x86/bugs: Add attack vector controls for SSB

author David Kaplan <david.kaplan@amd.com>

Tue, 19 Aug 2025 19:21:59 +0000 (14:21 -0500)

committer Borislav Petkov (AMD) <bp@alien8.de>

Wed, 27 Aug 2025 16:17:12 +0000 (18:17 +0200)
author David Kaplan <david.kaplan@amd.com>
Tue, 19 Aug 2025 19:21:59 +0000 (14:21 -0500)
committer Borislav Petkov (AMD) <bp@alien8.de>
Wed, 27 Aug 2025 16:17:12 +0000 (18:17 +0200)
diff --git a/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst b/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst

index 6dd0800146f65b78d7eee31076d012640f3ee35f..5964901d66e317eec0c6b283f4ea868ca95008cd 100644 (file)
--- a/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
+++ b/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
@@ -215,7 +215,7 @@ Spectre_v2            X                           X
  Spectre_v2_user                      X                           X            *       (Note 1)
  SRBDS                 X              X            X              X
  SRSO                  X              X            X              X
-SSB                                                                                   (Note 4)
+SSB                                  X
  TAA                   X              X            X              X            *       (Note 2)
  TSA                   X              X            X              X
  =============== ============== ============ ============= ============== ============ ========
@@ -229,9 +229,6 @@ Notes:
     3 --  Disables SMT if cross-thread mitigations are fully enabled, the CPU is
     vulnerable, and STIBP is not supported
  
-   4 --  Speculative store bypass is always enabled by default (no kernel
-   mitigation applied) unless overridden with spec_store_bypass_disable option
-
  When an attack-vector is disabled, all mitigations for the vulnerabilities
  listed in the above table are disabled, unless mitigation is required for a
  different enabled attack-vector or a mitigation is explicitly selected via a
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c

index 49ef1b832c1a5538112055fce171686698d041bd..af838b8d845cfbdd244a2d5a5795ce85d071a04b 100644 (file)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -416,6 +416,10 @@ static bool __init should_mitigate_vuln(unsigned int bug)
                        cpu_attack_vector_mitigated(CPU_MITIGATE_USER_USER) ||
                        cpu_attack_vector_mitigated(CPU_MITIGATE_GUEST_GUEST) ||
                        (smt_mitigations != SMT_MITIGATIONS_OFF);
+
+       case X86_BUG_SPEC_STORE_BYPASS:
+               return cpu_attack_vector_mitigated(CPU_MITIGATE_USER_USER);
+
         default:
                 WARN(1, "Unknown bug %x\n", bug);
                 return false;
@@ -2710,6 +2714,11 @@ static void __init ssb_select_mitigation(void)
                 ssb_mode = SPEC_STORE_BYPASS_DISABLE;
                 break;
         case SPEC_STORE_BYPASS_CMD_AUTO:
+               if (should_mitigate_vuln(X86_BUG_SPEC_STORE_BYPASS))
+                       ssb_mode = SPEC_STORE_BYPASS_PRCTL;
+               else
+                       ssb_mode = SPEC_STORE_BYPASS_NONE;
+               break;
         case SPEC_STORE_BYPASS_CMD_PRCTL:
                 ssb_mode = SPEC_STORE_BYPASS_PRCTL;
                 break;
author	David Kaplan <david.kaplan@amd.com>
	Tue, 19 Aug 2025 19:21:59 +0000 (14:21 -0500)
committer	Borislav Petkov (AMD) <bp@alien8.de>
	Wed, 27 Aug 2025 16:17:12 +0000 (18:17 +0200)
Documentation/admin-guide/hw-vuln/attack_vector_controls.rst		patch \| blob \| blame \| history
arch/x86/kernel/cpu/bugs.c		patch \| blob \| blame \| history