On 10/28/2024 9:08 AM, Alexander Shishkin wrote: > To prevent exploits for Spectre based on LAM as demonstrated by the > whitepaper [1], make LAM depend on LASS, which avoids this type of > vulnerability. > > [1] https://download.vusec.net/papers/slam_sp24.pdf > > Signed-off-by: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx> > --- > arch/x86/kernel/cpu/cpuid-deps.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-deps.c > index 3f73c4b03348..d9fb2423605e 100644 > --- a/arch/x86/kernel/cpu/cpuid-deps.c > +++ b/arch/x86/kernel/cpu/cpuid-deps.c > @@ -84,6 +84,7 @@ static const struct cpuid_dep cpuid_deps[] = { > { X86_FEATURE_SHSTK, X86_FEATURE_XSAVES }, > { X86_FEATURE_FRED, X86_FEATURE_LKGS }, > { X86_FEATURE_LASS, X86_FEATURE_SMAP }, > + { X86_FEATURE_LAM, X86_FEATURE_LASS }, The dependencies listed in cpuid_deps[] are only enforced when a feature such as LASS is explicitly disabled. If the system is missing LASS at boot then LAM would still be enabled. We would need this patch to enforce it: https://lore.kernel.org/lkml/20241030233118.615493-1-sohil.mehta@xxxxxxxxx/ Sohil
