x86/bugs: Use VM_CLEAR_CPU_BUFFERS in VMX as well

TSA mitigation:

  d8010d4ba43e ("x86/bugs: Add a Transient Scheduler Attacks mitigation")

introduced VM_CLEAR_CPU_BUFFERS for guests on AMD CPUs. Currently on Intel
CLEAR_CPU_BUFFERS is being used for guests which has a much broader scope
(kernel->user also).

Make mitigations on Intel consistent with TSA. This would help handling the
guest-only mitigations better in future.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
[sean: make CLEAR_CPU_BUF_VM mutually exclusive with the MMIO mitigation]
Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Brendan Jackman <jackmanb@google.com>
Link: https://patch.msgid.link/20251113233746.1703361-3-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 6a526ae1fe9933229947db5b7676a18328fe2204..2847e11fbab52e2b061d3ac8928e43939dc7bf38 100644 (file)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -194,7 +194,7 @@ DEFINE_STATIC_KEY_FALSE(switch_mm_cond_l1d_flush);
 
 /*
  * Controls CPU Fill buffer clear before VMenter. This is a subset of
- * X86_FEATURE_CLEAR_CPU_BUF, and should only be enabled when KVM-only
+ * X86_FEATURE_CLEAR_CPU_BUF_VM, and should only be enabled when KVM-only
  * mitigation is required.
  */
 DEFINE_STATIC_KEY_FALSE(cpu_buf_vm_clear);
@@ -489,8 +489,8 @@ static enum rfds_mitigations rfds_mitigation __ro_after_init =
        IS_ENABLED(CONFIG_MITIGATION_RFDS) ? RFDS_MITIGATION_AUTO : RFDS_MITIGATION_OFF;
 
 /*
- * Set if any of MDS/TAA/MMIO/RFDS are going to enable VERW clearing
- * through X86_FEATURE_CLEAR_CPU_BUF on kernel and guest entry.
+ * Set if any of MDS/TAA/MMIO/RFDS are going to enable VERW clearing on exit to
+ * userspace *and* on entry to KVM guests.
  */
 static bool verw_clear_cpu_buf_mitigation_selected __ro_after_init;
 
@@ -536,6 +536,7 @@ static void __init mds_apply_mitigation(void)
        if (mds_mitigation == MDS_MITIGATION_FULL ||
            mds_mitigation == MDS_MITIGATION_VMWERV) {
                setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
+               setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF_VM);
                if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) &&
                    (mds_nosmt || smt_mitigations == SMT_MITIGATIONS_ON))
                        cpu_smt_disable(false);
@@ -647,6 +648,7 @@ static void __init taa_apply_mitigation(void)
                 * present on host, enable the mitigation for UCODE_NEEDED as well.
                 */
                setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
+               setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF_VM);
 
                if (taa_nosmt || smt_mitigations == SMT_MITIGATIONS_ON)
                        cpu_smt_disable(false);
@@ -748,6 +750,7 @@ static void __init mmio_apply_mitigation(void)
         */
        if (verw_clear_cpu_buf_mitigation_selected) {
                setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
+               setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF_VM);
                static_branch_disable(&cpu_buf_vm_clear);
        } else {
                static_branch_enable(&cpu_buf_vm_clear);
@@ -839,8 +842,10 @@ static void __init rfds_update_mitigation(void)
 
 static void __init rfds_apply_mitigation(void)
 {
-       if (rfds_mitigation == RFDS_MITIGATION_VERW)
+       if (rfds_mitigation == RFDS_MITIGATION_VERW) {
                setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
+               setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF_VM);
+       }
 }
 
 static __init int rfds_parse_cmdline(char *str)

diff --git a/arch/x86/kvm/vmx/vmenter.S b/arch/x86/kvm/vmx/vmenter.S
index b59062a52a3579434b18d3e2be7ac25e14516159..b66b43c9b24409edf3444b0c52513b3547c6d328 100644 (file)
--- a/arch/x86/kvm/vmx/vmenter.S
+++ b/arch/x86/kvm/vmx/vmenter.S
@@ -155,7 +155,7 @@ SYM_FUNC_START(__vmx_vcpu_run)
        mov VCPU_RAX(%_ASM_AX), %_ASM_AX
 
        /* Clobbers EFLAGS.ZF */
-       CLEAR_CPU_BUFFERS
+       VM_CLEAR_CPU_BUFFERS
 
        /* Check @flags to see if VMLAUNCH or VMRESUME is needed. */
        testl $VMX_RUN_VMRESUME, WORD_SIZE(%_ASM_SP)