Move the mds, irbs, and ssb mitigation knobs into machdep.mitigations.

They're in both the old and new places in HEAD for the moment for discussion and transition. The old locations will be garbage collected in 4 weeks. MFCs to 12 an 11 will keep the old and new for transition purposes. Reviewed by: kib MFC after: 4 weeks Sponsored by: Intel Differential Revision: https://reviews.freebsd.org/D22590
2019-12-06 02:43:05 +00:00 · 2019-12-06 02:43:05 +00:00 · ed396a5316
commit ed396a5316
parent b2bd31baaa
2 changed files with 42 additions and 0 deletions
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@ -1778,10 +1778,17 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 		vty_set_preferred(VTY_VT);

 	TUNABLE_INT_FETCH("hw.ibrs_disable", &hw_ibrs_disable);
+	TUNABLE_INT_FETCH("machdep.mitigations.ibrs.disable", &hw_ibrs_disable);
+
 	TUNABLE_INT_FETCH("hw.spec_store_bypass_disable", &hw_ssb_disable);
+	TUNABLE_INT_FETCH("machdep.mitigations.ssb.disable", &hw_ssb_disable);
+
 	TUNABLE_INT_FETCH("machdep.syscall_ret_l1d_flush",
 	    &syscall_ret_l1d_flush_mode);
+
 	TUNABLE_INT_FETCH("hw.mds_disable", &hw_mds_disable);
+	TUNABLE_INT_FETCH("machdep.mitigations.mds.disable", &hw_mds_disable);
+
 	TUNABLE_INT_FETCH("machdep.mitigations.taa.enable", &x86_taa_enable);

 	finishidentcpu();	/* Final stage of CPU initialization */
--- a/sys/x86/x86/cpu_machdep.c
+++ b/sys/x86/x86/cpu_machdep.c
@ -877,6 +877,12 @@ int hw_ibrs_disable = 1;
 SYSCTL_INT(_hw, OID_AUTO, ibrs_active, CTLFLAG_RD, &hw_ibrs_active, 0,
    "Indirect Branch Restricted Speculation active");

+SYSCTL_NODE(_machdep_mitigations, OID_AUTO, ibrs, CTLFLAG_RW, 0,
+    "Indirect Branch Restricted Speculation active");
+
+SYSCTL_INT(_machdep_mitigations_ibrs, OID_AUTO, active, CTLFLAG_RD,
+    &hw_ibrs_active, 0, "Indirect Branch Restricted Speculation active");
+
 void
 hw_ibrs_recalculate(void)
 {
@ -907,6 +913,11 @@ SYSCTL_PROC(_hw, OID_AUTO, ibrs_disable, CTLTYPE_INT | CTLFLAG_RWTUN |
    CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0, hw_ibrs_disable_handler, "I",
    "Disable Indirect Branch Restricted Speculation");

+SYSCTL_PROC(_machdep_mitigations_ibrs, OID_AUTO, disable, CTLTYPE_INT |
+    CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
+    hw_ibrs_disable_handler, "I",
+    "Disable Indirect Branch Restricted Speculation");
+
 int hw_ssb_active;
 int hw_ssb_disable;

@ -914,6 +925,12 @@ SYSCTL_INT(_hw, OID_AUTO, spec_store_bypass_disable_active, CTLFLAG_RD,
    &hw_ssb_active, 0,
    "Speculative Store Bypass Disable active");

+SYSCTL_NODE(_machdep_mitigations, OID_AUTO, ssb, CTLFLAG_RW, 0,
+    "Speculative Store Bypass Disable active");
+
+SYSCTL_INT(_machdep_mitigations_ssb, OID_AUTO, active, CTLFLAG_RD,
+    &hw_ssb_active, 0, "Speculative Store Bypass Disable active");
+
 static void
 hw_ssb_set(bool enable, bool for_all_cpus)
 {
@ -967,6 +984,11 @@ SYSCTL_PROC(_hw, OID_AUTO, spec_store_bypass_disable, CTLTYPE_INT |
    hw_ssb_disable_handler, "I",
    "Speculative Store Bypass Disable (0 - off, 1 - on, 2 - auto");

+SYSCTL_PROC(_machdep_mitigations_ssb, OID_AUTO, disable, CTLTYPE_INT |
+    CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
+    hw_ssb_disable_handler, "I",
+    "Speculative Store Bypass Disable (0 - off, 1 - on, 2 - auto");
+
 int hw_mds_disable;

 /*
@ -1016,6 +1038,14 @@ SYSCTL_PROC(_hw, OID_AUTO, mds_disable_state,
    sysctl_hw_mds_disable_state_handler, "A",
    "Microarchitectural Data Sampling Mitigation state");

+SYSCTL_NODE(_machdep_mitigations, OID_AUTO, mds, CTLFLAG_RW, 0,
+    "Microarchitectural Data Sampling Mitigation state");
+
+SYSCTL_PROC(_machdep_mitigations_mds, OID_AUTO, state,
+    CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_hw_mds_disable_state_handler, "A",
+    "Microarchitectural Data Sampling Mitigation state");
+
 _Static_assert(__offsetof(struct pcpu, pc_mds_tmp) % 64 == 0, "MDS AVX512");

 void
@ -1172,6 +1202,11 @@ SYSCTL_PROC(_hw, OID_AUTO, mds_disable, CTLTYPE_INT |
    "Microarchitectural Data Sampling Mitigation "
    "(0 - off, 1 - on VERW, 2 - on SW, 3 - on AUTO");

+SYSCTL_PROC(_machdep_mitigations_mds, OID_AUTO, disable, CTLTYPE_INT |
+    CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_mds_disable_handler, "I",
+    "Microarchitectural Data Sampling Mitigation "
+    "(0 - off, 1 - on VERW, 2 - on SW, 3 - on AUTO");

 /*
 * Intel Transactional Memory Asynchronous Abort Mitigation