4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Andrey Konovalov
commit 12c8f25a016dff69ee284aa3338bebfd2cfcba33 upstream.
KASAN uses the __no_sanitize_address macro to disable instrumentation of
particular functions. Right now it's
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Andrey Konovalov
commit 12c8f25a016dff69ee284aa3338bebfd2cfcba33 upstream.
KASAN uses the __no_sanitize_address macro to disable instrumentation of
particular functions. Right now it's
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Theodore Ts'o
commit 5012284700775a4e6e3fbe7eac4c543c4874b559 upstream.
Commit 8844618d8aa7: "ext4: only look at the bg_flags field if it is
valid" will complain if block group zero does not
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Helge Deller
commit 66509a276c8c1d19ee3f661a41b418d101c57d29 upstream.
Enable the -mlong-calls compiler option by default, because otherwise in most
cases linking the vmlinux binary fails due
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Theodore Ts'o
commit 5012284700775a4e6e3fbe7eac4c543c4874b559 upstream.
Commit 8844618d8aa7: "ext4: only look at the bg_flags field if it is
valid" will complain if block group zero does not
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Helge Deller
commit 66509a276c8c1d19ee3f661a41b418d101c57d29 upstream.
Enable the -mlong-calls compiler option by default, because otherwise in most
cases linking the vmlinux binary fails due
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Tadeusz Struk
commit 3ab2011ea368ec3433ad49e1b9e1c7b70d2e65df upstream.
There is a race condition in tpm_common_write function allowing
two threads on the same /dev/tpm, or two different
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Tadeusz Struk
commit 3ab2011ea368ec3433ad49e1b9e1c7b70d2e65df upstream.
There is a race condition in tpm_common_write function allowing
two threads on the same /dev/tpm, or two different
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 5b6ccc6c3b1a477fbac9ec97a0b4c1c48e765209 upstream
Currently, vmx_vcpu_run() checks if l1tf_flush_l1d is set and invokes
vmx_l1d_flush() if so.
This test is unncessary
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Jiri Kosina
commit 8e1b706b6e819bed215c0db16345568864660393 upstream
The L1TF mitigation will gain a commend line parameter which allows to set
a combination of hypervisor mitigation and SMT
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 5b6ccc6c3b1a477fbac9ec97a0b4c1c48e765209 upstream
Currently, vmx_vcpu_run() checks if l1tf_flush_l1d is set and invokes
vmx_l1d_flush() if so.
This test is unncessary
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Jiri Kosina
commit 8e1b706b6e819bed215c0db16345568864660393 upstream
The L1TF mitigation will gain a commend line parameter which allows to set
a combination of hypervisor mitigation and SMT
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 427362a142441f08051369db6fbe7f61c73b3dca upstream
The vmx_l1d_flush_always static key is only ever evaluated if
vmx_l1d_should_flush is enabled. In that case however,
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 427362a142441f08051369db6fbe7f61c73b3dca upstream
The vmx_l1d_flush_always static key is only ever evaluated if
vmx_l1d_should_flush is enabled. In that case however,
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: David Woodhouse
commit e24f14b0ff985f3e09e573ba1134bfdf42987e05 upstream
Signed-off-by: David Woodhouse
Signed-off-by: Greg Kroah-Hartman
---
tools/arch/x86/include/asm/cpufeatures.h |
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Josh Poimboeuf
commit 07d981ad4cf1e78361c6db1c28ee5ba105f96cc1 upstream
The kernel unnecessarily prevents late microcode loading when SMT is
disabled. It should be safe to allow it if all
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 0768f91530ff46683e0b372df14fd79fe8d156e5 upstream
Some cases in THP like:
- MADV_FREE
- mprotect
- split
mark the PMD non present for temporarily to prevent races.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 3ec8ce5d866ec6a08a9cfab82b62acf4a830b35f upstream
Add documentation for the L1TF vulnerability and the mitigation mechanisms:
- Explain the problem and risks
-
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: David Woodhouse
commit e24f14b0ff985f3e09e573ba1134bfdf42987e05 upstream
Signed-off-by: David Woodhouse
Signed-off-by: Greg Kroah-Hartman
---
tools/arch/x86/include/asm/cpufeatures.h |
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Josh Poimboeuf
commit 07d981ad4cf1e78361c6db1c28ee5ba105f96cc1 upstream
The kernel unnecessarily prevents late microcode loading when SMT is
disabled. It should be safe to allow it if all
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 0768f91530ff46683e0b372df14fd79fe8d156e5 upstream
Some cases in THP like:
- MADV_FREE
- mprotect
- split
mark the PMD non present for temporarily to prevent races.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 3ec8ce5d866ec6a08a9cfab82b62acf4a830b35f upstream
Add documentation for the L1TF vulnerability and the mitigation mechanisms:
- Explain the problem and risks
-
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Josh Poimboeuf
commit 73d5e2b472640b1fcdb61ae8be389912ef211bda upstream
If SMT is disabled in BIOS, the CPU code doesn't properly detect it.
The /sys/devices/system/cpu/smt/control file shows
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 288d152c23dcf3c09da46c5c481903ca10ebfef7 upstream
The slow path in vmx_l1d_flush() reads from vmx_l1d_flush_pages in order
to evict the L1d cache.
However, these pages
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 379fd0c7e6a391e5565336a646f19f218fb98c6c upstream
vmx_l1d_flush() gets invoked only if l1tf_flush_l1d is true. There's no
point in setting l1tf_flush_l1d to true from
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Josh Poimboeuf
commit 73d5e2b472640b1fcdb61ae8be389912ef211bda upstream
If SMT is disabled in BIOS, the CPU code doesn't properly detect it.
The /sys/devices/system/cpu/smt/control file shows
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 288d152c23dcf3c09da46c5c481903ca10ebfef7 upstream
The slow path in vmx_l1d_flush() reads from vmx_l1d_flush_pages in order
to evict the L1d cache.
However, these pages
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 379fd0c7e6a391e5565336a646f19f218fb98c6c upstream
vmx_l1d_flush() gets invoked only if l1tf_flush_l1d is true. There's no
point in setting l1tf_flush_l1d to true from
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 9aee5f8a7e30330d0a8f4c626dc924ca5590aba5 upstream
An upcoming patch will extend KVM's L1TF mitigation in conditional mode
to also cover interrupts after VMEXITs. For
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 958f79b9ee55dfaf00c8106ed1c22a2919e0028b upstream
set_memory_np() is used to mark kernel mappings not present, but it has
it's own open coded mechanism which does not have
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 5b76a3cff011df2dcb6186c965a2e4d809a05ad4 upstream
When nested virtualization is in use, VMENTER operations from the nested
hypervisor into the nested guest will always be
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 1063711b57393c1999248cccb57bebfaf16739e7 upstream
The mmio tracer sets io mapping PTEs and PMDs to non present when enabled
without inverting the address bits, which makes
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 9aee5f8a7e30330d0a8f4c626dc924ca5590aba5 upstream
An upcoming patch will extend KVM's L1TF mitigation in conditional mode
to also cover interrupts after VMEXITs. For
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 958f79b9ee55dfaf00c8106ed1c22a2919e0028b upstream
set_memory_np() is used to mark kernel mappings not present, but it has
it's own open coded mechanism which does not have
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 5b76a3cff011df2dcb6186c965a2e4d809a05ad4 upstream
When nested virtualization is in use, VMENTER operations from the nested
hypervisor into the nested guest will always be
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 1063711b57393c1999248cccb57bebfaf16739e7 upstream
The mmio tracer sets io mapping PTEs and PMDs to non present when enabled
without inverting the address bits, which makes
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit bc2d8d262cba5736332cbc866acb11b1c5748aa9 upstream
Josh reported that the late SMT evaluation in cpu_smt_state_init() sets
cpu_smt_control to CPU_SMT_NOT_SUPPORTED in
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit cd28325249a1ca0d771557ce823e0308ad629f98 upstream
This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all
requested features are available on the host.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Jiri Kosina
commit d90a7a0ec83fb86622cd7dae23255d3c50a99ec8 upstream
Introduce the 'l1tf=' kernel command line option to allow for boot-time
switching of mitigation that is used on processors
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit f22cc87f6c1f771b57c407555cfefd811cdd9507 upstream
For kernel mappings PAGE_PROTNONE is not necessarily set for a non present
mapping, but the inversion logic explicitely
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 45b575c00d8e72d69d75dd8c112f044b7b01b069 upstream
Part of the L1TF mitigation for vmx includes flushing the L1D cache upon
VMENTRY.
L1D flushes are costly and two modes
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit bc2d8d262cba5736332cbc866acb11b1c5748aa9 upstream
Josh reported that the late SMT evaluation in cpu_smt_state_init() sets
cpu_smt_control to CPU_SMT_NOT_SUPPORTED in
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit cd28325249a1ca0d771557ce823e0308ad629f98 upstream
This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all
requested features are available on the host.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Jiri Kosina
commit d90a7a0ec83fb86622cd7dae23255d3c50a99ec8 upstream
Introduce the 'l1tf=' kernel command line option to allow for boot-time
switching of mitigation that is used on processors
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit f22cc87f6c1f771b57c407555cfefd811cdd9507 upstream
For kernel mappings PAGE_PROTNONE is not necessarily set for a non present
mapping, but the inversion logic explicitely
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 45b575c00d8e72d69d75dd8c112f044b7b01b069 upstream
Part of the L1TF mitigation for vmx includes flushing the L1D cache upon
VMENTRY.
L1D flushes are costly and two modes
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit fee0aede6f4739c87179eca76136f83210953b86 upstream
The CPU_SMT_NOT_SUPPORTED state is set (if the processor does not support
SMT) when the sysfs SMT control file is
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit fee0aede6f4739c87179eca76136f83210953b86 upstream
The CPU_SMT_NOT_SUPPORTED state is set (if the processor does not support
SMT) when the sysfs SMT control file is
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 8e0b2b916662e09dd4d09e5271cdf214c6b80e62 upstream
Bit 3 of ARCH_CAPABILITIES tells a hypervisor that L1D flush on vmentry is
not needed. Add a new value to enum
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream
Three changes to the content of the sysfs file:
- If EPT is disabled, L1TF cannot be exploited even across threads on
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 8e0b2b916662e09dd4d09e5271cdf214c6b80e62 upstream
Bit 3 of ARCH_CAPABILITIES tells a hypervisor that L1D flush on vmentry is
not needed. Add a new value to enum
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream
Three changes to the content of the sysfs file:
- If EPT is disabled, L1TF cannot be exploited even across threads on
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc upstream
For VMEXITs caused by external interrupts, vmx_handle_external_intr()
indirectly calls into the interrupt handlers
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 58331136136935c631c2b5f06daf4c3006416e91 upstream
Dave reported, that it's not confirmed that Yonah processors are
unaffected. Remove them from the list.
Reported-by:
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc upstream
For VMEXITs caused by external interrupts, vmx_handle_external_intr()
indirectly calls into the interrupt handlers
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 58331136136935c631c2b5f06daf4c3006416e91 upstream
Dave reported, that it's not confirmed that Yonah processors are
unaffected. Remove them from the list.
Reported-by:
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit ffcba43ff66c7dab34ec700debd491d2a4d319b4 upstream
The last missing piece to having vmx_l1d_flush() take interrupts after
VMEXIT into account is to set the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 447ae316670230d7d29430e2cbf1f5db4f49d14c upstream
The next patch in this series will have to make the definition of
irq_cpustat_t available to entering_irq().
Inclusion
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit ffcba43ff66c7dab34ec700debd491d2a4d319b4 upstream
The last missing piece to having vmx_l1d_flush() take interrupts after
VMEXIT into account is to set the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicolai Stange
commit 447ae316670230d7d29430e2cbf1f5db4f49d14c upstream
The next patch in this series will have to make the definition of
irq_cpustat_t available to entering_irq().
Inclusion
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 17dbca119312b4e8173d4e25ff64262119fcef38 upstream
L1TF core kernel workarounds are cheap and normally always enabled, However
they still should be reported in sysfs if the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andi Kleen
commit 17dbca119312b4e8173d4e25ff64262119fcef38 upstream
L1TF core kernel workarounds are cheap and normally always enabled, However
they still should be reported in sysfs if the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 4c6523ec59fe895ea352a650218a6be0653910b1 upstream
Avoid the conditional in the L1D flush control path.
Signed-off-by: Thomas Gleixner
Tested-by: Jiri Kosina
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 215af5499d9e2b55f111d2431ea20218115f29b3 upstream
Writing 'off' to /sys/devices/system/cpu/smt/control offlines all SMT
siblings. Writing 'on' merily enables the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 895ae47f9918833c3a880fbccd41e0692b37e7d9 upstream
All mitigation modes can be switched at run time with a static key now:
- Use sysfs_streq() instead of strcmp() to
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Peter Zijlstra
commit ba2591a5993eabcc8e874e30f361d8ffbb10d6d4 upstream
The static key sched_smt_present is only updated at boot time when SMT
siblings have been detected. Booting with
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit dd4bfa739a72508b75760b393d129ed7b431daab upstream
Writes to the parameter files are not serialized at the sysfs core
level, so local serialization is required.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit f048c399e0f7490ab7296bc2c255d37eb14a9675 upstream
Provide information whether SMT is supoorted by the CPUs. Preparatory patch
for SMT control mechanism.
Suggested-by:
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 6a4d2657e048f096c7ffcad254010bd94891c8c0 upstream
If the CPU is supporting SMT then the primary thread can be found by
checking the lower APIC ID bits for zero.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 7db92e165ac814487264632ab2624e832f20ae38 upstream
In preparation of allowing run time control for L1D flushing, move the
setup code to the module parameter handler.
In
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 4c6523ec59fe895ea352a650218a6be0653910b1 upstream
Avoid the conditional in the L1D flush control path.
Signed-off-by: Thomas Gleixner
Tested-by: Jiri Kosina
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 215af5499d9e2b55f111d2431ea20218115f29b3 upstream
Writing 'off' to /sys/devices/system/cpu/smt/control offlines all SMT
siblings. Writing 'on' merily enables the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 895ae47f9918833c3a880fbccd41e0692b37e7d9 upstream
All mitigation modes can be switched at run time with a static key now:
- Use sysfs_streq() instead of strcmp() to
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Peter Zijlstra
commit ba2591a5993eabcc8e874e30f361d8ffbb10d6d4 upstream
The static key sched_smt_present is only updated at boot time when SMT
siblings have been detected. Booting with
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit dd4bfa739a72508b75760b393d129ed7b431daab upstream
Writes to the parameter files are not serialized at the sysfs core
level, so local serialization is required.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit f048c399e0f7490ab7296bc2c255d37eb14a9675 upstream
Provide information whether SMT is supoorted by the CPUs. Preparatory patch
for SMT control mechanism.
Suggested-by:
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 6a4d2657e048f096c7ffcad254010bd94891c8c0 upstream
If the CPU is supporting SMT then the primary thread can be found by
checking the lower APIC ID bits for zero.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 7db92e165ac814487264632ab2624e832f20ae38 upstream
In preparation of allowing run time control for L1D flushing, move the
setup code to the module parameter handler.
In
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 05736e4ac13c08a4a9b1ef2de26dd31a32cbee57 upstream
Provide a command line and a sysfs knob to control SMT.
The command line options are:
'nosmt': Enumerate
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 2f055947ae5e2741fb2dc5bba1033c417ccf4faa upstream
The VMX module parameter to control the L1D flush should become
writeable.
The MSR list is set up at VM init per
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 05736e4ac13c08a4a9b1ef2de26dd31a32cbee57 upstream
Provide a command line and a sysfs knob to control SMT.
The command line options are:
'nosmt': Enumerate
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 2f055947ae5e2741fb2dc5bba1033c417ccf4faa upstream
The VMX module parameter to control the L1D flush should become
writeable.
The MSR list is set up at VM init per
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit cc1fe215e1efa406b03aa4389e6269b61342dec5 upstream
Split out the inner workings of do_cpu_down() to allow reuse of that
function for the upcoming SMT disabling
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit cc1fe215e1efa406b03aa4389e6269b61342dec5 upstream
Split out the inner workings of do_cpu_down() to allow reuse of that
function for the upcoming SMT disabling
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit c4de65696d865c225fda3b9913b31284ea65ea96 upstream
The asymmetry caused a warning to trigger if the bootup was stopped in state
CPUHP_AP_ONLINE_IDLE. The warning no
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit c4de65696d865c225fda3b9913b31284ea65ea96 upstream
The asymmetry caused a warning to trigger if the bootup was stopped in state
CPUHP_AP_ONLINE_IDLE. The warning no
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 989e3992d2eca32c3f1404f2bc91acda3aa122d8 upstream
The IA32_FLUSH_CMD MSR needs only to be written on VMENTER. Extend
add_atomic_switch_msr() with an entry_only
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 390d975e0c4e60ce70d4157e0dd91ede37824603 upstream
If the L1D flush module parameter is set to 'always' and the IA32_FLUSH_CMD
MSR is available, optimize the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 989e3992d2eca32c3f1404f2bc91acda3aa122d8 upstream
The IA32_FLUSH_CMD MSR needs only to be written on VMENTER. Extend
add_atomic_switch_msr() with an entry_only
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 390d975e0c4e60ce70d4157e0dd91ede37824603 upstream
If the L1D flush module parameter is set to 'always' and the IA32_FLUSH_CMD
MSR is available, optimize the
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit ca83b4a7f2d068da79a029d323024aa45decb250 upstream
.. to help find the MSR on either the guest or host MSR list.
Signed-off-by: Konrad Rzeszutek Wilk
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 72c6d2db64fa18c996ece8f06e499509e6c9a37e upstream
Store the effective mitigation of VMX in a status variable and use it to
report the VMX state in the l1tf sysfs file.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 3190709335dd31fe1aeeebfe4ffb6c7624ef971f upstream
This allows to load a different number of MSRs depending on the context:
VMEXIT or VMENTER.
Signed-off-by:
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 upstream
If Extended Page Tables (EPT) are disabled or not supported, no L1D
flushing is required. The setup function can just
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 upstream
If Extended Page Tables (EPT) are disabled or not supported, no L1D
flushing is required. The setup function can just
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit ca83b4a7f2d068da79a029d323024aa45decb250 upstream
.. to help find the MSR on either the guest or host MSR list.
Signed-off-by: Konrad Rzeszutek Wilk
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 72c6d2db64fa18c996ece8f06e499509e6c9a37e upstream
Store the effective mitigation of VMX in a status variable and use it to
report the VMX state in the l1tf sysfs file.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 3190709335dd31fe1aeeebfe4ffb6c7624ef971f upstream
This allows to load a different number of MSRs depending on the context:
VMEXIT or VMENTER.
Signed-off-by:
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 33966dd6b2d2c352fae55412db2ea8cfff5df13a upstream
There is no semantic change but this change allows an unbalanced amount of
MSRs to be loaded on VMEXIT and
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit c595ceee45707f00f64f61c54fb64ef0cc0b4e85 upstream
Add the logic for flushing L1D on VMENTER. The flush depends on the static
key being enabled and the new l1tf_flush_l1d
701 - 800 of 1640 matches
Mail list logo