On Tue, Sep 24, 2024 at 03:31:40PM -0700, Daniel Sneddon wrote: > +static void __init md_clear_select_mitigation(void) > +{ > /* > - * X86_FEATURE_CLEAR_CPU_BUF is now enabled. Update MDS, TAA and MMIO > - * Stale Data mitigation, if necessary. > + * If no CPU bug needs VERW, all VERW mitigations are disabled, or all > + * mitigations are disabled we bail. > */ It's already clear what the code is doing, no comment necessary. > - if (mds_mitigation == MDS_MITIGATION_OFF && > - boot_cpu_has_bug(X86_BUG_MDS)) { > + if (!cpu_bug_needs_verw() || verw_mitigations_disabled() || > + cpu_mitigations_off()) { > + mds_mitigation = MDS_MITIGATION_OFF; > + taa_mitigation = TAA_MITIGATION_OFF; > + mmio_mitigation = MMIO_MITIGATION_OFF; > + rfds_mitigation = RFDS_MITIGATION_OFF; > + goto out; > + } In the case of verw_mitigations_disabled() it's weird to write the variables again if they're already OFF. That should be a separate check. > + > + /* Check that at least one mitigation is using the verw mitigaiton. > + * If the cpu doesn't have the correct ucode or if the BUG_* is mitigated > + * by disabling a feature we won't want to use verw. Ignore MMIO > + * for now since it depends on what the others choose. > + */ Again I think this comment isn't needed as the code is pretty straightforward. The only surprise is the MMIO dependency on X86_FEATURE_CLEAR_CPU_BUF, but that's called out below. > + > + if (boot_cpu_has_bug(X86_BUG_MDS)) { > mds_mitigation = MDS_MITIGATION_FULL; > mds_select_mitigation(); > + } else { > + mds_mitigation = MDS_MITIGATION_OFF; > } > - if (taa_mitigation == TAA_MITIGATION_OFF && > - boot_cpu_has_bug(X86_BUG_TAA)) { > + if (boot_cpu_has_bug(X86_BUG_TAA)) { > taa_mitigation = TAA_MITIGATION_VERW; > taa_select_mitigation(); > + } else { > + taa_mitigation = TAA_MITIGATION_OFF; > } > - /* > - * MMIO_MITIGATION_OFF is not checked here so that mmio_stale_data_clear > - * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state. > - */ > + if (boot_cpu_has_bug(X86_BUG_RFDS)) { > + rfds_mitigation = RFDS_MITIGATION_VERW; > + rfds_select_mitigation(); > + } else { > + rfds_mitigation = RFDS_MITIGATION_OFF; > + } This spaghetti can be simplifed by relying on *_select_mitigation() to set the mitigation, for example: static void __init mds_select_mitigation(void) { if (!boot_cpu_has_bug(X86_BUG_MDS)) mds_mitigation = MDS_MITIGATION_OFF; else if (boot_cpu_has(X86_FEATURE_MD_CLEAR)) mds_mitigation = MDS_MITIGATION_VERW; else mds_mitigation = MDS_MITIGATION_VMWERV; } Then you can just do: mds_select_mitigation(); taa_select_mitigation(); rfds_select_mitigation(); > + if (mds_mitigation == MDS_MITIGATION_FULL || > + taa_mitigation == TAA_MITIGATION_VERW || > + rfds_mitigation == RFDS_MITIGATION_VERW) For consistency can we rename MDS_MITIGATION_FULL to MDS_MITIGATION_VERW? > + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); > + > + /* Now handle MMIO since it may not use X86_FEATURE_CLEAR_CPU_BUF */ I would clarify this a bit, something like: /* * The MMIO mitigation has a dependency on * X86_FEATURE_CLEAR_CPU_BUF so this must be called after it * gets set. */ > if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { > mmio_mitigation = MMIO_MITIGATION_VERW; > mmio_select_mitigation(); > + } else { > + mmio_mitigation = MMIO_MITIGATION_OFF; > } > - if (rfds_mitigation == RFDS_MITIGATION_OFF && > - boot_cpu_has_bug(X86_BUG_RFDS)) { > - rfds_mitigation = RFDS_MITIGATION_VERW; > - rfds_select_mitigation(); > - } > + > + /* handle nosmt */ Again I think this comment is superfluous. > + if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) && > + (mds_nosmt || cpu_mitigations_auto_nosmt())) > + cpu_smt_disable(false); > + > + if (taa_nosmt || mmio_nosmt || cpu_mitigations_auto_nosmt()) > + cpu_smt_disable(false); > + -- Josh