2 * Copyright (C) 1994 Linus Torvalds
4 * Cyrix stuff, June 1998 by:
5 * - Rafael R. Reilova (moved everything from head.S),
6 * <rreilova@ececs.uc.edu>
7 * - Channing Corn (tests & fixes),
8 * - Andrew D. Balsa (code cleanup).
10 #include <linux/init.h>
11 #include <linux/utsname.h>
12 #include <linux/cpu.h>
14 #include <asm/nospec-branch.h>
15 #include <asm/cmdline.h>
17 #include <asm/processor.h>
18 #include <asm/processor-flags.h>
21 #include <asm/paravirt.h>
22 #include <asm/alternative.h>
23 #include <asm/pgtable.h>
24 #include <asm/cacheflush.h>
26 static void __init spectre_v2_select_mitigation(void);
30 static int __init no_halt(char *s)
32 WARN_ONCE(1, "\"no-hlt\" is deprecated, please use \"idle=poll\"\n");
33 boot_cpu_data.hlt_works_ok = 0;
37 __setup("no-hlt", no_halt);
39 static int __init no_387(char *s)
41 boot_cpu_data.hard_math = 0;
42 write_cr0(X86_CR0_TS | X86_CR0_EM | X86_CR0_MP | read_cr0());
46 __setup("no387", no_387);
48 static double __initdata x = 4195835.0;
49 static double __initdata y = 3145727.0;
52 * This used to check for exceptions..
53 * However, it turns out that to support that,
54 * the XMM trap handlers basically had to
55 * be buggy. So let's have a correct XMM trap
56 * handler, and forget about printing out
57 * some status at boot.
59 * We should really only care about bugs here
60 * anyway. Not features.
62 static void __init check_fpu(void)
66 if (!boot_cpu_data.hard_math) {
67 #ifndef CONFIG_MATH_EMULATION
68 printk(KERN_EMERG "No coprocessor found and no math emulation present.\n");
69 printk(KERN_EMERG "Giving up.\n");
78 * trap_init() enabled FXSR and company _before_ testing for FP
81 * Test for the divl bug..
88 "fsubp %%st,%%st(1)\n\t"
93 : "m" (*&x), "m" (*&y));
97 boot_cpu_data.fdiv_bug = fdiv_bug;
98 if (boot_cpu_data.fdiv_bug)
99 printk(KERN_WARNING "Hmm, FPU with FDIV bug.\n");
102 static void __init check_hlt(void)
104 if (boot_cpu_data.x86 >= 5 || paravirt_enabled())
107 printk(KERN_INFO "Checking 'hlt' instruction... ");
108 if (!boot_cpu_data.hlt_works_ok) {
109 printk("disabled\n");
116 printk(KERN_CONT "OK.\n");
120 * Most 386 processors have a bug where a POPAD can lock the
121 * machine even from user space.
124 static void __init check_popad(void)
126 #ifndef CONFIG_X86_POPAD_OK
127 int res, inp = (int) &res;
129 printk(KERN_INFO "Checking for popad bug... ");
130 __asm__ __volatile__(
131 "movl $12345678,%%eax; movl $0,%%edi; pusha; popa; movl (%%edx,%%edi),%%ecx "
136 * If this fails, it means that any user program may lock the
140 printk(KERN_CONT "Buggy.\n");
142 printk(KERN_CONT "OK.\n");
147 * Check whether we are able to run this kernel safely on SMP.
149 * - In order to run on a i386, we need to be compiled for i386
150 * (for due to lack of "invlpg" and working WP on a i386)
151 * - In order to run on anything without a TSC, we need to be
152 * compiled for a i486.
155 static void __init check_config(void)
158 * We'd better not be a i386 if we're configured to use some
159 * i486+ only features! (WP works in supervisor mode and the
160 * new "invlpg" and "bswap" instructions)
162 #if defined(CONFIG_X86_WP_WORKS_OK) || defined(CONFIG_X86_INVLPG) || \
163 defined(CONFIG_X86_BSWAP)
164 if (boot_cpu_data.x86 == 3)
165 panic("Kernel requires i486+ for 'invlpg' and other features");
169 #endif /* CONFIG_X86_32 */
171 void __init check_bugs(void)
175 * Regardless of whether PCID is enumerated, the SDM says
176 * that it can't be enabled in 32-bit mode.
178 setup_clear_cpu_cap(X86_FEATURE_PCID);
183 if (!IS_ENABLED(CONFIG_SMP)) {
185 print_cpu_info(&boot_cpu_data);
188 /* Select the proper spectre mitigation before patching alternatives */
189 spectre_v2_select_mitigation();
196 init_utsname()->machine[1] =
197 '0' + (boot_cpu_data.x86 > 6 ? 6 : boot_cpu_data.x86);
198 alternative_instructions();
199 #else /* CONFIG_X86_64 */
200 alternative_instructions();
203 * Make sure the first 2MB area is not mapped by huge pages
204 * There are typically fixed size MTRRs in there and overlapping
205 * MTRRs into large pages causes slow downs.
207 * Right now we don't do that with gbpages because there seems
208 * very little benefit for that case.
211 set_memory_4k((unsigned long)__va(0), 1);
215 /* The kernel command line selection */
216 enum spectre_v2_mitigation_cmd {
219 SPECTRE_V2_CMD_FORCE,
220 SPECTRE_V2_CMD_RETPOLINE,
221 SPECTRE_V2_CMD_RETPOLINE_GENERIC,
222 SPECTRE_V2_CMD_RETPOLINE_AMD,
225 static const char *spectre_v2_strings[] = {
226 [SPECTRE_V2_NONE] = "Vulnerable",
227 [SPECTRE_V2_RETPOLINE_MINIMAL] = "Vulnerable: Minimal generic ASM retpoline",
228 [SPECTRE_V2_RETPOLINE_MINIMAL_AMD] = "Vulnerable: Minimal AMD ASM retpoline",
229 [SPECTRE_V2_RETPOLINE_GENERIC] = "Mitigation: Full generic retpoline",
230 [SPECTRE_V2_RETPOLINE_AMD] = "Mitigation: Full AMD retpoline",
234 #define pr_fmt(fmt) "Spectre V2 mitigation: " fmt
236 static enum spectre_v2_mitigation spectre_v2_enabled = SPECTRE_V2_NONE;
238 static void __init spec2_print_if_insecure(const char *reason)
240 if (boot_cpu_has_bug(X86_BUG_SPECTRE_V2))
241 pr_info("%s\n", reason);
244 static void __init spec2_print_if_secure(const char *reason)
246 if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2))
247 pr_info("%s\n", reason);
250 static inline bool retp_compiler(void)
252 return __is_defined(RETPOLINE);
255 static inline bool match_option(const char *arg, int arglen, const char *opt)
257 int len = strlen(opt);
259 return len == arglen && !strncmp(arg, opt, len);
262 static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
267 ret = cmdline_find_option(boot_command_line, "spectre_v2", arg,
270 if (match_option(arg, ret, "off")) {
272 } else if (match_option(arg, ret, "on")) {
273 spec2_print_if_secure("force enabled on command line.");
274 return SPECTRE_V2_CMD_FORCE;
275 } else if (match_option(arg, ret, "retpoline")) {
276 spec2_print_if_insecure("retpoline selected on command line.");
277 return SPECTRE_V2_CMD_RETPOLINE;
278 } else if (match_option(arg, ret, "retpoline,amd")) {
279 if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD) {
280 pr_err("retpoline,amd selected but CPU is not AMD. Switching to AUTO select\n");
281 return SPECTRE_V2_CMD_AUTO;
283 spec2_print_if_insecure("AMD retpoline selected on command line.");
284 return SPECTRE_V2_CMD_RETPOLINE_AMD;
285 } else if (match_option(arg, ret, "retpoline,generic")) {
286 spec2_print_if_insecure("generic retpoline selected on command line.");
287 return SPECTRE_V2_CMD_RETPOLINE_GENERIC;
288 } else if (match_option(arg, ret, "auto")) {
289 return SPECTRE_V2_CMD_AUTO;
293 if (!cmdline_find_option_bool(boot_command_line, "nospectre_v2"))
294 return SPECTRE_V2_CMD_AUTO;
296 spec2_print_if_insecure("disabled on command line.");
297 return SPECTRE_V2_CMD_NONE;
300 static void __init spectre_v2_select_mitigation(void)
302 enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline();
303 enum spectre_v2_mitigation mode = SPECTRE_V2_NONE;
306 * If the CPU is not affected and the command line mode is NONE or AUTO
307 * then nothing to do.
309 if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2) &&
310 (cmd == SPECTRE_V2_CMD_NONE || cmd == SPECTRE_V2_CMD_AUTO))
314 case SPECTRE_V2_CMD_NONE:
317 case SPECTRE_V2_CMD_FORCE:
319 case SPECTRE_V2_CMD_AUTO:
322 case SPECTRE_V2_CMD_RETPOLINE_AMD:
323 if (IS_ENABLED(CONFIG_RETPOLINE))
326 case SPECTRE_V2_CMD_RETPOLINE_GENERIC:
327 if (IS_ENABLED(CONFIG_RETPOLINE))
328 goto retpoline_generic;
330 case SPECTRE_V2_CMD_RETPOLINE:
331 if (IS_ENABLED(CONFIG_RETPOLINE))
335 pr_err("kernel not compiled with retpoline; no mitigation available!");
339 if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD) {
341 if (!boot_cpu_has(X86_FEATURE_LFENCE_RDTSC)) {
342 pr_err("LFENCE not serializing. Switching to generic retpoline\n");
343 goto retpoline_generic;
345 mode = retp_compiler() ? SPECTRE_V2_RETPOLINE_AMD :
346 SPECTRE_V2_RETPOLINE_MINIMAL_AMD;
347 setup_force_cpu_cap(X86_FEATURE_RETPOLINE_AMD);
348 setup_force_cpu_cap(X86_FEATURE_RETPOLINE);
351 mode = retp_compiler() ? SPECTRE_V2_RETPOLINE_GENERIC :
352 SPECTRE_V2_RETPOLINE_MINIMAL;
353 setup_force_cpu_cap(X86_FEATURE_RETPOLINE);
356 spectre_v2_enabled = mode;
357 pr_info("%s\n", spectre_v2_strings[mode]);
363 ssize_t cpu_show_meltdown(struct sysdev_class *dev,
364 struct sysdev_class_attribute *attr, char *buf)
366 if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
367 return sprintf(buf, "Not affected\n");
368 if (boot_cpu_has(X86_FEATURE_KAISER))
369 return sprintf(buf, "Mitigation: PTI\n");
370 return sprintf(buf, "Vulnerable\n");
373 ssize_t cpu_show_spectre_v1(struct sysdev_class *dev,
374 struct sysdev_class_attribute *attr, char *buf)
376 if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V1))
377 return sprintf(buf, "Not affected\n");
378 return sprintf(buf, "Vulnerable\n");
381 ssize_t cpu_show_spectre_v2(struct sysdev_class *dev,
382 struct sysdev_class_attribute *attr, char *buf)
384 if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2))
385 return sprintf(buf, "Not affected\n");
387 return sprintf(buf, "%s\n", spectre_v2_strings[spectre_v2_enabled]);