Commit 272af05e authored by Pawan Gupta's avatar Pawan Gupta Committed by Ma Wupeng
Browse files

KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests 

stable inclusion
from stable-v6.6.22
commit 4a5b5bfea063745471af6395d22ebaea8242225e
bugzilla: https://gitee.com/openeuler/kernel/issues/I99TJK

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=4a5b5bfea063745471af6395d22ebaea8242225e



--------------------------------

commit 2a0180129d726a4b953232175857d442651b55a0 upstream.

Mitigation for RFDS requires RFDS_CLEAR capability which is enumerated
by MSR_IA32_ARCH_CAPABILITIES bit 27. If the host has it set, export it
to guests so that they can deploy the mitigation.

RFDS_NO indicates that the system is not vulnerable to RFDS, export it
to guests so that they don't deploy the mitigation unnecessarily. When
the host is not affected by X86_BUG_RFDS, but has RFDS_NO=0, synthesize
RFDS_NO to the guest.

Signed-off-by: default avatarPawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
Acked-by: default avatarJosh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarZhangPeng <zhangpeng362@huawei.com>
parent 3248f8ec

arch/x86/kvm/x86.c

+4 −1
Original line number Diff line number Diff line
@@ -1667,7 +1667,8 @@ static bool kvm_is_immutable_feature_msr(u32 msr) 
	 ARCH_CAP_SKIP_VMENTRY_L1DFLUSH | ARCH_CAP_SSB_NO | ARCH_CAP_MDS_NO | \

	 ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \

	 ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \

	 ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO)

	 ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO | \

	 ARCH_CAP_RFDS_NO | ARCH_CAP_RFDS_CLEAR)



static u64 kvm_get_arch_capabilities(void)

{
@@ -1699,6 +1700,8 @@ static u64 kvm_get_arch_capabilities(void) 
		data |= ARCH_CAP_SSB_NO;

	if (!boot_cpu_has_bug(X86_BUG_MDS))

		data |= ARCH_CAP_MDS_NO;

	if (!boot_cpu_has_bug(X86_BUG_RFDS))

		data |= ARCH_CAP_RFDS_NO;



	if (!boot_cpu_has(X86_FEATURE_RTM)) {

		/*