Xen project Mailing List

Re: [PATCH] x86/spec: fix BRANCH_HARDEN option to only be set when build-enabled

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Fri, 23 Feb 2024 11:17:33 +0100

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Fri, 23 Feb 2024 10:17:43 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, Feb 23, 2024 at 09:46:27AM +0000, Andrew Cooper wrote: > On 23/02/2024 9:42 am, Roger Pau Monne wrote: > > The current logic to handle the BRANCH_HARDEN option will report it as > > enabled > > even when build-time disabled. Fix this by only allowing the option to be > > set > > when support for it is built into Xen. > > > > Fixes: 2d6f36daa086 ('x86/nospec: Introduce > > CONFIG_SPECULATIVE_HARDEN_BRANCH') > > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> > > --- > > xen/arch/x86/spec_ctrl.c | 6 ++++-- > > 1 file changed, 4 insertions(+), 2 deletions(-) > > > > diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c > > index 421fe3f640df..e634c6b559b4 100644 > > --- a/xen/arch/x86/spec_ctrl.c > > +++ b/xen/arch/x86/spec_ctrl.c > > @@ -50,7 +50,8 @@ static int8_t __initdata opt_psfd = -1; > > int8_t __ro_after_init opt_ibpb_ctxt_switch = -1; > > int8_t __read_mostly opt_eager_fpu = -1; > > int8_t __read_mostly opt_l1d_flush = -1; > > -static bool __initdata opt_branch_harden = true; > > +static bool __initdata opt_branch_harden = > > + IS_ENABLED(CONFIG_SPECULATIVE_HARDEN_BRANCH); > > > > bool __initdata bsp_delay_spec_ctrl; > > uint8_t __read_mostly default_xen_spec_ctrl; > > @@ -267,7 +268,8 @@ static int __init cf_check parse_spec_ctrl(const char > > *s) > > opt_eager_fpu = val; > > else if ( (val = parse_boolean("l1d-flush", s, ss)) >= 0 ) > > opt_l1d_flush = val; > > - else if ( (val = parse_boolean("branch-harden", s, ss)) >= 0 ) > > + else if ( IS_ENABLED(CONFIG_SPECULATIVE_HARDEN_BRANCH) && > > + (val = parse_boolean("branch-harden", s, ss)) >= 0 ) > > opt_branch_harden = val; > > Yeah, we should definitely fix this, but could we use no_config_param() > here for the compiled-out case ? > > See cet= for an example. If we're going to ignore what the user asks, > we should tell them why. Maybe I'm missing something: I've looked into using no_config_param(), but there's no difference really, because cmdline_parse() is called before the console is initialized, so those messages seem to be lost. Should this go into some kind of buffer which is then printed by __start_xen() once the console has been initialized? (just after printing cmdline itself). Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.