Add MDS to the new 'mitigations=' cmdline option.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
spectre_v2_user=off [X86]
spec_store_bypass_disable=off [X86,PPC]
l1tf=off [X86]
spectre_v2_user=off [X86]
spec_store_bypass_disable=off [X86,PPC]
l1tf=off [X86]
auto (default)
Mitigate all CPU vulnerabilities, but leave SMT
auto (default)
Mitigate all CPU vulnerabilities, but leave SMT
if needed. This is for users who always want to
be fully mitigated, even if it means losing SMT.
Equivalent to: l1tf=flush,nosmt [X86]
if needed. This is for users who always want to
be fully mitigated, even if it means losing SMT.
Equivalent to: l1tf=flush,nosmt [X86]
mminit_loglevel=
[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this
mminit_loglevel=
[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this
static void __init mds_select_mitigation(void)
{
static void __init mds_select_mitigation(void)
{
- if (!boot_cpu_has_bug(X86_BUG_MDS)) {
+ if (!boot_cpu_has_bug(X86_BUG_MDS) || cpu_mitigations_off()) {
mds_mitigation = MDS_MITIGATION_OFF;
return;
}
mds_mitigation = MDS_MITIGATION_OFF;
return;
}
static_branch_enable(&mds_user_clear);
static_branch_enable(&mds_user_clear);
- if (mds_nosmt && !boot_cpu_has(X86_BUG_MSBDS_ONLY))
+ if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) &&
+ (mds_nosmt || cpu_mitigations_auto_nosmt()))
cpu_smt_disable(false);
}
cpu_smt_disable(false);
}