UBUNTU: SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT

author Pawan Gupta <pawan.kumar.gupta@linux.intel.com>

Thu, 31 Oct 2019 04:28:24 +0000 (21:28 -0700)

committer Stefan Bader <stefan.bader@canonical.com>

Mon, 4 Nov 2019 17:13:17 +0000 (18:13 +0100)
author Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Thu, 31 Oct 2019 04:28:24 +0000 (21:28 -0700)
committer Stefan Bader <stefan.bader@canonical.com>
Mon, 4 Nov 2019 17:13:17 +0000 (18:13 +0100)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt

index f11e255a1c4015453d67f0508e2604649fc64e55..9333f6091c36b7d9f344044deef3812e1648d88a 100644 (file)
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2634,6 +2634,12 @@
                                                l1tf=off [X86]
                                                mds=off [X86]
                                                tsx_async_abort=off [X86]
+                                              kvm.nx_huge_pages=off [X86].
+
+                               Exceptions:
+                                              This does not have any effect on
+                                              kvm.nx_huge_pages when
+                                              kvm.nx_huge_pages=force.
  
                         auto (default)
                                 Mitigate all CPU vulnerabilities, but leave SMT
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c

index 9f08bbd0bf3aef04f50649bbd8060100b8778fd8..32b1c6136c6ae30840ad2adb0863b301f11b1d46 100644 (file)
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -6194,6 +6194,12 @@ static void kvm_set_mmio_spte_mask(void)
         kvm_mmu_set_mmio_spte_mask(mask, mask);
  }
  
+static bool get_nx_auto_mode(void)
+{
+       /* Return true when CPU has the bug, and mitigations are ON */
+       return boot_cpu_has_bug(X86_BUG_ITLB_MULTIHIT) && !cpu_mitigations_off();
+}
+
  static void __set_nx_huge_pages(bool val)
  {
         nx_huge_pages = itlb_multihit_kvm_mitigation = val;
@@ -6210,7 +6216,7 @@ static int set_nx_huge_pages(const char *val, const struct kernel_param *kp)
         else if (sysfs_streq(val, "force"))
                 new_val = 1;
         else if (sysfs_streq(val, "auto"))
-               new_val = boot_cpu_has_bug(X86_BUG_ITLB_MULTIHIT);
+               new_val = get_nx_auto_mode();
         else if (strtobool(val, &new_val) < 0)
                 return -EINVAL;
  
@@ -6240,7 +6246,7 @@ int kvm_mmu_module_init(void)
         int ret = -ENOMEM;
  
         if (nx_huge_pages == -1)
-               __set_nx_huge_pages(boot_cpu_has_bug(X86_BUG_ITLB_MULTIHIT));
+               __set_nx_huge_pages(get_nx_auto_mode());
  
         /*
          * MMU roles use union aliasing which is, generally speaking, an
author	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
	Thu, 31 Oct 2019 04:28:24 +0000 (21:28 -0700)
committer	Stefan Bader <stefan.bader@canonical.com>
	Mon, 4 Nov 2019 17:13:17 +0000 (18:13 +0100)
Documentation/admin-guide/kernel-parameters.txt		patch \| blob \| blame \| history
arch/x86/kvm/mmu.c		patch \| blob \| blame \| history