]> git.baikalelectronics.ru Git - kernel.git/commitdiff
x86/speculation: Warn about Spectre v2 LFENCE mitigation
authorJosh Poimboeuf <jpoimboe@redhat.com>
Fri, 25 Feb 2022 22:31:49 +0000 (14:31 -0800)
committerBorislav Petkov <bp@suse.de>
Sat, 5 Mar 2022 08:16:24 +0000 (09:16 +0100)
With:

  f8a66d608a3e ("x86,bugs: Unconditionally allow spectre_v2=retpoline,amd")

it became possible to enable the LFENCE "retpoline" on Intel. However,
Intel doesn't recommend it, as it has some weaknesses compared to
retpoline.

Now AMD doesn't recommend it either.

It can still be left available as a cmdline option. It's faster than
retpoline but is weaker in certain scenarios -- particularly SMT, but
even non-SMT may be vulnerable in some cases.

So just unconditionally warn if the user requests it on the cmdline.

  [ bp: Massage commit message. ]

Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
arch/x86/kernel/cpu/bugs.c

index a36bfe2c2480802038c2fc94bb05ca6f3643abef..cfd116423908a1c752c5b66d6c204dc47a85de9c 100644 (file)
@@ -651,6 +651,7 @@ static inline const char *spectre_v2_module_string(void)
 static inline const char *spectre_v2_module_string(void) { return ""; }
 #endif
 
+#define SPECTRE_V2_LFENCE_MSG "WARNING: LFENCE mitigation is not recommended for this CPU, data leaks possible!\n"
 #define SPECTRE_V2_EIBRS_EBPF_MSG "WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks!\n"
 
 #ifdef CONFIG_BPF_SYSCALL
@@ -972,6 +973,7 @@ static void __init spectre_v2_select_mitigation(void)
                break;
 
        case SPECTRE_V2_CMD_RETPOLINE_LFENCE:
+               pr_err(SPECTRE_V2_LFENCE_MSG);
                mode = SPECTRE_V2_LFENCE;
                break;
 
@@ -1787,6 +1789,9 @@ static char *ibpb_state(void)
 
 static ssize_t spectre_v2_show_state(char *buf)
 {
+       if (spectre_v2_enabled == SPECTRE_V2_LFENCE)
+               return sprintf(buf, "Vulnerable: LFENCE\n");
+
        if (spectre_v2_enabled == SPECTRE_V2_EIBRS && unprivileged_ebpf_enabled())
                return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");