Re: [PATCH 1/3] x86/bugs: Create an option to disable MDS
From: Breno Leitao
Date: Fri Jun 16 2023 - 07:47:13 EST
On Thu, Jun 15, 2023 at 03:13:47PM -0700, Pawan Gupta wrote:
> On Thu, Jun 15, 2023 at 09:44:12AM -0700, Breno Leitao wrote:
> > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> > index 182af64387d0..50f12829dce9 100644
> > --- a/arch/x86/kernel/cpu/bugs.c
> > +++ b/arch/x86/kernel/cpu/bugs.c
> > @@ -269,6 +269,7 @@ static void x86_amd_ssb_disable(void)
> > /* Default mitigation for MDS-affected CPUs */
> > static enum mds_mitigations mds_mitigation __ro_after_init = MDS_MITIGATION_FULL;
> > static bool mds_nosmt __ro_after_init = false;
> > +#define MDS_WARN_MSG "WARNING: Microarchitectural Data Sampling (MDS) speculative mitigation disabled!\n"
> >
> > static const char * const mds_strings[] = {
> > [MDS_MITIGATION_OFF] = "Vulnerable",
> > @@ -278,11 +279,17 @@ static const char * const mds_strings[] = {
> >
> > static void __init mds_select_mitigation(void)
> > {
> > - if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) {
> > + if (!boot_cpu_has_bug(X86_BUG_MDS)) {
> > mds_mitigation = MDS_MITIGATION_OFF;
> > return;
> > }
> >
> > + if (cpu_mitigations_off() || !IS_ENABLED(CONFIG_MITIGATE_MDS)) {
> > + mds_mitigation = MDS_MITIGATION_OFF;
> > + pr_err(MDS_WARN_MSG);
> > + return;
>
> Why does compile time config needs to be so restrictive that it does not
> allow runtime override with mds= cmdline?
>
> I believe Kconfig should only be setting the mitigation default,
> allowing users to select mitigation at runtime:
Sure, that is doable as well. If no one has any opposition to it, I will
implemented as suggested.