git.ipfire.org Git - thirdparty/kernel/stable.git/commit

x86/its: Add "vmexit" option to skip mitigation on some CPUs

commit 2665281a07e19550944e8354a2024635a7b2714a upstream.

Ice Lake generation CPUs are not affected by guest/host isolation part of
ITS. If a user is only concerned about KVM guests, they can now choose a
new cmdline option "vmexit" that will not deploy the ITS mitigation when
CPU is not affected by guest/host isolation. This saves the performance
overhead of ITS mitigation on Ice Lake gen CPUs.

When "vmexit" option selected, if the CPU is affected by ITS guest/host
isolation, the default ITS mitigation is deployed.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

author	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
	Sat, 17 May 2025 00:02:35 +0000 (17:02 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 22 May 2025 12:08:24 +0000 (14:08 +0200)
commit	4804d7974301f5a3511b2ceaaeb7613c3170fb48
tree	5614b8d2aafa694c4146bebed4f75d76de115f79	tree
parent	e30bcefa93a6493239130556b2f9db38a1d6e761	commit \| diff

Documentation/admin-guide/kernel-parameters.txt		diff \| blob \| blame \| history
arch/x86/include/asm/cpufeatures.h		diff \| blob \| blame \| history
arch/x86/kernel/cpu/bugs.c		diff \| blob \| blame \| history
arch/x86/kernel/cpu/common.c		diff \| blob \| blame \| history