From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 13 Sep 2025 11:51:52 +0000 (+0200)
Subject: 6.6-stable patches
X-Git-Tag: v6.1.153~70
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17541177aca0abe0e28be7fc4f788f275e391f53;p=thirdparty%2Fkernel%2Fstable-queue.git

6.6-stable patches

added patches:
	kvm-svm-set-synthesized-tsa-cpuid-flags.patch
---

diff --git a/queue-6.6/kvm-svm-set-synthesized-tsa-cpuid-flags.patch b/queue-6.6/kvm-svm-set-synthesized-tsa-cpuid-flags.patch
new file mode 100644
index 0000000000..8487d4361b
--- /dev/null
+++ b/queue-6.6/kvm-svm-set-synthesized-tsa-cpuid-flags.patch
@@ -0,0 +1,46 @@
+From f3f9deccfc68a6b7c8c1cc51e902edba23d309d4 Mon Sep 17 00:00:00 2001
+From: "Borislav Petkov (AMD)" <bp@alien8.de>
+Date: Tue, 15 Jul 2025 21:24:59 +0200
+Subject: KVM: SVM: Set synthesized TSA CPUID flags
+
+From: Borislav Petkov (AMD) <bp@alien8.de>
+
+commit f3f9deccfc68a6b7c8c1cc51e902edba23d309d4 upstream.
+
+VERW_CLEAR is supposed to be set only by the hypervisor to denote TSA
+mitigation support to a guest. SQ_NO and L1_NO are both synthesizable,
+and are going to be set by hw CPUID on future machines.
+
+So keep the kvm_cpu_cap_init_kvm_defined() invocation *and* set them
+when synthesized.
+
+This fix is stable-only.
+
+Co-developed-by: Jinpu Wang <jinpu.wang@ionos.com>
+Signed-off-by: Jinpu Wang <jinpu.wang@ionos.com>
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+---
+ arch/x86/kvm/cpuid.c |    5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/arch/x86/kvm/cpuid.c
++++ b/arch/x86/kvm/cpuid.c
+@@ -791,10 +791,15 @@ void kvm_set_cpu_caps(void)
+ 		F(PERFMON_V2)
+ 	);
+ 
++	kvm_cpu_cap_check_and_set(X86_FEATURE_VERW_CLEAR);
++
+ 	kvm_cpu_cap_init_kvm_defined(CPUID_8000_0021_ECX,
+ 		F(TSA_SQ_NO) | F(TSA_L1_NO)
+ 	);
+ 
++	kvm_cpu_cap_check_and_set(X86_FEATURE_TSA_SQ_NO);
++	kvm_cpu_cap_check_and_set(X86_FEATURE_TSA_L1_NO);
++
+ 	/*
+ 	 * Synthesize "LFENCE is serializing" into the AMD-defined entry in
+ 	 * KVM's supported CPUID if the feature is reported as supported by the
diff --git a/queue-6.6/series b/queue-6.6/series
index 3cba481f31..374d166de0 100644
--- a/queue-6.6/series
+++ b/queue-6.6/series
@@ -27,3 +27,4 @@ proc-fix-type-confusion-in-pde_set_flags.patch
 rcu-tasks-maintain-lists-to-eliminate-rcu-tasks-do_exit-deadlocks.patch
 rcu-tasks-eliminate-deadlocks-involving-do_exit-and-rcu-tasks.patch
 rcu-tasks-maintain-real-time-response-in-rcu_tasks_postscan.patch
+kvm-svm-set-synthesized-tsa-cpuid-flags.patch