEFAULT_CPU_MITIGATIONS_OFF
static enum cpu_mitigations cpu_mitigations __ro_after_init = CPU_MITIGATIONS_OFF;
#else
static enum cpu_mitigations cpu_mitigations __ro_after_init = CPU_MITIGATIONS_AUTO;
#endif

> static int __init mitigations_parse_cmdline(char *arg)
> {
> diff --git a/security/Kconfig b/security/Kconfig
> index e6db09a779b7..a70427dc6ace 100644
> --- a/security/Kconfig
> +++ b/security/Kconfig
> @@ -258,6 +258,17 @@ config LSM
>
> If unsure, leave this as the default.
>
> +config CONFIG_DEFAULT_CPU_MITIGATIONS_OFF

CONFIG_ is implicit, this needs to be:

config DEFAULT_CPU_MITIGATIONS_OFF

> + bool "Disable mitigations for CPU vulnerabilities by default"
> + default n
> + help
> + This option disable mitigations for CPU vulnerabilities by default.

s/disable/disables/

> + This improves system performance, but it may also expose users
> + to several CPU vulnerabilities.
> + This has the same effect as passing `mitigations=off` kernel
> + parameter. The mitigations could be enabled back passing the
> + 'mitigations' parameter.
> +
> source "security/Kconfig.hardening"
>
> endmenu
> --
> 2.30.2
>

Next message: Yabin Cui: "[PATCH v3] coresight: tmc: Don't enable TMC when it's not ready."
Previous message: Oliver Upton: "Re: [PATCH 0/4] KVM: arm64: Fix CPU resume/on with pKVM"
In reply to: Breno Leitao: "[RFC PATCH] cpu/bugs: Disable CPU mitigations at compilation time"
Next in thread: Breno Leitao: "Re: [RFC PATCH] cpu/bugs: Disable CPU mitigations at compilation time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]