x86/bhi: Add BHI mitigation knob
Branch history clearing software sequences and hardware control BHI_DIS_S were defined to mitigate Branch History Injection (BHI). Add cmdline spectre_bhi={on|off|auto} to control BHI mitigation: auto - Deploy the hardware mitigation BHI_DIS_S, if available. on - Deploy the hardware mitigation BHI_DIS_S, if available, otherwise deploy the software sequence at syscall entry and VMexit. off - Turn off BHI mitigation. The default is auto mode which does not deploy the software sequence mitigation. This is because of the hardening done in the syscall dispatch path, which is the likely target of BHI. Signed-off-by:Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by:
Daniel Sneddon <daniel.sneddon@linux.intel.com> Signed-off-by:
Thomas Gleixner <tglx@linutronix.de> Reviewed-by:
Alexandre Chartre <alexandre.chartre@oracle.com> Reviewed-by:
Josh Poimboeuf <jpoimboe@kernel.org>
-
mentioned in commit f825494f
-
mentioned in commit bb8384b6
-
mentioned in commit d414b401
-
mentioned in commit a39bfa52
-
mentioned in commit 04f4230e
-
mentioned in commit dfe64890
-
mentioned in commit cb2db5bb
-
mentioned in commit 1cea8a28
-
mentioned in commit 5f882f3b
-
mentioned in commit 2c761457
-
mentioned in commit 145d9930
-
mentioned in commit c768db14
-
mentioned in commit ebba2270
-
mentioned in commit e47d1cbd
-
mentioned in commit 0d433e40
-
mentioned in commit 662e341e
-
mentioned in commit b1b32586
-
mentioned in commit d737d8cd
-
mentioned in commit 4b0b5d62
-
mentioned in commit 2d003904
-
mentioned in commit bdbbe95b
-
mentioned in commit 39053a34
-
mentioned in commit 7497589a
-
mentioned in commit 9c9cd014
-
mentioned in commit 183d8bea
-
mentioned in commit 122b446a
-
mentioned in commit 2fa1969f
-
mentioned in commit fa880941
-
mentioned in commit 267b2467
-
mentioned in commit 69129794
-
mentioned in commit 0be237b6
-
mentioned in commit d17075a9
-
mentioned in commit 5facc042
-
mentioned in commit 55f2f946