git.ipfire.org Git - thirdparty/kernel/stable-queue.git/blob

   1 From e1ebb2b49048c4767cfa0d8466f9c701e549fa5e Mon Sep 17 00:00:00 2001
   2 From: Krish Sadhukhan <krish.sadhukhan@oracle.com>
   3 Date: Thu, 17 Sep 2020 21:20:38 +0000
   4 Subject: KVM: SVM: Don't flush cache if hardware enforces cache coherency across encryption domains
   5
   6 From: Krish Sadhukhan <krish.sadhukhan@oracle.com>
   7
   8 commit e1ebb2b49048c4767cfa0d8466f9c701e549fa5e upstream.
   9
  10 In some hardware implementations, coherency between the encrypted and
  11 unencrypted mappings of the same physical page in a VM is enforced. In
  12 such a system, it is not required for software to flush the VM's page
  13 from all CPU caches in the system prior to changing the value of the
  14 C-bit for the page.
  15
  16 So check that bit before flushing the cache.
  17
  18 Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
  19 Signed-off-by: Borislav Petkov <bp@suse.de>
  20 Acked-by: Paolo Bonzini <pbonzini@redhat.com>
  21 Link: https://lkml.kernel.org/r/20200917212038.5090-4-krish.sadhukhan@oracle.com
  22 [ The linux-5.4.y stable branch does not have the Linux 5.7 refactoring commit
  23   eaf78265a4ab ("KVM: SVM: Move SEV code to separate file") so the
  24   change was manually applied to sev_clflush_pages() in arch/x86/kvm/svm.c. ]
  25 Signed-off-by: Liam Merwick <liam.merwick@oracle.com>
  26 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  27 ---
  28  arch/x86/kvm/svm.c |    3 ++-
  29  1 file changed, 2 insertions(+), 1 deletion(-)
  30
  31 --- a/arch/x86/kvm/svm.c
  32 +++ b/arch/x86/kvm/svm.c
  33 @@ -1904,7 +1904,8 @@ static void sev_clflush_pages(struct pag
  34         uint8_t *page_virtual;
  35         unsigned long i;
  36
  37 -       if (npages == 0 || pages == NULL)
  38 +       if (this_cpu_has(X86_FEATURE_SME_COHERENT) || npages == 0 ||
  39 +           pages == NULL)
  40                 return;
  41
  42         for (i = 0; i < npages; i++) {