x86/bugs: Rename CONFIG_CPU_UNRET_ENTRY => CONFIG_MITIGATION_UNRET_ENTRY
Step 7/10 of the namespace unification of CPU mitigations related Kconfig options. Suggested-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Breno Leitao <leitao@debian.org> Signed-off-by: Ingo Molnar <mingo@kernel.org> Acked-by: Josh Poimboeuf <jpoimboe@kernel.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Link: https://lore.kernel.org/r/20231121160740.1249350-8-leitao@debian.org
This commit is contained in:
parent
7b75782ffd
commit
ac61d43983
@ -2516,7 +2516,7 @@ config RETHUNK
|
||||
Requires a compiler with -mfunction-return=thunk-extern
|
||||
support for full protection. The kernel may run slower.
|
||||
|
||||
config CPU_UNRET_ENTRY
|
||||
config MITIGATION_UNRET_ENTRY
|
||||
bool "Enable UNRET on kernel entry"
|
||||
depends on CPU_SUP_AMD && RETHUNK && X86_64
|
||||
default y
|
||||
|
@ -63,7 +63,7 @@
|
||||
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
# define DISABLE_UNRET 0
|
||||
#else
|
||||
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||
|
@ -212,7 +212,7 @@
|
||||
*/
|
||||
.macro VALIDATE_UNRET_END
|
||||
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
||||
(defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||
(defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||
ANNOTATE_RETPOLINE_SAFE
|
||||
nop
|
||||
#endif
|
||||
@ -271,7 +271,7 @@
|
||||
.Lskip_rsb_\@:
|
||||
.endm
|
||||
|
||||
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||
#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||
#define CALL_UNTRAIN_RET "call entry_untrain_ret"
|
||||
#else
|
||||
#define CALL_UNTRAIN_RET ""
|
||||
@ -334,7 +334,7 @@ extern void __x86_return_thunk(void);
|
||||
static inline void __x86_return_thunk(void) {}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
extern void retbleed_return_thunk(void);
|
||||
#else
|
||||
static inline void retbleed_return_thunk(void) {}
|
||||
|
@ -928,7 +928,7 @@ static void fix_erratum_1386(struct cpuinfo_x86 *c)
|
||||
|
||||
void init_spectral_chicken(struct cpuinfo_x86 *c)
|
||||
{
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
u64 value;
|
||||
|
||||
/*
|
||||
|
@ -982,10 +982,10 @@ static void __init retbleed_select_mitigation(void)
|
||||
return;
|
||||
|
||||
case RETBLEED_CMD_UNRET:
|
||||
if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) {
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) {
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
||||
} else {
|
||||
pr_err("WARNING: kernel not compiled with CPU_UNRET_ENTRY.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_UNRET_ENTRY.\n");
|
||||
goto do_cmd_auto;
|
||||
}
|
||||
break;
|
||||
@ -1021,7 +1021,7 @@ do_cmd_auto:
|
||||
case RETBLEED_CMD_AUTO:
|
||||
if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||
|
||||
boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) {
|
||||
if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY))
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
||||
else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) &&
|
||||
boot_cpu_has(X86_FEATURE_IBPB))
|
||||
|
@ -504,7 +504,7 @@ INIT_PER_CPU(irq_stack_backing_store);
|
||||
"fixed_percpu_data is not at start of per-cpu area");
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
. = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned");
|
||||
#endif
|
||||
|
||||
|
@ -230,7 +230,7 @@ SYM_CODE_END(srso_return_thunk)
|
||||
#define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2"
|
||||
#endif /* CONFIG_CPU_SRSO */
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
|
||||
/*
|
||||
* Some generic notes on the untraining sequences:
|
||||
@ -312,11 +312,11 @@ SYM_CODE_END(retbleed_return_thunk)
|
||||
SYM_FUNC_END(retbleed_untrain_ret)
|
||||
|
||||
#define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret"
|
||||
#else /* !CONFIG_CPU_UNRET_ENTRY */
|
||||
#else /* !CONFIG_MITIGATION_UNRET_ENTRY */
|
||||
#define JMP_RETBLEED_UNTRAIN_RET "ud2"
|
||||
#endif /* CONFIG_CPU_UNRET_ENTRY */
|
||||
#endif /* CONFIG_MITIGATION_UNRET_ENTRY */
|
||||
|
||||
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||
#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||
|
||||
SYM_FUNC_START(entry_untrain_ret)
|
||||
ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \
|
||||
@ -325,7 +325,7 @@ SYM_FUNC_START(entry_untrain_ret)
|
||||
SYM_FUNC_END(entry_untrain_ret)
|
||||
__EXPORT_THUNK(entry_untrain_ret)
|
||||
|
||||
#endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */
|
||||
#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_CPU_SRSO */
|
||||
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
|
||||
|
@ -131,7 +131,7 @@
|
||||
*/
|
||||
.macro VALIDATE_UNRET_BEGIN
|
||||
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
||||
(defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||
(defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||
.Lhere_\@:
|
||||
.pushsection .discard.validate_unret
|
||||
.long .Lhere_\@ - .
|
||||
|
@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION))
|
||||
vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y)
|
||||
vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable
|
||||
vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \
|
||||
$(if $(or $(CONFIG_CPU_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret)
|
||||
$(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret)
|
||||
|
||||
objtool-args = $(vmlinux-objtool-args-y) --link
|
||||
|
||||
|
@ -63,7 +63,7 @@
|
||||
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
# define DISABLE_UNRET 0
|
||||
#else
|
||||
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||
|
Loading…
Reference in New Issue
Block a user