-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 0cc3cd21657be04cb0559fe8063f2130493f92cf Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 29 Jun 2018 16:05:48 +0200
Subject: cpu/hotplug: Boot HT siblings at least once
From: Thomas Gleixner <tglx@linutronix.de>
+commit 0cc3cd21657be04cb0559fe8063f2130493f92cf upstream.
+
Due to the way Machine Check Exceptions work on X86 hyperthreads it's
required to boot up _all_ logical cores at least once in order to set the
CR4.MCE bit.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
kernel/cpu.c | 72 +++++++++++++++++++++++++++++++++++++++--------------------
1 file changed, 48 insertions(+), 24 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 73d5e2b472640b1fcdb61ae8be389912ef211bda Mon Sep 17 00:00:00 2001
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Tue, 24 Jul 2018 18:17:40 +0200
Subject: cpu/hotplug: detect SMT disabled by BIOS
From: Josh Poimboeuf <jpoimboe@redhat.com>
+commit 73d5e2b472640b1fcdb61ae8be389912ef211bda upstream.
+
If SMT is disabled in BIOS, the CPU code doesn't properly detect it.
The /sys/devices/system/cpu/smt/control file shows 'on', and the 'l1tf'
vulnerabilities file shows SMT as vulnerable.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
kernel/cpu.c | 9 +++++++++
1 file changed, 9 insertions(+)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 8e1b706b6e819bed215c0db16345568864660393 Mon Sep 17 00:00:00 2001
From: Jiri Kosina <jkosina@suse.cz>
Date: Fri, 13 Jul 2018 16:23:23 +0200
Subject: cpu/hotplug: Expose SMT control init function
From: Jiri Kosina <jkosina@suse.cz>
+commit 8e1b706b6e819bed215c0db16345568864660393 upstream.
+
The L1TF mitigation will gain a commend line parameter which allows to set
a combination of hypervisor mitigation and SMT control.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142323.039715135@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
include/linux/cpu.h | 2 ++
kernel/cpu.c | 16 +++++++++++++---
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From bc2d8d262cba5736332cbc866acb11b1c5748aa9 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Tue, 7 Aug 2018 08:19:57 +0200
Subject: cpu/hotplug: Fix SMT supported evaluation
From: Thomas Gleixner <tglx@linutronix.de>
+commit bc2d8d262cba5736332cbc866acb11b1c5748aa9 upstream.
+
Josh reported that the late SMT evaluation in cpu_smt_state_init() sets
cpu_smt_control to CPU_SMT_NOT_SUPPORTED in case that 'nosmt' was supplied
on the kernel command line as it cannot differentiate between SMT disabled
Reported-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/bugs.c | 2 +-
include/linux/cpu.h | 2 ++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From c4de65696d865c225fda3b9913b31284ea65ea96 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Tue, 29 May 2018 19:05:25 +0200
Subject: cpu/hotplug: Make bringup/teardown of smp threads symmetric
From: Thomas Gleixner <tglx@linutronix.de>
+commit c4de65696d865c225fda3b9913b31284ea65ea96 upstream.
+
The asymmetry caused a warning to trigger if the bootup was stopped in state
CPUHP_AP_ONLINE_IDLE. The warning no longer triggers as kthread_park() can
now be invoked on already or still parked threads. But there is still no
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
kernel/cpu.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 215af5499d9e2b55f111d2431ea20218115f29b3 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Sat, 7 Jul 2018 11:40:18 +0200
Subject: cpu/hotplug: Online siblings when SMT control is turned on
From: Thomas Gleixner <tglx@linutronix.de>
+commit 215af5499d9e2b55f111d2431ea20218115f29b3 upstream.
+
Writing 'off' to /sys/devices/system/cpu/smt/control offlines all SMT
siblings. Writing 'on' merily enables the abilify to online them, but does
not online them automatically.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
kernel/cpu.c | 26 ++++++++++++++++++++++++--
1 file changed, 24 insertions(+), 2 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 05736e4ac13c08a4a9b1ef2de26dd31a32cbee57 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Tue, 29 May 2018 17:48:27 +0200
Subject: cpu/hotplug: Provide knobs to control SMT
From: Thomas Gleixner <tglx@linutronix.de>
+commit 05736e4ac13c08a4a9b1ef2de26dd31a32cbee57 upstream.
+
Provide a command line and a sysfs knob to control SMT.
The command line options are:
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/ABI/testing/sysfs-devices-system-cpu | 20 ++
Documentation/admin-guide/kernel-parameters.txt | 8
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From fee0aede6f4739c87179eca76136f83210953b86 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:24 +0200
Subject: cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
From: Thomas Gleixner <tglx@linutronix.de>
+commit fee0aede6f4739c87179eca76136f83210953b86 upstream.
+
The CPU_SMT_NOT_SUPPORTED state is set (if the processor does not support
SMT) when the sysfs SMT control file is initialized.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142323.121795971@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/bugs.c | 6 ++++++
include/linux/cpu.h | 2 ++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From cc1fe215e1efa406b03aa4389e6269b61342dec5 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Tue, 29 May 2018 17:49:05 +0200
Subject: cpu/hotplug: Split do_cpu_down()
From: Thomas Gleixner <tglx@linutronix.de>
+commit cc1fe215e1efa406b03aa4389e6269b61342dec5 upstream.
+
Split out the inner workings of do_cpu_down() to allow reuse of that
function for the upcoming SMT disabling mechanism.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
kernel/cpu.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 3ec8ce5d866ec6a08a9cfab82b62acf4a830b35f Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:26 +0200
Subject: Documentation: Add section about CPU vulnerabilities
From: Thomas Gleixner <tglx@linutronix.de>
+commit 3ec8ce5d866ec6a08a9cfab82b62acf4a830b35f upstream.
+
Add documentation for the L1TF vulnerability and the mitigation mechanisms:
- Explain the problem and risks
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lkml.kernel.org/r/20180713142323.287429944@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/index.rst | 9
Documentation/admin-guide/l1tf.rst | 591 ++++++++++++++++++++++++++++++++++++
2 files changed, 600 insertions(+)
- create mode 100644 Documentation/admin-guide/l1tf.rst
--- a/Documentation/admin-guide/index.rst
+++ b/Documentation/admin-guide/index.rst
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 1949f9f49792d65dba2090edddbe36a5f02e3ba3 Mon Sep 17 00:00:00 2001
From: Tony Luck <tony.luck@intel.com>
Date: Thu, 19 Jul 2018 13:49:58 -0700
Subject: Documentation/l1tf: Fix typos
From: Tony Luck <tony.luck@intel.com>
+commit 1949f9f49792d65dba2090edddbe36a5f02e3ba3 upstream.
+
Fix spelling and other typos
Signed-off-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/l1tf.rst | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 58331136136935c631c2b5f06daf4c3006416e91 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Sun, 5 Aug 2018 17:06:12 +0200
Subject: Documentation/l1tf: Remove Yonah processors from not vulnerable list
From: Thomas Gleixner <tglx@linutronix.de>
+commit 58331136136935c631c2b5f06daf4c3006416e91 upstream.
+
Dave reported, that it's not confirmed that Yonah processors are
unaffected. Remove them from the list.
Reported-by: ave Hansen <dave.hansen@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/l1tf.rst | 2 --
1 file changed, 2 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 5b76a3cff011df2dcb6186c965a2e4d809a05ad4 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun, 5 Aug 2018 16:07:47 +0200
Subject: KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
From: Paolo Bonzini <pbonzini@redhat.com>
+commit 5b76a3cff011df2dcb6186c965a2e4d809a05ad4 upstream.
+
When nested virtualization is in use, VMENTER operations from the nested
hypervisor into the nested guest will always be processed by the bare metal
hypervisor, and KVM's "conditional cache flushes" mode in particular does a
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/l1tf.rst | 21 +++++++++++++++++++++
arch/x86/include/asm/kvm_host.h | 1 +
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 506a66f374891ff08e064a058c446b336c5ac760 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 29 Jun 2018 16:05:47 +0200
Subject: Revert "x86/apic: Ignore secondary threads if nosmt=force"
From: Thomas Gleixner <tglx@linutronix.de>
+commit 506a66f374891ff08e064a058c446b336c5ac760 upstream.
+
Dave Hansen reported, that it's outright dangerous to keep SMT siblings
disabled completely so they are stuck in the BIOS and wait for SIPI.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/kernel-parameters.txt | 8 ++------
arch/x86/include/asm/apic.h | 2 --
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From ba2591a5993eabcc8e874e30f361d8ffbb10d6d4 Mon Sep 17 00:00:00 2001
From: Peter Zijlstra <peterz@infradead.org>
Date: Tue, 29 May 2018 16:43:46 +0200
Subject: sched/smt: Update sched_smt_present at runtime
From: Peter Zijlstra <peterz@infradead.org>
+commit ba2591a5993eabcc8e874e30f361d8ffbb10d6d4 upstream.
+
The static key sched_smt_present is only updated at boot time when SMT
siblings have been detected. Booting with maxcpus=1 and bringing the
siblings online after boot rebuilds the scheduling domains correctly but
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
kernel/sched/core.c | 30 ++++++++++++------------------
kernel/sched/fair.c | 1 +
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From e24f14b0ff985f3e09e573ba1134bfdf42987e05 Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw@amazon.co.uk>
Date: Wed, 8 Aug 2018 11:00:16 +0100
Subject: tools headers: Synchronise x86 cpufeatures.h for L1TF additions
From: David Woodhouse <dwmw@amazon.co.uk>
+commit e24f14b0ff985f3e09e573ba1134bfdf42987e05 upstream.
+
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
tools/arch/x86/include/asm/cpufeatures.h | 3 +++
1 file changed, 3 insertions(+)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 2207def700f902f169fc237b717252c326f9e464 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Tue, 5 Jun 2018 14:00:11 +0200
Subject: x86/apic: Ignore secondary threads if nosmt=force
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
From: Thomas Gleixner <tglx@linutronix.de>
+commit 2207def700f902f169fc237b717252c326f9e464 upstream.
+
nosmt on the kernel command line merely prevents the onlining of the
secondary SMT siblings.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/apic.h | 2 ++
arch/x86/kernel/acpi/boot.c | 3 ++-
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From d90a7a0ec83fb86622cd7dae23255d3c50a99ec8 Mon Sep 17 00:00:00 2001
From: Jiri Kosina <jkosina@suse.cz>
Date: Fri, 13 Jul 2018 16:23:25 +0200
Subject: x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
From: Jiri Kosina <jkosina@suse.cz>
+commit d90a7a0ec83fb86622cd7dae23255d3c50a99ec8 upstream.
+
Introduce the 'l1tf=' kernel command line option to allow for boot-time
switching of mitigation that is used on processors affected by L1TF.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142323.202758176@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/ABI/testing/sysfs-devices-system-cpu | 4 +
Documentation/admin-guide/kernel-parameters.txt | 68 +++++++++++++++++++--
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 56563f53d3066afa9e63d6c997bf67e76a8b05c0 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 16:42:57 -0400
Subject: x86/bugs: Move the l1tf function and define pr_fmt properly
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 56563f53d3066afa9e63d6c997bf67e76a8b05c0 upstream.
+
The pr_warn in l1tf_select_mitigation would have used the prior pr_fmt
which was defined as "Spectre V2 : ".
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/bugs.c | 55 +++++++++++++++++++++++----------------------
1 file changed, 29 insertions(+), 26 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 119bff8a9c9bb00116a844ec68be7bc4b1c768f5 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Fri, 15 Jun 2018 20:48:39 +0200
Subject: x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
From: Borislav Petkov <bp@suse.de>
+commit 119bff8a9c9bb00116a844ec68be7bc4b1c768f5 upstream.
+
Old code used to check whether CPUID ext max level is >= 0x80000008 because
that last leaf contains the number of cores of the physical CPU. The three
functions called there now do not depend on that leaf anymore so the check
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/amd.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 1e1d7e25fd759eddf96d8ab39d0a90a1979b2d8c Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 6 Jun 2018 00:57:38 +0200
Subject: x86/cpu/AMD: Evaluate smp_num_siblings early
From: Thomas Gleixner <tglx@linutronix.de>
+commit 1e1d7e25fd759eddf96d8ab39d0a90a1979b2d8c upstream.
+
To support force disabling of SMT it's required to know the number of
thread siblings early. amd_get_topology() cannot be called before the APIC
driver is selected, so split out the part which initializes
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/amd.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 7ce2f0393ea2396142b7faf6ee9b1f3676d08a5f Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Fri, 22 Jun 2018 11:34:11 +0200
Subject: x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
From: Borislav Petkov <bp@suse.de>
+commit 7ce2f0393ea2396142b7faf6ee9b1f3676d08a5f upstream.
+
The TOPOEXT reenablement is a workaround for broken BIOSen which didn't
enable the CPUID bit. amd_get_topology_early(), however, relies on
that bit being set so that it can read out the CPUID leaf and set
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/amd.c | 37 +++++++++++++++++--------------------
1 file changed, 17 insertions(+), 20 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 44ca36de56d1bf196dca2eb67cd753a46961ffe6 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 6 Jun 2018 00:47:10 +0200
Subject: x86/cpu/AMD: Remove the pointless detect_ht() call
From: Thomas Gleixner <tglx@linutronix.de>
+commit 44ca36de56d1bf196dca2eb67cd753a46961ffe6 upstream.
+
Real 32bit AMD CPUs do not have SMT and the only value of the call was to
reach the magic printout which got removed.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/amd.c | 4 ----
1 file changed, 4 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 545401f4448a807b963ff17b575e0a393e68b523 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 6 Jun 2018 00:53:57 +0200
Subject: x86/cpu/common: Provide detect_ht_early()
From: Thomas Gleixner <tglx@linutronix.de>
+commit 545401f4448a807b963ff17b575e0a393e68b523 upstream.
+
To support force disabling of SMT it's required to know the number of
thread siblings early. detect_ht() cannot be called before the APIC driver
is selected, so split out the part which initializes smp_num_siblings.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/common.c | 24 ++++++++++++++----------
arch/x86/kernel/cpu/cpu.h | 1 +
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 1910ad5624968f93be48e8e265513c54d66b897c Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 6 Jun 2018 01:00:55 +0200
Subject: x86/cpu/intel: Evaluate smp_num_siblings early
From: Thomas Gleixner <tglx@linutronix.de>
+commit 1910ad5624968f93be48e8e265513c54d66b897c upstream.
+
Make use of the new early detection function to initialize smp_num_siblings
on the boot cpu before the MP-Table or ACPI/MADT scan happens. That's
required for force disabling SMT.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/intel.c | 7 +++++++
1 file changed, 7 insertions(+)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 55e6d279abd92cfd7576bba031e7589be8475edb Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 6 Jun 2018 00:36:15 +0200
Subject: x86/cpu: Remove the pointless CPU printout
From: Thomas Gleixner <tglx@linutronix.de>
+commit 55e6d279abd92cfd7576bba031e7589be8475edb upstream.
+
The value of this printout is dubious at best and there is no point in
having it in two different places along with convoluted ways to reach it.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/common.c | 20 +++++---------------
arch/x86/kernel/cpu/topology.c | 10 ----------
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 95f3d39ccf7aaea79d1ffdac1c887c2e100ec1b6 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 6 Jun 2018 00:55:39 +0200
Subject: x86/cpu/topology: Provide detect_extended_topology_early()
From: Thomas Gleixner <tglx@linutronix.de>
+commit 95f3d39ccf7aaea79d1ffdac1c887c2e100ec1b6 upstream.
+
To support force disabling of SMT it's required to know the number of
thread siblings early. detect_extended_topology() cannot be called before
the APIC driver is selected, so split out the part which initializes
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/cpu.h | 1 +
arch/x86/kernel/cpu/topology.c | 31 ++++++++++++++++++++++---------
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 11e34e64e4103955fc4568750914c75d65ea87ee Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 16:42:58 -0400
Subject: x86/cpufeatures: Add detection of L1D cache flush support.
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 11e34e64e4103955fc4568750914c75d65ea87ee upstream.
+
336996-Speculative-Execution-Side-Channel-Mitigations.pdf defines a new MSR
(IA32_FLUSH_CMD) which is detected by CPUID.7.EDX[28]=1 bit being set.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/cpufeatures.h | 1 +
1 file changed, 1 insertion(+)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 447ae316670230d7d29430e2cbf1f5db4f49d14c Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Sun, 29 Jul 2018 12:15:33 +0200
Subject: x86: Don't include linux/irq.h from asm/hardirq.h
From: Nicolai Stange <nstange@suse.de>
+commit 447ae316670230d7d29430e2cbf1f5db4f49d14c upstream.
+
The next patch in this series will have to make the definition of
irq_cpustat_t available to entering_irq().
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/dmi.h | 2 +-
arch/x86/include/asm/hardirq.h | 1 -
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 9aee5f8a7e30330d0a8f4c626dc924ca5590aba5 Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Fri, 27 Jul 2018 12:46:29 +0200
Subject: x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
From: Nicolai Stange <nstange@suse.de>
+commit 9aee5f8a7e30330d0a8f4c626dc924ca5590aba5 upstream.
+
An upcoming patch will extend KVM's L1TF mitigation in conditional mode
to also cover interrupts after VMEXITs. For tracking those, stores to a
new per-cpu flag from interrupt handlers will become necessary.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/hardirq.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From ffcba43ff66c7dab34ec700debd491d2a4d319b4 Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Sun, 29 Jul 2018 13:06:04 +0200
Subject: x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
From: Nicolai Stange <nstange@suse.de>
+commit ffcba43ff66c7dab34ec700debd491d2a4d319b4 upstream.
+
The last missing piece to having vmx_l1d_flush() take interrupts after
VMEXIT into account is to set the kvm_cpu_l1tf_flush_l1d per-cpu flag on
irq entry.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/apic.h | 3 +++
arch/x86/kernel/smp.c | 1 +
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 4c6523ec59fe895ea352a650218a6be0653910b1 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:20 +0200
Subject: x86/kvm: Add static key for flush always
From: Thomas Gleixner <tglx@linutronix.de>
+commit 4c6523ec59fe895ea352a650218a6be0653910b1 upstream.
+
Avoid the conditional in the L1D flush control path.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.790914912@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 895ae47f9918833c3a880fbccd41e0692b37e7d9 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:22 +0200
Subject: x86/kvm: Allow runtime control of L1D flush
From: Thomas Gleixner <tglx@linutronix.de>
+commit 895ae47f9918833c3a880fbccd41e0692b37e7d9 upstream.
+
All mitigation modes can be switched at run time with a static key now:
- Use sysfs_streq() instead of strcmp() to handle the trailing new line
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.954525119@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/bugs.c | 2 +-
arch/x86/kvm/vmx.c | 13 ++++++++-----
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 2f055947ae5e2741fb2dc5bba1033c417ccf4faa Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:17 +0200
Subject: x86/kvm: Drop L1TF MSR list approach
From: Thomas Gleixner <tglx@linutronix.de>
+commit 2f055947ae5e2741fb2dc5bba1033c417ccf4faa upstream.
+
The VMX module parameter to control the L1D flush should become
writeable.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.516940445@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 43 +++++++------------------------------------
1 file changed, 7 insertions(+), 36 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 7db92e165ac814487264632ab2624e832f20ae38 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:19 +0200
Subject: x86/kvm: Move l1tf setup function
From: Thomas Gleixner <tglx@linutronix.de>
+commit 7db92e165ac814487264632ab2624e832f20ae38 upstream.
+
In preparation of allowing run time control for L1D flushing, move the
setup code to the module parameter handler.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.694063239@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 125 +++++++++++++++++++++++++++++++++--------------------
1 file changed, 78 insertions(+), 47 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From dd4bfa739a72508b75760b393d129ed7b431daab Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:21 +0200
Subject: x86/kvm: Serialize L1D flush parameter setter
From: Thomas Gleixner <tglx@linutronix.de>
+commit dd4bfa739a72508b75760b393d129ed7b431daab upstream.
+
Writes to the parameter files are not serialized at the sysfs core
level, so local serialization is required.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.873642605@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From ca83b4a7f2d068da79a029d323024aa45decb250 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 20:11:39 -0400
Subject: x86/KVM/VMX: Add find_msr() helper function
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit ca83b4a7f2d068da79a029d323024aa45decb250 upstream.
+
.. to help find the MSR on either the guest or host MSR list.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 31 ++++++++++++++++++-------------
1 file changed, 18 insertions(+), 13 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From a47dd5f06714c844b33f3b5f517b6f3e81ce57b5 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 2 Jul 2018 12:47:38 +0200
Subject: x86/KVM/VMX: Add L1D flush algorithm
From: Paolo Bonzini <pbonzini@redhat.com>
+commit a47dd5f06714c844b33f3b5f517b6f3e81ce57b5 upstream.
+
To mitigate the L1 Terminal Fault vulnerability it's required to flush L1D
on VMENTER to prevent rogue guests from snooping host memory.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 66 insertions(+), 5 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From c595ceee45707f00f64f61c54fb64ef0cc0b4e85 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 2 Jul 2018 13:07:14 +0200
Subject: x86/KVM/VMX: Add L1D flush logic
From: Paolo Bonzini <pbonzini@redhat.com>
+commit c595ceee45707f00f64f61c54fb64ef0cc0b4e85 upstream.
+
Add the logic for flushing L1D on VMENTER. The flush depends on the static
key being enabled and the new l1tf_flush_l1d flag being set.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/kvm_host.h | 4 ++++
arch/x86/kvm/mmu.c | 1 +
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 3fa045be4c720146b18a19cea7a767dc6ad5df94 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 2 Jul 2018 13:03:48 +0200
Subject: x86/KVM/VMX: Add L1D MSR based flush
From: Paolo Bonzini <pbonzini@redhat.com>
+commit 3fa045be4c720146b18a19cea7a767dc6ad5df94 upstream.
+
336996-Speculative-Execution-Side-Channel-Mitigations.pdf defines a new MSR
(IA32_FLUSH_CMD aka 0x10B) which has similar write-only semantics to other
MSRs defined in the document.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/msr-index.h | 6 ++++++
arch/x86/kvm/vmx.c | 15 +++++++++++----
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From a399477e52c17e148746d3ce9a483f681c2aa9a0 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Mon, 2 Jul 2018 12:29:30 +0200
Subject: x86/KVM/VMX: Add module argument for L1TF mitigation
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit a399477e52c17e148746d3ce9a483f681c2aa9a0 upstream.
+
Add a mitigation mode parameter "vmentry_l1d_flush" for CVE-2018-3620, aka
L1 terminal fault. The valid arguments are:
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/kernel-parameters.txt | 12 ++++
arch/x86/kvm/vmx.c | 59 ++++++++++++++++++++++++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Sun, 22 Jul 2018 13:38:18 +0200
Subject: x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
From: Nicolai Stange <nstange@suse.de>
+commit 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc upstream.
+
For VMEXITs caused by external interrupts, vmx_handle_external_intr()
indirectly calls into the interrupt handlers through the host's IDT.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 1 -
1 file changed, 1 deletion(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 379fd0c7e6a391e5565336a646f19f218fb98c6c Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Sat, 21 Jul 2018 22:16:56 +0200
Subject: x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
From: Nicolai Stange <nstange@suse.de>
+commit 379fd0c7e6a391e5565336a646f19f218fb98c6c upstream.
+
vmx_l1d_flush() gets invoked only if l1tf_flush_l1d is true. There's no
point in setting l1tf_flush_l1d to true from there again.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 989e3992d2eca32c3f1404f2bc91acda3aa122d8 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 22:01:22 -0400
Subject: x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 989e3992d2eca32c3f1404f2bc91acda3aa122d8 upstream.
+
The IA32_FLUSH_CMD MSR needs only to be written on VMENTER. Extend
add_atomic_switch_msr() with an entry_only parameter to allow storing the
MSR only in the guest (ENTRY) MSR array.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 288d152c23dcf3c09da46c5c481903ca10ebfef7 Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Wed, 18 Jul 2018 19:07:38 +0200
Subject: x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
From: Nicolai Stange <nstange@suse.de>
+commit 288d152c23dcf3c09da46c5c481903ca10ebfef7 upstream.
+
The slow path in vmx_l1d_flush() reads from vmx_l1d_flush_pages in order
to evict the L1d cache.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 45b575c00d8e72d69d75dd8c112f044b7b01b069 Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Fri, 27 Jul 2018 13:22:16 +0200
Subject: x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
From: Nicolai Stange <nstange@suse.de>
+commit 45b575c00d8e72d69d75dd8c112f044b7b01b069 upstream.
+
Part of the L1TF mitigation for vmx includes flushing the L1D cache upon
VMENTRY.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/hardirq.h | 23 +++++++++++++++++++++++
arch/x86/kvm/vmx.c | 17 +++++++++++++----
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 5b6ccc6c3b1a477fbac9ec97a0b4c1c48e765209 Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Sat, 21 Jul 2018 22:35:28 +0200
Subject: x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
From: Nicolai Stange <nstange@suse.de>
+commit 5b6ccc6c3b1a477fbac9ec97a0b4c1c48e765209 upstream.
+
Currently, vmx_vcpu_run() checks if l1tf_flush_l1d is set and invokes
vmx_l1d_flush() if so.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 427362a142441f08051369db6fbe7f61c73b3dca Mon Sep 17 00:00:00 2001
From: Nicolai Stange <nstange@suse.de>
Date: Sat, 21 Jul 2018 22:25:00 +0200
Subject: x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
From: Nicolai Stange <nstange@suse.de>
+commit 427362a142441f08051369db6fbe7f61c73b3dca upstream.
+
The vmx_l1d_flush_always static key is only ever evaluated if
vmx_l1d_should_flush is enabled. In that case however, there are only two
L1d flushing modes possible: "always" and "conditional".
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 3190709335dd31fe1aeeebfe4ffb6c7624ef971f Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 22:00:47 -0400
Subject: x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 3190709335dd31fe1aeeebfe4ffb6c7624ef971f upstream.
+
This allows to load a different number of MSRs depending on the context:
VMEXIT or VMENTER.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 29 +++++++++++++++++++----------
1 file changed, 19 insertions(+), 10 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 33966dd6b2d2c352fae55412db2ea8cfff5df13a Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 13:58:37 -0400
Subject: x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 33966dd6b2d2c352fae55412db2ea8cfff5df13a upstream.
+
There is no semantic change but this change allows an unbalanced amount of
MSRs to be loaded on VMEXIT and VMENTER, i.e. the number of MSRs to save or
restore on VMEXIT or VMENTER may be different.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 65 ++++++++++++++++++++++++++++-------------------------
1 file changed, 35 insertions(+), 30 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 390d975e0c4e60ce70d4157e0dd91ede37824603 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Thu, 28 Jun 2018 17:10:36 -0400
Subject: x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 390d975e0c4e60ce70d4157e0dd91ede37824603 upstream.
+
If the L1D flush module parameter is set to 'always' and the IA32_FLUSH_CMD
MSR is available, optimize the VMENTER code with the MSR save list.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kvm/vmx.c | 42 +++++++++++++++++++++++++++++++++++++-----
1 file changed, 37 insertions(+), 5 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 26acfb666a473d960f0fd971fe68f3e3ad16c70b Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Wed, 20 Jun 2018 11:29:53 -0400
Subject: x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+commit 26acfb666a473d960f0fd971fe68f3e3ad16c70b upstream.
+
If the L1TF CPU bug is present we allow the KVM module to be loaded as the
major of users that use Linux and KVM have trusted guests and do not want a
broken setup.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
Documentation/admin-guide/kernel-parameters.txt | 6 ++++++
arch/x86/kvm/vmx.c | 13 +++++++++++++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:18 +0200
Subject: x86/l1tf: Handle EPT disabled state proper
From: Thomas Gleixner <tglx@linutronix.de>
+commit a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 upstream.
+
If Extended Page Tables (EPT) are disabled or not supported, no L1D
flushing is required. The setup function can just avoid setting up the L1D
flush for the EPT=n case.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.612160168@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/vmx.h | 1
arch/x86/kernel/cpu/bugs.c | 9 ++--
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 72c6d2db64fa18c996ece8f06e499509e6c9a37e Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 13 Jul 2018 16:23:16 +0200
Subject: x86/litf: Introduce vmx status variable
From: Thomas Gleixner <tglx@linutronix.de>
+commit 72c6d2db64fa18c996ece8f06e499509e6c9a37e upstream.
+
Store the effective mitigation of VMX in a status variable and use it to
report the VMX state in the l1tf sysfs file.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Link: https://lkml.kernel.org/r/20180713142322.433098358@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/vmx.h | 9 +++++++++
arch/x86/kernel/cpu/bugs.c | 36 ++++++++++++++++++++++++++++++++++--
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 07d981ad4cf1e78361c6db1c28ee5ba105f96cc1 Mon Sep 17 00:00:00 2001
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Fri, 10 Aug 2018 08:31:10 +0100
Subject: x86/microcode: Allow late microcode loading with SMT disabled
From: Josh Poimboeuf <jpoimboe@redhat.com>
+commit 07d981ad4cf1e78361c6db1c28ee5ba105f96cc1 upstream.
+
The kernel unnecessarily prevents late microcode loading when SMT is
disabled. It should be safe to allow it if all the primary threads are
online.
Acked-by: Borislav Petkov <bp@suse.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/microcode/core.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 1063711b57393c1999248cccb57bebfaf16739e7 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Tue, 7 Aug 2018 15:09:38 -0700
Subject: x86/mm/kmmio: Make the tracer robust against L1TF
From: Andi Kleen <ak@linux.intel.com>
+commit 1063711b57393c1999248cccb57bebfaf16739e7 upstream.
+
The mmio tracer sets io mapping PTEs and PMDs to non present when enabled
without inverting the address bits, which makes the PTE entry vulnerable
for L1TF.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/mm/kmmio.c | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 958f79b9ee55dfaf00c8106ed1c22a2919e0028b Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Tue, 7 Aug 2018 15:09:39 -0700
Subject: x86/mm/pat: Make set_memory_np() L1TF safe
From: Andi Kleen <ak@linux.intel.com>
+commit 958f79b9ee55dfaf00c8106ed1c22a2919e0028b upstream.
+
set_memory_np() is used to mark kernel mappings not present, but it has
it's own open coded mechanism which does not have the L1TF protection of
inverting the address bits.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/mm/pageattr.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 6a4d2657e048f096c7ffcad254010bd94891c8c0 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Tue, 29 May 2018 17:50:22 +0200
Subject: x86/smp: Provide topology_is_primary_thread()
From: Thomas Gleixner <tglx@linutronix.de>
+commit 6a4d2657e048f096c7ffcad254010bd94891c8c0 upstream.
+
If the CPU is supporting SMT then the primary thread can be found by
checking the lower APIC ID bits for zero. smp_num_siblings is used to build
the mask for the APIC ID bits which need to be taken into account.
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/apic.h | 6 ++++++
arch/x86/include/asm/topology.h | 4 +++-
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 17dbca119312b4e8173d4e25ff64262119fcef38 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Wed, 13 Jun 2018 15:48:26 -0700
Subject: x86/speculation/l1tf: Add sysfs reporting for l1tf
From: Andi Kleen <ak@linux.intel.com>
+commit 17dbca119312b4e8173d4e25ff64262119fcef38 upstream.
+
L1TF core kernel workarounds are cheap and normally always enabled, However
they still should be reported in sysfs if the system is vulnerable or
mitigated. Add the necessary CPU feature/bug bits.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/cpufeatures.h | 2 +
arch/x86/include/asm/processor.h | 5 ++++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From bcd11afa7adad8d720e7ba5ef58bdcd9775cf45f Mon Sep 17 00:00:00 2001
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Wed, 13 Jun 2018 15:48:22 -0700
Subject: x86/speculation/l1tf: Change order of offset/type in swap entry
From: Linus Torvalds <torvalds@linux-foundation.org>
-commit 50896e180c6aa3a9c61a26ced99e15d602666a4c upstream.
+commit bcd11afa7adad8d720e7ba5ef58bdcd9775cf45f upstream.
If pages are swapped out, the swap entry is stored in the corresponding
PTE, which has the Present bit cleared. CPUs vulnerable to L1TF speculate
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable_64.h | 31 ++++++++++++++++++++-----------
1 file changed, 20 insertions(+), 11 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 42e4089c7890725fcd329999252dc489b72f2921 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Wed, 13 Jun 2018 15:48:27 -0700
Subject: x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
From: Andi Kleen <ak@linux.intel.com>
+commit 42e4089c7890725fcd329999252dc489b72f2921 upstream.
+
For L1TF PROT_NONE mappings are protected by inverting the PFN in the page
table entry. This sets the high bits in the CPU's address space, thus
making sure to point to not point an unmapped entry to valid cached memory.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable.h | 8 ++++++
arch/x86/mm/mmap.c | 21 +++++++++++++++++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 1a7ed1ba4bba6c075d5ad61bb75e3fbc870840d6 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka <vbabka@suse.cz>
Date: Thu, 21 Jun 2018 12:36:29 +0200
Subject: x86/speculation/l1tf: Extend 64bit swap file size limit
From: Vlastimil Babka <vbabka@suse.cz>
+commit 1a7ed1ba4bba6c075d5ad61bb75e3fbc870840d6 upstream.
+
The previous patch has limited swap file size so that large offsets cannot
clear bits above MAX_PA/2 in the pte and interfere with L1TF mitigation.
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/mm/init.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From e14d7dfb41f5807a0c1c26a13f2b8ef16af24935 Mon Sep 17 00:00:00 2001
From: Michal Hocko <mhocko@suse.cz>
Date: Wed, 27 Jun 2018 17:46:50 +0200
Subject: x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
From: Michal Hocko <mhocko@suse.cz>
+commit e14d7dfb41f5807a0c1c26a13f2b8ef16af24935 upstream.
+
Jan has noticed that pte_pfn and co. resp. pfn_pte are incorrect for
CONFIG_PAE because phys_addr_t is wider than unsigned long and so the
pte_val reps. shift left would get truncated. Fix this up by using proper
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable.h | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 50896e180c6aa3a9c61a26ced99e15d602666a4c Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Wed, 13 Jun 2018 15:48:21 -0700
Subject: x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/page_32_types.h | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From f22cc87f6c1f771b57c407555cfefd811cdd9507 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Tue, 7 Aug 2018 15:09:36 -0700
Subject: x86/speculation/l1tf: Invert all not present mappings
From: Andi Kleen <ak@linux.intel.com>
+commit f22cc87f6c1f771b57c407555cfefd811cdd9507 upstream.
+
For kernel mappings PAGE_PROTNONE is not necessarily set for a non present
mapping, but the inversion logic explicitely checks for !PRESENT and
PROT_NONE.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable-invert.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 377eeaa8e11fe815b1d07c81c4a0e2843a8c15eb Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Wed, 13 Jun 2018 15:48:28 -0700
Subject: x86/speculation/l1tf: Limit swap file size to MAX_PA/2
From: Andi Kleen <ak@linux.intel.com>
+commit 377eeaa8e11fe815b1d07c81c4a0e2843a8c15eb upstream.
+
For the L1TF workaround its necessary to limit the swap file size to below
MAX_PA/2, so that the higher bits of the swap offset inverted never point
to valid memory.
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/mm/init.c | 15 +++++++++++++++
include/linux/swapfile.h | 2 ++
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 0768f91530ff46683e0b372df14fd79fe8d156e5 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Tue, 7 Aug 2018 15:09:37 -0700
Subject: x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
From: Andi Kleen <ak@linux.intel.com>
+commit 0768f91530ff46683e0b372df14fd79fe8d156e5 upstream.
+
Some cases in THP like:
- MADV_FREE
- mprotect
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable.h | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 10a70416e1f067f6c4efda6ffd8ea96002ac4223 Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Wed, 13 Jun 2018 15:48:25 -0700
Subject: x86/speculation/l1tf: Make sure the first page is always reserved
From: Andi Kleen <ak@linux.intel.com>
+commit 10a70416e1f067f6c4efda6ffd8ea96002ac4223 upstream.
+
The L1TF workaround doesn't make any attempt to mitigate speculate accesses
to the first physical page for zeroed PTEs. Normally it only contains some
data from the early real mode BIOS.
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/setup.c | 6 ++++++
1 file changed, 6 insertions(+)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 0d0f6249058834ffe1ceaad0bb31464af66f6e7a Mon Sep 17 00:00:00 2001
From: Vlastimil Babka <vbabka@suse.cz>
Date: Fri, 22 Jun 2018 17:39:33 +0200
Subject: x86/speculation/l1tf: Protect PAE swap entries against L1TF
From: Vlastimil Babka <vbabka@suse.cz>
+commit 0d0f6249058834ffe1ceaad0bb31464af66f6e7a upstream.
+
The PAE 3-level paging code currently doesn't mitigate L1TF by flipping the
offset bits, and uses the high PTE word, thus bits 32-36 for type, 37-63 for
offset. The lower word is zeroed, thus systems with less than 4GB memory are
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable-3level.h | 35 ++++++++++++++++++++++++++++++++--
arch/x86/mm/init.c | 2 -
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 6b28baca9b1f0d4a42b865da7a05b1c81424bd5c Mon Sep 17 00:00:00 2001
From: Andi Kleen <ak@linux.intel.com>
Date: Wed, 13 Jun 2018 15:48:24 -0700
Subject: x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
From: Andi Kleen <ak@linux.intel.com>
+commit 6b28baca9b1f0d4a42b865da7a05b1c81424bd5c upstream.
+
When PTEs are set to PROT_NONE the kernel just clears the Present bit and
preserves the PFN, which creates attack surface for L1TF speculation
speculation attacks.
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable-2level.h | 17 +++++++++++++
arch/x86/include/asm/pgtable-3level.h | 2 +
arch/x86/include/asm/pgtable.h | 44 +++++++++++++++++++++++-----------
arch/x86/include/asm/pgtable_64.h | 2 +
5 files changed, 84 insertions(+), 13 deletions(-)
- create mode 100644 arch/x86/include/asm/pgtable-invert.h
--- a/arch/x86/include/asm/pgtable-2level.h
+++ b/arch/x86/include/asm/pgtable-2level.h
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 2f22b4cd45b67b3496f4aa4c7180a1271c6452f6 Mon Sep 17 00:00:00 2001
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Wed, 13 Jun 2018 15:48:23 -0700
Subject: x86/speculation/l1tf: Protect swap entries against L1TF
From: Linus Torvalds <torvalds@linux-foundation.org>
-commit bcd11afa7adad8d720e7ba5ef58bdcd9775cf45f upstream.
+commit 2f22b4cd45b67b3496f4aa4c7180a1271c6452f6 upstream.
With L1 terminal fault the CPU speculates into unmapped PTEs, and resulting
side effects allow to read the memory the PTE is pointing too, if its
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/pgtable_64.h | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 6c26fcd2abfe0a56bbd95271fce02df2896cfd24 Mon Sep 17 00:00:00 2001
From: Jiri Kosina <jkosina@suse.cz>
Date: Sat, 14 Jul 2018 21:56:13 +0200
Subject: x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
From: Jiri Kosina <jkosina@suse.cz>
+commit 6c26fcd2abfe0a56bbd95271fce02df2896cfd24 upstream.
+
pfn_modify_allowed() and arch_has_pfn_modify_check() are outside of the
!__ASSEMBLY__ section in include/asm-generic/pgtable.h, which confuses
assembler on archs that don't have __HAVE_ARCH_PFN_MODIFY_ALLOWED (e.g.
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
include/asm-generic/pgtable.h | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From ea156d192f5257a5bf393d33910d3b481bf8a401 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun, 5 Aug 2018 16:07:45 +0200
Subject: x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
From: Paolo Bonzini <pbonzini@redhat.com>
+commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream.
+
Three changes to the content of the sysfs file:
- If EPT is disabled, L1TF cannot be exploited even across threads on the
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/kernel/cpu/bugs.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From 8e0b2b916662e09dd4d09e5271cdf214c6b80e62 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun, 5 Aug 2018 16:07:46 +0200
Subject: x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
From: Paolo Bonzini <pbonzini@redhat.com>
+commit 8e0b2b916662e09dd4d09e5271cdf214c6b80e62 upstream.
+
Bit 3 of ARCH_CAPABILITIES tells a hypervisor that L1D flush on vmentry is
not needed. Add a new value to enum vmx_l1d_flush_state, which is used
either if there is no L1TF bug at all, or if bit 3 is set in ARCH_CAPABILITIES.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/include/asm/vmx.h | 1 +
-From foo@baz Tue Aug 14 13:33:03 CEST 2018
+From f048c399e0f7490ab7296bc2c255d37eb14a9675 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx@linutronix.de>
Date: Thu, 21 Jun 2018 10:37:20 +0200
Subject: x86/topology: Provide topology_smt_supported()
From: Thomas Gleixner <tglx@linutronix.de>
+commit f048c399e0f7490ab7296bc2c255d37eb14a9675 upstream.
+
Provide information whether SMT is supoorted by the CPUs. Preparatory patch
for SMT control mechanism.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
---
arch/x86/include/asm/topology.h | 2 ++
arch/x86/kernel/smpboot.c | 8 ++++++++
projects / thirdparty / kernel / stable-queue.git / commitdiff
