41  *   <vuln>_select_mitigation() -- Selects a mitigation to use.  This should
45  *				   selected a mitigation, in case the selection
48  *   <vuln>_apply_mitigation() -- Enable the selected mitigation.
50  * The compile-time mitigation in all cases should be AUTO.  An explicit
53  * mitigation option.
198  * mitigation is required.
348 	 * If the host has SSBD mitigation enabled, force it in the host's  in x86_virt_spec_ctrl()
414 	 * across address spaces.  Therefore, mitigation is required for  in should_mitigate_vuln()
446 /* Default mitigation for MDS-affected CPUs */
453 	[MDS_MITIGATION_FULL]	= "Mitigation: Clear CPU buffers",
465 /* Default mitigation for TAA-affected CPUs */
476 /* Default mitigation for Processor MMIO Stale Data vulnerabilities */
487 /* Default mitigation for Register File Data Sampling */
574 	[TAA_MITIGATION_VERW]		= "Mitigation: Clear CPU buffers",
575 	[TAA_MITIGATION_TSX_DISABLED]	= "Mitigation: TSX disabled",
643 		 * TSX is enabled, select alternate mitigation for TAA which is  in taa_apply_mitigation()
647 		 * present on host, enable the mitigation for UCODE_NEEDED as well.  in taa_apply_mitigation()
685 	[MMIO_MITIGATION_VERW]		= "Mitigation: Clear CPU buffers",
707 	 * Enable CPU buffer clear mitigation for host and VMM, if also affected  in mmio_select_mitigation()
726 		 * CPU Fill buffer clear mitigation is enumerated by either an explicit  in mmio_update_mitigation()
746 	 * Only enable the VMM mitigation if the CPU buffer clear mitigation is  in mmio_apply_mitigation()
794 	[RFDS_MITIGATION_VERW]			= "Mitigation: Clear Register File",
881 	[SRBDS_MITIGATION_FULL]		= "Mitigation: Microcode",
882 	[SRBDS_MITIGATION_TSX_OFF]	= "Mitigation: TSX disabled",
902 	 * A MDS_NO CPU for which SRBDS mitigation is not needed due to TSX  in update_srbds_msr()
1024 	[GDS_MITIGATION_FORCE]		= "Mitigation: AVX disabled, no microcode",
1025 	[GDS_MITIGATION_FULL]		= "Mitigation: Microcode",
1026 	[GDS_MITIGATION_FULL_LOCKED]	= "Mitigation: Microcode (locked)",
1050 		 * the same state. Make sure the mitigation is enabled on all  in update_gds_msr()
1087 	/* Will verify below that mitigation _can_ be disabled */  in gds_select_mitigation()
1102 	/* Microcode has mitigation, use it */  in gds_select_mitigation()
1109 			pr_warn("Mitigation locked. Disable failed.\n");  in gds_select_mitigation()
1112 		 * The mitigation is selected from the boot CPU. All other CPUs  in gds_select_mitigation()
1116 		 * ensure the other CPUs have the mitigation enabled.  in gds_select_mitigation()
1136 		pr_warn("Microcode update needed! Disabling AVX as mitigation.\n");  in gds_apply_mitigation()
1173 …[SPECTRE_V1_MITIGATION_AUTO] = "Mitigation: usercopy/swapgs barriers and __user pointer sanitizati…
1177  * Does SMAP provide full mitigation against speculative kernel access to
1188 	 * Consider SMAP to be non-functional as a mitigation on these  in smap_works_speculatively()
1215 		 * value.  The mitigation is to add lfences to both code paths.  in spectre_v1_apply_mitigation()
1227 			 * Mitigation can be provided from SWAPGS itself or  in spectre_v1_apply_mitigation()
1228 			 * PTI as the CR3 write in the Meltdown mitigation  in spectre_v1_apply_mitigation()
1259 /* Depends on spectre_v2 mitigation selected already */
1299 	[RETBLEED_MITIGATION_UNRET]	= "Mitigation: untrained return thunk",
1300 	[RETBLEED_MITIGATION_IBPB]	= "Mitigation: IBPB",
1301 	[RETBLEED_MITIGATION_IBRS]	= "Mitigation: IBRS",
1302 	[RETBLEED_MITIGATION_EIBRS]	= "Mitigation: Enhanced IBRS",
1303 	[RETBLEED_MITIGATION_STUFF]	= "Mitigation: Stuffing",
1363 #define RETBLEED_UNTRAIN_MSG "WARNING: BTB untrained return thunk mitigation is only effective on A…
1364 #define RETBLEED_INTEL_MSG "WARNING: Spectre v2 mitigation leaves CPU vulnerable to RETBleed attack…
1410 	/* Intel mitigation selected in retbleed_update_mitigation() */  in retbleed_select_mitigation()
1421 		/* Final mitigation depends on spectre-v2 selection */  in retbleed_select_mitigation()
1506 		 * other mitigation like SRSO has selected them.  in retbleed_apply_mitigation()
1541 	[ITS_MITIGATION_VMEXIT_ONLY]		= "Mitigation: Vulnerable, KVM: Not affected",
1542 	[ITS_MITIGATION_ALIGNED_THUNKS]		= "Mitigation: Aligned branch/return thunks",
1543 	[ITS_MITIGATION_RETPOLINE_STUFF]	= "Mitigation: Retpolines, Stuffing RSB",
1552 		pr_err("Mitigation disabled at compile time, ignoring option (%s)", str);  in its_parse_cmdline()
1594 		pr_err("WARNING: ITS mitigation depends on retpoline and rethunk support\n");  in its_select_mitigation()
1600 		pr_err("WARNING: ITS mitigation is not compatible with CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B\n");  in its_select_mitigation()
1607 		pr_err("RSB stuff mitigation not supported, using default\n");  in its_select_mitigation()
1624 			pr_err("WARNING: Spectre-v2 mitigation is off, disabling ITS\n");  in its_update_mitigation()
1635 		pr_err("WARNING: ITS mitigation is not compatible with lfence mitigation\n");  in its_update_mitigation()
1686 	[TSA_MITIGATION_USER_KERNEL]	= "Mitigation: Clear CPU buffers: user/kernel boundary",
1687 	[TSA_MITIGATION_VM]		= "Mitigation: Clear CPU buffers: VM",
1688 	[TSA_MITIGATION_FULL]		= "Mitigation: Clear CPU buffers",
1751 	 * is the only VERW-based mitigation on AMD.  in tsa_select_mitigation()
1803 #define SPECTRE_V2_LFENCE_MSG "WARNING: LFENCE mitigation is not recommended for this CPU, data lea…
1805 …_EBPF_SMT_MSG "WARNING: Unprivileged eBPF is enabled with eIBRS+LFENCE mitigation and SMT, data le…
1806 #define SPECTRE_V2_IBRS_PERF_MSG "WARNING: IBRS mitigation selected on Enhanced IBRS CPU, this may …
1862 	[SPECTRE_V2_USER_STRICT]		= "User space: Mitigation: STIBP protection",
1863 	[SPECTRE_V2_USER_STRICT_PREFERRED]	= "User space: Mitigation: STIBP always-on protection",
1864 	[SPECTRE_V2_USER_PRCTL]			= "User space: Mitigation: STIBP via prctl",
1865 	[SPECTRE_V2_USER_SECCOMP]		= "User space: Mitigation: STIBP via seccomp and prctl",
1999 			pr_info("Selecting STIBP always-on mode to complement retbleed mitigation\n");  in spectre_v2_user_update_mitigation()
2023 		pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n",  in spectre_v2_user_apply_mitigation()
2031 	[SPECTRE_V2_RETPOLINE]			= "Mitigation: Retpolines",
2033 	[SPECTRE_V2_EIBRS]			= "Mitigation: Enhanced / Automatic IBRS",
2034 	[SPECTRE_V2_EIBRS_LFENCE]		= "Mitigation: Enhanced / Automatic IBRS + LFENCE",
2035 	[SPECTRE_V2_EIBRS_RETPOLINE]		= "Mitigation: Enhanced / Automatic IBRS + Retpolines",
2036 	[SPECTRE_V2_IBRS]			= "Mitigation: IBRS",
2091 		pr_err("Kernel not compiled with retpoline; no mitigation available!");  in spectre_v2_select_retpoline()
2163 		pr_warn_once("Unknown Spectre v2 mode, disabling RSB mitigation\n");  in spectre_v2_select_rsb_mitigation()
2258 		pr_info("Spectre BHI mitigation: SW BHB clearing on VM exit only\n");  in bhi_apply_mitigation()
2263 	pr_info("Spectre BHI mitigation: SW BHB clearing on syscall and VM exit\n");  in bhi_apply_mitigation()
2481 	pr_info("Update user space SMT mitigation: STIBP %s\n",  in update_stibp_strict()
2529 	[SPEC_STORE_BYPASS_DISABLE]	= "Mitigation: Speculative Store Bypass disabled",
2530 	[SPEC_STORE_BYPASS_PRCTL]	= "Mitigation: Speculative Store Bypass disabled via prctl",
2531 …[SPEC_STORE_BYPASS_SECCOMP]	= "Mitigation: Speculative Store Bypass disabled via prctl and seccomp…
2597 	 *  - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation  in ssb_apply_mitigation()
2626 	 * mitigation until it is scheduled next.  in task_update_spec_tif()
2628 	 * This can only happen for SECCOMP mitigation. For PRCTL it's  in task_update_spec_tif()
2734 		 * mitigation is force disabled.  in ib_prctl_set()
2867 /* Default mitigation for L1TF-affected CPUs */
2880  * The L1TF mitigation uses the top most address bit for the inversion of
2884  * then the mitigation range check in l1tf_select_mitigation() triggers.
2885  * This is a false positive because the mitigation is still possible due to
2961 	pr_warn("Kernel not compiled for PAE. No mitigation for L1TF\n");  in l1tf_apply_mitigation()
2968 		pr_warn("System has more than MAX_PA/2 memory. L1TF mitigation not effective.\n");  in l1tf_apply_mitigation()
3012 	[SRSO_MITIGATION_NOSMT]			= "Mitigation: SMT disabled",
3013 	[SRSO_MITIGATION_SAFE_RET]		= "Mitigation: Safe RET",
3014 	[SRSO_MITIGATION_IBPB]			= "Mitigation: IBPB",
3015 	[SRSO_MITIGATION_IBPB_ON_VMEXIT]	= "Mitigation: IBPB on VMEXIT only",
3016 	[SRSO_MITIGATION_BP_SPEC_REDUCE]	= "Mitigation: Reduced Speculation"
3041 …NING: See https://kernel.org/doc/html/latest/admin-guide/hw-vuln/srso.html for mitigation options."
3053 		 * required.  Otherwise the 'microcode' mitigation is sufficient  in srso_select_mitigation()
3080 		 * Safe-RET provides partial mitigation without microcode, but  in srso_select_mitigation()
3138 	 * Clear the feature flag if this mitigation is not selected as that  in srso_apply_mitigation()
3173 		 * other mitigation like Retbleed has selected them.  in srso_apply_mitigation()
3205 	[VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER]	= "Mitigation: IBPB before exit to userspace",
3206 	[VMSCAPE_MITIGATION_IBPB_ON_VMEXIT]	= "Mitigation: IBPB on VMEXIT",
3376 #define L1TF_DEFAULT_MSG "Mitigation: PTE Inversion"
3409 		return sysfs_emit(buf, "KVM: Mitigation: VMX unsupported\n");  in itlb_multihit_show_state()
3411 		return sysfs_emit(buf, "KVM: Mitigation: VMX disabled\n");  in itlb_multihit_show_state()
3413 		return sysfs_emit(buf, "KVM: Mitigation: Split huge pages\n");  in itlb_multihit_show_state()
3630 			return sysfs_emit(buf, "Mitigation: PTI\n");  in cpu_show_common()
3633 			return sysfs_emit(buf, "Unknown (XEN PV detected, hypervisor mitigation required)\n");  in cpu_show_common()