[PATCH 4.9 005/107] kasan: add no_sanitize attribute for clang builds

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Andrey Konovalov commit 12c8f25a016dff69ee284aa3338bebfd2cfcba33 upstream. KASAN uses the __no_sanitize_address macro to disable instrumentation of particular functions. Right now it's

[PATCH 4.9 005/107] kasan: add no_sanitize attribute for clang builds

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Andrey Konovalov commit 12c8f25a016dff69ee284aa3338bebfd2cfcba33 upstream. KASAN uses the __no_sanitize_address macro to disable instrumentation of particular functions. Right now it's

[PATCH 4.9 001/107] ext4: fix check to prevent initializing reserved inodes

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 5012284700775a4e6e3fbe7eac4c543c4874b559 upstream. Commit 8844618d8aa7: "ext4: only look at the bg_flags field if it is valid" will complain if block group zero does not

[PATCH 4.9 003/107] parisc: Enable CONFIG_MLONGCALLS by default

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Helge Deller commit 66509a276c8c1d19ee3f661a41b418d101c57d29 upstream. Enable the -mlong-calls compiler option by default, because otherwise in most cases linking the vmlinux binary fails due

[PATCH 4.9 001/107] ext4: fix check to prevent initializing reserved inodes

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 5012284700775a4e6e3fbe7eac4c543c4874b559 upstream. Commit 8844618d8aa7: "ext4: only look at the bg_flags field if it is valid" will complain if block group zero does not

[PATCH 4.9 003/107] parisc: Enable CONFIG_MLONGCALLS by default

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Helge Deller commit 66509a276c8c1d19ee3f661a41b418d101c57d29 upstream. Enable the -mlong-calls compiler option by default, because otherwise in most cases linking the vmlinux binary fails due

[PATCH 4.9 002/107] tpm: fix race condition in tpm_common_write()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tadeusz Struk commit 3ab2011ea368ec3433ad49e1b9e1c7b70d2e65df upstream. There is a race condition in tpm_common_write function allowing two threads on the same /dev/tpm, or two different

[PATCH 4.9 002/107] tpm: fix race condition in tpm_common_write()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tadeusz Struk commit 3ab2011ea368ec3433ad49e1b9e1c7b70d2e65df upstream. There is a race condition in tpm_common_write function allowing two threads on the same /dev/tpm, or two different

[PATCH 4.14 083/104] x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 5b6ccc6c3b1a477fbac9ec97a0b4c1c48e765209 upstream Currently, vmx_vcpu_run() checks if l1tf_flush_l1d is set and invokes vmx_l1d_flush() if so. This test is unncessary

[PATCH 4.14 074/104] cpu/hotplug: Expose SMT control init function

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Jiri Kosina commit 8e1b706b6e819bed215c0db16345568864660393 upstream The L1TF mitigation will gain a commend line parameter which allows to set a combination of hypervisor mitigation and SMT

[PATCH 4.14 083/104] x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 5b6ccc6c3b1a477fbac9ec97a0b4c1c48e765209 upstream Currently, vmx_vcpu_run() checks if l1tf_flush_l1d is set and invokes vmx_l1d_flush() if so. This test is unncessary

[PATCH 4.14 074/104] cpu/hotplug: Expose SMT control init function

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Jiri Kosina commit 8e1b706b6e819bed215c0db16345568864660393 upstream The L1TF mitigation will gain a commend line parameter which allows to set a combination of hypervisor mitigation and SMT

[PATCH 4.14 082/104] x86/KVM/VMX: Replace vmx_l1d_flush_always with vmx_l1d_flush_cond

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 427362a142441f08051369db6fbe7f61c73b3dca upstream The vmx_l1d_flush_always static key is only ever evaluated if vmx_l1d_should_flush is enabled. In that case however,

[PATCH 4.14 082/104] x86/KVM/VMX: Replace vmx_l1d_flush_always with vmx_l1d_flush_cond

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 427362a142441f08051369db6fbe7f61c73b3dca upstream The vmx_l1d_flush_always static key is only ever evaluated if vmx_l1d_should_flush is enabled. In that case however,

[PATCH 4.14 103/104] tools headers: Synchronise x86 cpufeatures.h for L1TF additions

4.14-stable review patch. If anyone has any objections, please let me know. -- From: David Woodhouse commit e24f14b0ff985f3e09e573ba1134bfdf42987e05 upstream Signed-off-by: David Woodhouse Signed-off-by: Greg Kroah-Hartman --- tools/arch/x86/include/asm/cpufeatures.h |

[PATCH 4.14 104/104] x86/microcode: Allow late microcode loading with SMT disabled

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Josh Poimboeuf commit 07d981ad4cf1e78361c6db1c28ee5ba105f96cc1 upstream The kernel unnecessarily prevents late microcode loading when SMT is disabled. It should be safe to allow it if all

[PATCH 4.14 100/104] x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 0768f91530ff46683e0b372df14fd79fe8d156e5 upstream Some cases in THP like: - MADV_FREE - mprotect - split mark the PMD non present for temporarily to prevent races.

[PATCH 4.14 077/104] Documentation: Add section about CPU vulnerabilities

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 3ec8ce5d866ec6a08a9cfab82b62acf4a830b35f upstream Add documentation for the L1TF vulnerability and the mitigation mechanisms: - Explain the problem and risks -

[PATCH 4.14 103/104] tools headers: Synchronise x86 cpufeatures.h for L1TF additions

4.14-stable review patch. If anyone has any objections, please let me know. -- From: David Woodhouse commit e24f14b0ff985f3e09e573ba1134bfdf42987e05 upstream Signed-off-by: David Woodhouse Signed-off-by: Greg Kroah-Hartman --- tools/arch/x86/include/asm/cpufeatures.h |

[PATCH 4.14 104/104] x86/microcode: Allow late microcode loading with SMT disabled

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Josh Poimboeuf commit 07d981ad4cf1e78361c6db1c28ee5ba105f96cc1 upstream The kernel unnecessarily prevents late microcode loading when SMT is disabled. It should be safe to allow it if all

[PATCH 4.14 100/104] x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 0768f91530ff46683e0b372df14fd79fe8d156e5 upstream Some cases in THP like: - MADV_FREE - mprotect - split mark the PMD non present for temporarily to prevent races.

[PATCH 4.14 077/104] Documentation: Add section about CPU vulnerabilities

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 3ec8ce5d866ec6a08a9cfab82b62acf4a830b35f upstream Add documentation for the L1TF vulnerability and the mitigation mechanisms: - Explain the problem and risks -

[PATCH 4.14 080/104] cpu/hotplug: detect SMT disabled by BIOS

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Josh Poimboeuf commit 73d5e2b472640b1fcdb61ae8be389912ef211bda upstream If SMT is disabled in BIOS, the CPU code doesn't properly detect it. The /sys/devices/system/cpu/smt/control file shows

[PATCH 4.14 078/104] x86/KVM/VMX: Initialize the vmx_l1d_flush_pages content

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 288d152c23dcf3c09da46c5c481903ca10ebfef7 upstream The slow path in vmx_l1d_flush() reads from vmx_l1d_flush_pages in order to evict the L1d cache. However, these pages

[PATCH 4.14 081/104] x86/KVM/VMX: Dont set l1tf_flush_l1d to true from vmx_l1d_flush()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 379fd0c7e6a391e5565336a646f19f218fb98c6c upstream vmx_l1d_flush() gets invoked only if l1tf_flush_l1d is true. There's no point in setting l1tf_flush_l1d to true from

[PATCH 4.14 080/104] cpu/hotplug: detect SMT disabled by BIOS

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Josh Poimboeuf commit 73d5e2b472640b1fcdb61ae8be389912ef211bda upstream If SMT is disabled in BIOS, the CPU code doesn't properly detect it. The /sys/devices/system/cpu/smt/control file shows

[PATCH 4.14 078/104] x86/KVM/VMX: Initialize the vmx_l1d_flush_pages content

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 288d152c23dcf3c09da46c5c481903ca10ebfef7 upstream The slow path in vmx_l1d_flush() reads from vmx_l1d_flush_pages in order to evict the L1d cache. However, these pages

[PATCH 4.14 081/104] x86/KVM/VMX: Dont set l1tf_flush_l1d to true from vmx_l1d_flush()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 379fd0c7e6a391e5565336a646f19f218fb98c6c upstream vmx_l1d_flush() gets invoked only if l1tf_flush_l1d is true. There's no point in setting l1tf_flush_l1d to true from

[PATCH 4.14 084/104] x86/irq: Demote irq_cpustat_t::__softirq_pending to u16

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 9aee5f8a7e30330d0a8f4c626dc924ca5590aba5 upstream An upcoming patch will extend KVM's L1TF mitigation in conditional mode to also cover interrupts after VMEXITs. For

[PATCH 4.14 101/104] x86/mm/pat: Make set_memory_np() L1TF safe

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 958f79b9ee55dfaf00c8106ed1c22a2919e0028b upstream set_memory_np() is used to mark kernel mappings not present, but it has it's own open coded mechanism which does not have

[PATCH 4.14 097/104] KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit 5b76a3cff011df2dcb6186c965a2e4d809a05ad4 upstream When nested virtualization is in use, VMENTER operations from the nested hypervisor into the nested guest will always be

[PATCH 4.14 102/104] x86/mm/kmmio: Make the tracer robust against L1TF

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 1063711b57393c1999248cccb57bebfaf16739e7 upstream The mmio tracer sets io mapping PTEs and PMDs to non present when enabled without inverting the address bits, which makes

[PATCH 4.14 084/104] x86/irq: Demote irq_cpustat_t::__softirq_pending to u16

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 9aee5f8a7e30330d0a8f4c626dc924ca5590aba5 upstream An upcoming patch will extend KVM's L1TF mitigation in conditional mode to also cover interrupts after VMEXITs. For

[PATCH 4.14 101/104] x86/mm/pat: Make set_memory_np() L1TF safe

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 958f79b9ee55dfaf00c8106ed1c22a2919e0028b upstream set_memory_np() is used to mark kernel mappings not present, but it has it's own open coded mechanism which does not have

[PATCH 4.14 097/104] KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit 5b76a3cff011df2dcb6186c965a2e4d809a05ad4 upstream When nested virtualization is in use, VMENTER operations from the nested hypervisor into the nested guest will always be

[PATCH 4.14 102/104] x86/mm/kmmio: Make the tracer robust against L1TF

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 1063711b57393c1999248cccb57bebfaf16739e7 upstream The mmio tracer sets io mapping PTEs and PMDs to non present when enabled without inverting the address bits, which makes

[PATCH 4.14 098/104] cpu/hotplug: Fix SMT supported evaluation

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit bc2d8d262cba5736332cbc866acb11b1c5748aa9 upstream Josh reported that the late SMT evaluation in cpu_smt_state_init() sets cpu_smt_control to CPU_SMT_NOT_SUPPORTED in

[PATCH 4.14 094/104] KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit cd28325249a1ca0d771557ce823e0308ad629f98 upstream This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all requested features are available on the host.

[PATCH 4.14 076/104] x86/bugs, kvm: Introduce boot-time control of L1TF mitigations

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Jiri Kosina commit d90a7a0ec83fb86622cd7dae23255d3c50a99ec8 upstream Introduce the 'l1tf=' kernel command line option to allow for boot-time switching of mitigation that is used on processors

[PATCH 4.14 099/104] x86/speculation/l1tf: Invert all not present mappings

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit f22cc87f6c1f771b57c407555cfefd811cdd9507 upstream For kernel mappings PAGE_PROTNONE is not necessarily set for a non present mapping, but the inversion logic explicitely

[PATCH 4.14 085/104] x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 45b575c00d8e72d69d75dd8c112f044b7b01b069 upstream Part of the L1TF mitigation for vmx includes flushing the L1D cache upon VMENTRY. L1D flushes are costly and two modes

[PATCH 4.14 098/104] cpu/hotplug: Fix SMT supported evaluation

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit bc2d8d262cba5736332cbc866acb11b1c5748aa9 upstream Josh reported that the late SMT evaluation in cpu_smt_state_init() sets cpu_smt_control to CPU_SMT_NOT_SUPPORTED in

[PATCH 4.14 094/104] KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit cd28325249a1ca0d771557ce823e0308ad629f98 upstream This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all requested features are available on the host.

[PATCH 4.14 076/104] x86/bugs, kvm: Introduce boot-time control of L1TF mitigations

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Jiri Kosina commit d90a7a0ec83fb86622cd7dae23255d3c50a99ec8 upstream Introduce the 'l1tf=' kernel command line option to allow for boot-time switching of mitigation that is used on processors

[PATCH 4.14 099/104] x86/speculation/l1tf: Invert all not present mappings

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit f22cc87f6c1f771b57c407555cfefd811cdd9507 upstream For kernel mappings PAGE_PROTNONE is not necessarily set for a non present mapping, but the inversion logic explicitely

[PATCH 4.14 085/104] x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 45b575c00d8e72d69d75dd8c112f044b7b01b069 upstream Part of the L1TF mitigation for vmx includes flushing the L1D cache upon VMENTRY. L1D flushes are costly and two modes

[PATCH 4.14 075/104] cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit fee0aede6f4739c87179eca76136f83210953b86 upstream The CPU_SMT_NOT_SUPPORTED state is set (if the processor does not support SMT) when the sysfs SMT control file is

[PATCH 4.14 075/104] cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit fee0aede6f4739c87179eca76136f83210953b86 upstream The CPU_SMT_NOT_SUPPORTED state is set (if the processor does not support SMT) when the sysfs SMT control file is

[PATCH 4.14 096/104] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit 8e0b2b916662e09dd4d09e5271cdf214c6b80e62 upstream Bit 3 of ARCH_CAPABILITIES tells a hypervisor that L1D flush on vmentry is not needed. Add a new value to enum

[PATCH 4.14 095/104] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream Three changes to the content of the sysfs file: - If EPT is disabled, L1TF cannot be exploited even across threads on

[PATCH 4.14 096/104] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit 8e0b2b916662e09dd4d09e5271cdf214c6b80e62 upstream Bit 3 of ARCH_CAPABILITIES tells a hypervisor that L1D flush on vmentry is not needed. Add a new value to enum

[PATCH 4.14 095/104] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream Three changes to the content of the sysfs file: - If EPT is disabled, L1TF cannot be exploited even across threads on

[PATCH 4.14 088/104] x86/KVM/VMX: Dont set l1tf_flush_l1d from vmx_handle_external_intr()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc upstream For VMEXITs caused by external interrupts, vmx_handle_external_intr() indirectly calls into the interrupt handlers

[PATCH 4.14 089/104] Documentation/l1tf: Remove Yonah processors from not vulnerable list

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 58331136136935c631c2b5f06daf4c3006416e91 upstream Dave reported, that it's not confirmed that Yonah processors are unaffected. Remove them from the list. Reported-by:

[PATCH 4.14 088/104] x86/KVM/VMX: Dont set l1tf_flush_l1d from vmx_handle_external_intr()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc upstream For VMEXITs caused by external interrupts, vmx_handle_external_intr() indirectly calls into the interrupt handlers

[PATCH 4.14 089/104] Documentation/l1tf: Remove Yonah processors from not vulnerable list

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 58331136136935c631c2b5f06daf4c3006416e91 upstream Dave reported, that it's not confirmed that Yonah processors are unaffected. Remove them from the list. Reported-by:

[PATCH 4.14 087/104] x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit ffcba43ff66c7dab34ec700debd491d2a4d319b4 upstream The last missing piece to having vmx_l1d_flush() take interrupts after VMEXIT into account is to set the

[PATCH 4.14 086/104] x86: Dont include linux/irq.h from asm/hardirq.h

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 447ae316670230d7d29430e2cbf1f5db4f49d14c upstream The next patch in this series will have to make the definition of irq_cpustat_t available to entering_irq(). Inclusion

[PATCH 4.14 087/104] x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit ffcba43ff66c7dab34ec700debd491d2a4d319b4 upstream The last missing piece to having vmx_l1d_flush() take interrupts after VMEXIT into account is to set the

[PATCH 4.14 086/104] x86: Dont include linux/irq.h from asm/hardirq.h

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 447ae316670230d7d29430e2cbf1f5db4f49d14c upstream The next patch in this series will have to make the definition of irq_cpustat_t available to entering_irq(). Inclusion

[PATCH 4.14 031/104] x86/speculation/l1tf: Add sysfs reporting for l1tf

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 17dbca119312b4e8173d4e25ff64262119fcef38 upstream L1TF core kernel workarounds are cheap and normally always enabled, However they still should be reported in sysfs if the

[PATCH 4.14 031/104] x86/speculation/l1tf: Add sysfs reporting for l1tf

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 17dbca119312b4e8173d4e25ff64262119fcef38 upstream L1TF core kernel workarounds are cheap and normally always enabled, However they still should be reported in sysfs if the

[PATCH 4.14 071/104] x86/kvm: Add static key for flush always

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 4c6523ec59fe895ea352a650218a6be0653910b1 upstream Avoid the conditional in the L1D flush control path. Signed-off-by: Thomas Gleixner Tested-by: Jiri Kosina

[PATCH 4.14 066/104] cpu/hotplug: Online siblings when SMT control is turned on

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 215af5499d9e2b55f111d2431ea20218115f29b3 upstream Writing 'off' to /sys/devices/system/cpu/smt/control offlines all SMT siblings. Writing 'on' merily enables the

[PATCH 4.14 073/104] x86/kvm: Allow runtime control of L1D flush

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 895ae47f9918833c3a880fbccd41e0692b37e7d9 upstream All mitigation modes can be switched at run time with a static key now: - Use sysfs_streq() instead of strcmp() to

[PATCH 4.14 035/104] sched/smt: Update sched_smt_present at runtime

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Peter Zijlstra commit ba2591a5993eabcc8e874e30f361d8ffbb10d6d4 upstream The static key sched_smt_present is only updated at boot time when SMT siblings have been detected. Booting with

[PATCH 4.14 072/104] x86/kvm: Serialize L1D flush parameter setter

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit dd4bfa739a72508b75760b393d129ed7b431daab upstream Writes to the parameter files are not serialized at the sysfs core level, so local serialization is required.

[PATCH 4.14 037/104] x86/topology: Provide topology_smt_supported()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit f048c399e0f7490ab7296bc2c255d37eb14a9675 upstream Provide information whether SMT is supoorted by the CPUs. Preparatory patch for SMT control mechanism. Suggested-by:

[PATCH 4.14 036/104] x86/smp: Provide topology_is_primary_thread()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 6a4d2657e048f096c7ffcad254010bd94891c8c0 upstream If the CPU is supporting SMT then the primary thread can be found by checking the lower APIC ID bits for zero.

[PATCH 4.14 070/104] x86/kvm: Move l1tf setup function

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 7db92e165ac814487264632ab2624e832f20ae38 upstream In preparation of allowing run time control for L1D flushing, move the setup code to the module parameter handler. In

[PATCH 4.14 071/104] x86/kvm: Add static key for flush always

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 4c6523ec59fe895ea352a650218a6be0653910b1 upstream Avoid the conditional in the L1D flush control path. Signed-off-by: Thomas Gleixner Tested-by: Jiri Kosina

[PATCH 4.14 066/104] cpu/hotplug: Online siblings when SMT control is turned on

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 215af5499d9e2b55f111d2431ea20218115f29b3 upstream Writing 'off' to /sys/devices/system/cpu/smt/control offlines all SMT siblings. Writing 'on' merily enables the

[PATCH 4.14 073/104] x86/kvm: Allow runtime control of L1D flush

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 895ae47f9918833c3a880fbccd41e0692b37e7d9 upstream All mitigation modes can be switched at run time with a static key now: - Use sysfs_streq() instead of strcmp() to

[PATCH 4.14 035/104] sched/smt: Update sched_smt_present at runtime

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Peter Zijlstra commit ba2591a5993eabcc8e874e30f361d8ffbb10d6d4 upstream The static key sched_smt_present is only updated at boot time when SMT siblings have been detected. Booting with

[PATCH 4.14 072/104] x86/kvm: Serialize L1D flush parameter setter

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit dd4bfa739a72508b75760b393d129ed7b431daab upstream Writes to the parameter files are not serialized at the sysfs core level, so local serialization is required.

[PATCH 4.14 037/104] x86/topology: Provide topology_smt_supported()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit f048c399e0f7490ab7296bc2c255d37eb14a9675 upstream Provide information whether SMT is supoorted by the CPUs. Preparatory patch for SMT control mechanism. Suggested-by:

[PATCH 4.14 036/104] x86/smp: Provide topology_is_primary_thread()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 6a4d2657e048f096c7ffcad254010bd94891c8c0 upstream If the CPU is supporting SMT then the primary thread can be found by checking the lower APIC ID bits for zero.

[PATCH 4.14 070/104] x86/kvm: Move l1tf setup function

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 7db92e165ac814487264632ab2624e832f20ae38 upstream In preparation of allowing run time control for L1D flushing, move the setup code to the module parameter handler. In

[PATCH 4.14 040/104] cpu/hotplug: Provide knobs to control SMT

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 05736e4ac13c08a4a9b1ef2de26dd31a32cbee57 upstream Provide a command line and a sysfs knob to control SMT. The command line options are: 'nosmt': Enumerate

[PATCH 4.14 068/104] x86/kvm: Drop L1TF MSR list approach

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 2f055947ae5e2741fb2dc5bba1033c417ccf4faa upstream The VMX module parameter to control the L1D flush should become writeable. The MSR list is set up at VM init per

[PATCH 4.14 040/104] cpu/hotplug: Provide knobs to control SMT

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 05736e4ac13c08a4a9b1ef2de26dd31a32cbee57 upstream Provide a command line and a sysfs knob to control SMT. The command line options are: 'nosmt': Enumerate

[PATCH 4.14 068/104] x86/kvm: Drop L1TF MSR list approach

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 2f055947ae5e2741fb2dc5bba1033c417ccf4faa upstream The VMX module parameter to control the L1D flush should become writeable. The MSR list is set up at VM init per

[PATCH 4.14 039/104] cpu/hotplug: Split do_cpu_down()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit cc1fe215e1efa406b03aa4389e6269b61342dec5 upstream Split out the inner workings of do_cpu_down() to allow reuse of that function for the upcoming SMT disabling

[PATCH 4.14 039/104] cpu/hotplug: Split do_cpu_down()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit cc1fe215e1efa406b03aa4389e6269b61342dec5 upstream Split out the inner workings of do_cpu_down() to allow reuse of that function for the upcoming SMT disabling

[PATCH 4.14 038/104] cpu/hotplug: Make bringup/teardown of smp threads symmetric

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit c4de65696d865c225fda3b9913b31284ea65ea96 upstream The asymmetry caused a warning to trigger if the bootup was stopped in state CPUHP_AP_ONLINE_IDLE. The warning no

[PATCH 4.14 038/104] cpu/hotplug: Make bringup/teardown of smp threads symmetric

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit c4de65696d865c225fda3b9913b31284ea65ea96 upstream The asymmetry caused a warning to trigger if the bootup was stopped in state CPUHP_AP_ONLINE_IDLE. The warning no

[PATCH 4.14 064/104] x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 989e3992d2eca32c3f1404f2bc91acda3aa122d8 upstream The IA32_FLUSH_CMD MSR needs only to be written on VMENTER. Extend add_atomic_switch_msr() with an entry_only

[PATCH 4.14 065/104] x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 390d975e0c4e60ce70d4157e0dd91ede37824603 upstream If the L1D flush module parameter is set to 'always' and the IA32_FLUSH_CMD MSR is available, optimize the

[PATCH 4.14 064/104] x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 989e3992d2eca32c3f1404f2bc91acda3aa122d8 upstream The IA32_FLUSH_CMD MSR needs only to be written on VMENTER. Extend add_atomic_switch_msr() with an entry_only

[PATCH 4.14 065/104] x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 390d975e0c4e60ce70d4157e0dd91ede37824603 upstream If the L1D flush module parameter is set to 'always' and the IA32_FLUSH_CMD MSR is available, optimize the

[PATCH 4.14 062/104] x86/KVM/VMX: Add find_msr() helper function

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit ca83b4a7f2d068da79a029d323024aa45decb250 upstream .. to help find the MSR on either the guest or host MSR list. Signed-off-by: Konrad Rzeszutek Wilk

[PATCH 4.14 067/104] x86/litf: Introduce vmx status variable

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 72c6d2db64fa18c996ece8f06e499509e6c9a37e upstream Store the effective mitigation of VMX in a status variable and use it to report the VMX state in the l1tf sysfs file.

[PATCH 4.14 063/104] x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 3190709335dd31fe1aeeebfe4ffb6c7624ef971f upstream This allows to load a different number of MSRs depending on the context: VMEXIT or VMENTER. Signed-off-by:

[PATCH 4.14 069/104] x86/l1tf: Handle EPT disabled state proper

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 upstream If Extended Page Tables (EPT) are disabled or not supported, no L1D flushing is required. The setup function can just

[PATCH 4.14 069/104] x86/l1tf: Handle EPT disabled state proper

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 upstream If Extended Page Tables (EPT) are disabled or not supported, no L1D flushing is required. The setup function can just

[PATCH 4.14 062/104] x86/KVM/VMX: Add find_msr() helper function

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit ca83b4a7f2d068da79a029d323024aa45decb250 upstream .. to help find the MSR on either the guest or host MSR list. Signed-off-by: Konrad Rzeszutek Wilk

[PATCH 4.14 067/104] x86/litf: Introduce vmx status variable

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit 72c6d2db64fa18c996ece8f06e499509e6c9a37e upstream Store the effective mitigation of VMX in a status variable and use it to report the VMX state in the l1tf sysfs file.

[PATCH 4.14 063/104] x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 3190709335dd31fe1aeeebfe4ffb6c7624ef971f upstream This allows to load a different number of MSRs depending on the context: VMEXIT or VMENTER. Signed-off-by:

[PATCH 4.14 061/104] x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Konrad Rzeszutek Wilk commit 33966dd6b2d2c352fae55412db2ea8cfff5df13a upstream There is no semantic change but this change allows an unbalanced amount of MSRs to be loaded on VMEXIT and

[PATCH 4.14 060/104] x86/KVM/VMX: Add L1D flush logic

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Paolo Bonzini commit c595ceee45707f00f64f61c54fb64ef0cc0b4e85 upstream Add the logic for flushing L1D on VMENTER. The flush depends on the static key being enabled and the new l1tf_flush_l1d

<    3   4   5   6   7   8   9   10   11   12   >