x86/bugs: Rename CONFIG_CPU_UNRET_ENTRY => CONFIG_MITIGATION_UNRET_ENTRY
Step 7/10 of the namespace unification of CPU mitigations related Kconfig options. Suggested-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Breno Leitao <leitao@debian.org> Signed-off-by: Ingo Molnar <mingo@kernel.org> Acked-by: Josh Poimboeuf <jpoimboe@kernel.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Link: https://lore.kernel.org/r/20231121160740.1249350-8-leitao@debian.org
This commit is contained in:
parent
7b75782ffd
commit
ac61d43983
@ -2516,7 +2516,7 @@ config RETHUNK
|
|||||||
Requires a compiler with -mfunction-return=thunk-extern
|
Requires a compiler with -mfunction-return=thunk-extern
|
||||||
support for full protection. The kernel may run slower.
|
support for full protection. The kernel may run slower.
|
||||||
|
|
||||||
config CPU_UNRET_ENTRY
|
config MITIGATION_UNRET_ENTRY
|
||||||
bool "Enable UNRET on kernel entry"
|
bool "Enable UNRET on kernel entry"
|
||||||
depends on CPU_SUP_AMD && RETHUNK && X86_64
|
depends on CPU_SUP_AMD && RETHUNK && X86_64
|
||||||
default y
|
default y
|
||||||
|
@ -63,7 +63,7 @@
|
|||||||
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||||
# define DISABLE_UNRET 0
|
# define DISABLE_UNRET 0
|
||||||
#else
|
#else
|
||||||
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||||
|
@ -212,7 +212,7 @@
|
|||||||
*/
|
*/
|
||||||
.macro VALIDATE_UNRET_END
|
.macro VALIDATE_UNRET_END
|
||||||
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
||||||
(defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
(defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||||
ANNOTATE_RETPOLINE_SAFE
|
ANNOTATE_RETPOLINE_SAFE
|
||||||
nop
|
nop
|
||||||
#endif
|
#endif
|
||||||
@ -271,7 +271,7 @@
|
|||||||
.Lskip_rsb_\@:
|
.Lskip_rsb_\@:
|
||||||
.endm
|
.endm
|
||||||
|
|
||||||
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||||
#define CALL_UNTRAIN_RET "call entry_untrain_ret"
|
#define CALL_UNTRAIN_RET "call entry_untrain_ret"
|
||||||
#else
|
#else
|
||||||
#define CALL_UNTRAIN_RET ""
|
#define CALL_UNTRAIN_RET ""
|
||||||
@ -334,7 +334,7 @@ extern void __x86_return_thunk(void);
|
|||||||
static inline void __x86_return_thunk(void) {}
|
static inline void __x86_return_thunk(void) {}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||||
extern void retbleed_return_thunk(void);
|
extern void retbleed_return_thunk(void);
|
||||||
#else
|
#else
|
||||||
static inline void retbleed_return_thunk(void) {}
|
static inline void retbleed_return_thunk(void) {}
|
||||||
|
@ -928,7 +928,7 @@ static void fix_erratum_1386(struct cpuinfo_x86 *c)
|
|||||||
|
|
||||||
void init_spectral_chicken(struct cpuinfo_x86 *c)
|
void init_spectral_chicken(struct cpuinfo_x86 *c)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||||
u64 value;
|
u64 value;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -982,10 +982,10 @@ static void __init retbleed_select_mitigation(void)
|
|||||||
return;
|
return;
|
||||||
|
|
||||||
case RETBLEED_CMD_UNRET:
|
case RETBLEED_CMD_UNRET:
|
||||||
if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) {
|
if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) {
|
||||||
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
||||||
} else {
|
} else {
|
||||||
pr_err("WARNING: kernel not compiled with CPU_UNRET_ENTRY.\n");
|
pr_err("WARNING: kernel not compiled with MITIGATION_UNRET_ENTRY.\n");
|
||||||
goto do_cmd_auto;
|
goto do_cmd_auto;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@ -1021,7 +1021,7 @@ do_cmd_auto:
|
|||||||
case RETBLEED_CMD_AUTO:
|
case RETBLEED_CMD_AUTO:
|
||||||
if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||
|
if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||
|
||||||
boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) {
|
boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) {
|
||||||
if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY))
|
if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY))
|
||||||
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
||||||
else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) &&
|
else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) &&
|
||||||
boot_cpu_has(X86_FEATURE_IBPB))
|
boot_cpu_has(X86_FEATURE_IBPB))
|
||||||
|
@ -504,7 +504,7 @@ INIT_PER_CPU(irq_stack_backing_store);
|
|||||||
"fixed_percpu_data is not at start of per-cpu area");
|
"fixed_percpu_data is not at start of per-cpu area");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||||
. = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned");
|
. = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -230,7 +230,7 @@ SYM_CODE_END(srso_return_thunk)
|
|||||||
#define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2"
|
#define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2"
|
||||||
#endif /* CONFIG_CPU_SRSO */
|
#endif /* CONFIG_CPU_SRSO */
|
||||||
|
|
||||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Some generic notes on the untraining sequences:
|
* Some generic notes on the untraining sequences:
|
||||||
@ -312,11 +312,11 @@ SYM_CODE_END(retbleed_return_thunk)
|
|||||||
SYM_FUNC_END(retbleed_untrain_ret)
|
SYM_FUNC_END(retbleed_untrain_ret)
|
||||||
|
|
||||||
#define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret"
|
#define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret"
|
||||||
#else /* !CONFIG_CPU_UNRET_ENTRY */
|
#else /* !CONFIG_MITIGATION_UNRET_ENTRY */
|
||||||
#define JMP_RETBLEED_UNTRAIN_RET "ud2"
|
#define JMP_RETBLEED_UNTRAIN_RET "ud2"
|
||||||
#endif /* CONFIG_CPU_UNRET_ENTRY */
|
#endif /* CONFIG_MITIGATION_UNRET_ENTRY */
|
||||||
|
|
||||||
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||||
|
|
||||||
SYM_FUNC_START(entry_untrain_ret)
|
SYM_FUNC_START(entry_untrain_ret)
|
||||||
ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \
|
ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \
|
||||||
@ -325,7 +325,7 @@ SYM_FUNC_START(entry_untrain_ret)
|
|||||||
SYM_FUNC_END(entry_untrain_ret)
|
SYM_FUNC_END(entry_untrain_ret)
|
||||||
__EXPORT_THUNK(entry_untrain_ret)
|
__EXPORT_THUNK(entry_untrain_ret)
|
||||||
|
|
||||||
#endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */
|
#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_CPU_SRSO */
|
||||||
|
|
||||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||||
|
|
||||||
|
@ -131,7 +131,7 @@
|
|||||||
*/
|
*/
|
||||||
.macro VALIDATE_UNRET_BEGIN
|
.macro VALIDATE_UNRET_BEGIN
|
||||||
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
||||||
(defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
(defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||||
.Lhere_\@:
|
.Lhere_\@:
|
||||||
.pushsection .discard.validate_unret
|
.pushsection .discard.validate_unret
|
||||||
.long .Lhere_\@ - .
|
.long .Lhere_\@ - .
|
||||||
|
@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION))
|
|||||||
vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y)
|
vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y)
|
||||||
vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable
|
vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable
|
||||||
vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \
|
vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \
|
||||||
$(if $(or $(CONFIG_CPU_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret)
|
$(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret)
|
||||||
|
|
||||||
objtool-args = $(vmlinux-objtool-args-y) --link
|
objtool-args = $(vmlinux-objtool-args-y) --link
|
||||||
|
|
||||||
|
@ -63,7 +63,7 @@
|
|||||||
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||||
# define DISABLE_UNRET 0
|
# define DISABLE_UNRET 0
|
||||||
#else
|
#else
|
||||||
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||||
|
Loading…
Reference in New Issue
Block a user