116 	 * mitigation until after TAA mitigation selection is done.  in check_bugs()
194 	 * If the host has SSBD mitigation enabled, force it in the host's  in x86_virt_spec_ctrl()
230 /* Default mitigation for MDS-affected CPUs */
236 	[MDS_MITIGATION_FULL]	= "Mitigation: Clear CPU buffers",
291 /* Default mitigation for TAA-affected CPUs */
298 	[TAA_MITIGATION_VERW]		= "Mitigation: Clear CPU buffers",
299 	[TAA_MITIGATION_TSX_DISABLED]	= "Mitigation: TSX disabled",
323 	 * TAA mitigation via VERW is turned off if both  in taa_select_mitigation()
350 	 * TSX is enabled, select alternate mitigation for TAA which is  in taa_select_mitigation()
354 	 * present on host, enable the mitigation for UCODE_NEEDED as well.  in taa_select_mitigation()
362 	 * Update MDS mitigation, if necessary, as the mds_user_clear is  in taa_select_mitigation()
363 	 * now enabled for TAA mitigation.  in taa_select_mitigation()
411 	[SRBDS_MITIGATION_FULL]		= "Mitigation: Microcode",
412 	[SRBDS_MITIGATION_TSX_OFF]	= "Mitigation: TSX disabled",
499 …[SPECTRE_V1_MITIGATION_AUTO] = "Mitigation: usercopy/swapgs barriers and __user pointer sanitizati…
503  * Does SMAP provide full mitigation against speculative kernel access to
514 	 * Consider SMAP to be non-functional as a mitigation on these  in smap_works_speculatively()
534 		 * value.  The mitigation is to add lfences to both code paths.  in spectre_v1_select_mitigation()
548 			 * Mitigation can be provided from SWAPGS itself or  in spectre_v1_select_mitigation()
549 			 * PTI as the CR3 write in the Meltdown mitigation  in spectre_v1_select_mitigation()
639 	[SPECTRE_V2_USER_STRICT]		= "User space: Mitigation: STIBP protection",
640 	[SPECTRE_V2_USER_STRICT_PREFERRED]	= "User space: Mitigation: STIBP always-on protection",
641 	[SPECTRE_V2_USER_PRCTL]			= "User space: Mitigation: STIBP via prctl",
642 	[SPECTRE_V2_USER_SECCOMP]		= "User space: Mitigation: STIBP via seccomp and prctl",
751 		pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n",  in spectre_v2_user_select_mitigation()
788 	[SPECTRE_V2_RETPOLINE_GENERIC]		= "Mitigation: Full generic retpoline",
789 	[SPECTRE_V2_RETPOLINE_AMD]		= "Mitigation: Full AMD retpoline",
790 	[SPECTRE_V2_IBRS_ENHANCED]		= "Mitigation: Enhanced IBRS",
899 	pr_err("Spectre mitigation: kernel not compiled with retpoline; no mitigation available!");  in spectre_v2_select_mitigation()
906 			pr_err("Spectre mitigation: LFENCE not serializing, switching to generic retpoline\n");  in spectre_v2_select_mitigation()
931 	pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n");  in spectre_v2_select_mitigation()
969 	pr_info("Update user space SMT mitigation: STIBP %s\n",  in update_stibp_strict()
1068 	[SPEC_STORE_BYPASS_DISABLE]	= "Mitigation: Speculative Store Bypass disabled",
1069 	[SPEC_STORE_BYPASS_PRCTL]	= "Mitigation: Speculative Store Bypass disabled via prctl",
1070 …[SPEC_STORE_BYPASS_SECCOMP]	= "Mitigation: Speculative Store Bypass disabled via prctl and seccomp…
1154 	 * bit in the mask to allow guests to use the mitigation even in the  in __ssb_select_mitigation()
1166 	 *  - X86_FEATURE_SPEC_STORE_BYPASS_DISABLE - engage the mitigation  in __ssb_select_mitigation()
1205 	 * mitigation until it is scheduled next.  in task_update_spec_tif()
1207 	 * This can only happen for SECCOMP mitigation. For PRCTL it's  in task_update_spec_tif()
1268 		 * mitigation is force disabled.  in ib_prctl_set()
1385 /* Default mitigation for L1TF-affected CPUs */
1397  * The L1TF mitigation uses the top most address bit for the inversion of
1401  * then the mitigation range check in l1tf_select_mitigation() triggers.
1402  * This is a false positive because the mitigation is still possible due to
1461 	pr_warn("Kernel not compiled for PAE. No mitigation for L1TF\n");  in l1tf_select_mitigation()
1468 		pr_warn("System has more than MAX_PA/2 memory. L1TF mitigation not effective.\n");  in l1tf_select_mitigation()
1509 #define L1TF_DEFAULT_MSG "Mitigation: PTE Inversion"
1541 		return sprintf(buf, "KVM: Mitigation: Split huge pages\n");  in itlb_multihit_show_state()
1635 			return sprintf(buf, "Mitigation: PTI\n");  in cpu_show_common()
1638 			return sprintf(buf, "Unknown (XEN PV detected, hypervisor mitigation required)\n");  in cpu_show_common()