Merge tag 'kvm-x86-mmio-6.17' of https://github.com/kvm-x86/linux into HEAD

KVM MMIO Stale Data mitigation cleanup for 6.17

Rework KVM's mitigation for the MMIO State Data vulnerability to track
whether or not a vCPU has access to (host) MMIO based on the MMU that will be
used when running in the guest.  The current approach doesn't actually detect
whether or not a guest has access to MMIO, and is prone to false negatives (and
to a lesser extent, false positives), as KVM_DEV_VFIO_FILE_ADD is optional, and
obviously only covers VFIO devices.

diff --cc arch/x86/include/asm/kvm_host.h
Simple merge

diff --cc arch/x86/kvm/vmx/vmx.c
index 5f37248b5d8b85d7cc4fd65fdf5874a9e32685f4,3025b11007fd1aaa7f14e59896293cfdba387a62..2003e9097b4eb6cdb777179f8d0104f4f214bc9a
--- 1/arch/x86/kvm/vmx/vmx.c
--- 2/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@@ -7288,8 -7296,8 +7294,8 @@@ static noinstr void vmx_vcpu_enter_exit
        if (static_branch_unlikely(&vmx_l1d_should_flush))
                vmx_l1d_flush(vcpu);
        else if (static_branch_unlikely(&cpu_buf_vm_clear) &&
-                kvm_arch_has_assigned_device(vcpu->kvm))
+                (flags & VMX_RUN_CLEAR_CPU_BUFFERS_FOR_MMIO))
 -              mds_clear_cpu_buffers();
 +              x86_clear_cpu_buffers();
  
        vmx_disable_fb_clear(vmx);