There are several mitigations that use the VERW instruction to clean up internal CPU buffers. Currently, each of these mitigations is treated independently, but if VERW is needed for one of the mitigations, it's on for all of them. This can lead to some confusion if a user tries to disable one of the mitigations, but it is left enabled for one of the others. The user needs to disable all 4 VERW- based mitigations. Warn the user when one or more VERW mitigations are disabled but not all of them. While we're messing with VERW mitigations, might as well simplify them and remove the need to call each of them twice. V2: Dropped the new knob previously introduced in the first patch (Borislav) Add warning if not all 4 mitigations states match (Borislav) Removed extra comment (Josh) Code clean-up (Josh) Daniel Sneddon (2): x86/bugs: Check VERW mitigations for consistency x86/bugs: Clean-up verw mitigations arch/x86/include/asm/processor.h | 2 +- arch/x86/kernel/cpu/bugs.c | 206 +++++++++++++------------------ 2 files changed, 90 insertions(+), 118 deletions(-) -- 2.25.1
