Commit 89caf575 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'x86_urgent_for_v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86 fixes from Borislav Petkov:

 - Update the 'mitigations=' kernel param documentation

 - Check the IBPB feature flag before enabling IBPB in firmware calls
   because cloud vendors' fantasy when it comes to creating guest
   configurations is unlimited

 - Unexport sev_es_ghcb_hv_call() before 5.19 releases now that HyperV
   doesn't need it anymore

 - Remove dead CONFIG_* items

* tag 'x86_urgent_for_v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed
  x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
  Revert "x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV"
  x86/configs: Update configs in x86_debug.config
parents 5e4823e6 ea304a8b

Documentation/admin-guide/kernel-parameters.txt

+2 −0
Original line number Diff line number Diff line
@@ -3176,6 +3176,7 @@ 
					       no_entry_flush [PPC]

					       no_uaccess_flush [PPC]

					       mmio_stale_data=off [X86]

					       retbleed=off [X86]



				Exceptions:

					       This does not have any effect on
@@ -3198,6 +3199,7 @@ 
					       mds=full,nosmt [X86]

					       tsx_async_abort=full,nosmt [X86]

					       mmio_stale_data=full,nosmt [X86]

					       retbleed=auto,nosmt [X86]



	mminit_loglevel=

			[KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this

arch/x86/include/asm/sev.h

+1 −6
Original line number Diff line number Diff line
@@ -72,7 +72,6 @@ static inline u64 lower_bits(u64 val, unsigned int bits) 


struct real_mode_header;

enum stack_type;

struct ghcb;



/* Early IDT entry points for #VC handler */

extern void vc_no_ghcb(void);
@@ -156,11 +155,7 @@ static __always_inline void sev_es_nmi_complete(void) 
		__sev_es_nmi_complete();

}

extern int __init sev_es_efi_map_ghcbs(pgd_t *pgd);

extern enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,

					  bool set_ghcb_msr,

					  struct es_em_ctxt *ctxt,

					  u64 exit_code, u64 exit_info_1,

					  u64 exit_info_2);



static inline int rmpadjust(unsigned long vaddr, bool rmp_psize, unsigned long attrs)

{

	int rc;

arch/x86/kernel/cpu/bugs.c

+1 −0
Original line number Diff line number Diff line
@@ -1520,6 +1520,7 @@ static void __init spectre_v2_select_mitigation(void) 
	 * enable IBRS around firmware calls.

	 */

	if (boot_cpu_has_bug(X86_BUG_RETBLEED) &&

	    boot_cpu_has(X86_FEATURE_IBPB) &&

	    (boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||

	     boot_cpu_data.x86_vendor == X86_VENDOR_HYGON)) {

arch/x86/kernel/sev-shared.c

+9 −16
Original line number Diff line number Diff line
@@ -219,9 +219,10 @@ static enum es_result verify_exception_info(struct ghcb *ghcb, struct es_em_ctxt 
	return ES_VMM_ERROR;

}



enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, bool set_ghcb_msr,

				   struct es_em_ctxt *ctxt, u64 exit_code,

				   u64 exit_info_1, u64 exit_info_2)

static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb,

					  struct es_em_ctxt *ctxt,

					  u64 exit_code, u64 exit_info_1,

					  u64 exit_info_2)

{

	/* Fill in protocol and format specifiers */

	ghcb->protocol_version = ghcb_version;
@@ -231,14 +232,7 @@ enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, bool set_ghcb_msr, 
	ghcb_set_sw_exit_info_1(ghcb, exit_info_1);

	ghcb_set_sw_exit_info_2(ghcb, exit_info_2);



	/*

	 * Hyper-V unenlightened guests use a paravisor for communicating and

	 * GHCB pages are being allocated and set up by that paravisor. Linux

	 * should not change the GHCB page's physical address.

	 */

	if (set_ghcb_msr)

	sev_es_wr_ghcb_msr(__pa(ghcb));



	VMGEXIT();



	return verify_exception_info(ghcb, ctxt);
@@ -795,7 +789,7 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) 
		 */

		sw_scratch = __pa(ghcb) + offsetof(struct ghcb, shared_buffer);

		ghcb_set_sw_scratch(ghcb, sw_scratch);

		ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_IOIO,

		ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_IOIO,

					  exit_info_1, exit_info_2);

		if (ret != ES_OK)

			return ret;
@@ -837,8 +831,7 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt) 


		ghcb_set_rax(ghcb, rax);



		ret = sev_es_ghcb_hv_call(ghcb, true, ctxt,

					  SVM_EXIT_IOIO, exit_info_1, 0);

		ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_IOIO, exit_info_1, 0);

		if (ret != ES_OK)

			return ret;
@@ -894,7 +887,7 @@ static enum es_result vc_handle_cpuid(struct ghcb *ghcb, 
		/* xgetbv will cause #GP - use reset value for xcr0 */

		ghcb_set_xcr0(ghcb, 1);



	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_CPUID, 0, 0);

	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_CPUID, 0, 0);

	if (ret != ES_OK)

		return ret;
@@ -919,7 +912,7 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, 
	bool rdtscp = (exit_code == SVM_EXIT_RDTSCP);

	enum es_result ret;



	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, exit_code, 0, 0);

	ret = sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, 0, 0);

	if (ret != ES_OK)

		return ret;

arch/x86/kernel/sev.c

+8 −9
Original line number Diff line number Diff line
@@ -786,7 +786,7 @@ static int vmgexit_psc(struct snp_psc_desc *desc) 
		ghcb_set_sw_scratch(ghcb, (u64)__pa(data));



		/* This will advance the shared buffer data points to. */

		ret = sev_es_ghcb_hv_call(ghcb, true, &ctxt, SVM_VMGEXIT_PSC, 0, 0);

		ret = sev_es_ghcb_hv_call(ghcb, &ctxt, SVM_VMGEXIT_PSC, 0, 0);



		/*

		 * Page State Change VMGEXIT can pass error code through
@@ -1212,8 +1212,7 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt) 
		ghcb_set_rdx(ghcb, regs->dx);

	}



	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_MSR,

				  exit_info_1, 0);

	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_MSR, exit_info_1, 0);



	if ((ret == ES_OK) && (!exit_info_1)) {

		regs->ax = ghcb->save.rax;
@@ -1452,7 +1451,7 @@ static enum es_result vc_do_mmio(struct ghcb *ghcb, struct es_em_ctxt *ctxt, 


	ghcb_set_sw_scratch(ghcb, ghcb_pa + offsetof(struct ghcb, shared_buffer));



	return sev_es_ghcb_hv_call(ghcb, true, ctxt, exit_code, exit_info_1, exit_info_2);

	return sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, exit_info_1, exit_info_2);

}



/*
@@ -1628,7 +1627,7 @@ static enum es_result vc_handle_dr7_write(struct ghcb *ghcb, 


	/* Using a value of 0 for ExitInfo1 means RAX holds the value */

	ghcb_set_rax(ghcb, val);

	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_WRITE_DR7, 0, 0);

	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_WRITE_DR7, 0, 0);

	if (ret != ES_OK)

		return ret;
@@ -1658,7 +1657,7 @@ static enum es_result vc_handle_dr7_read(struct ghcb *ghcb, 
static enum es_result vc_handle_wbinvd(struct ghcb *ghcb,

				       struct es_em_ctxt *ctxt)

{

	return sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_WBINVD, 0, 0);

	return sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_WBINVD, 0, 0);

}



static enum es_result vc_handle_rdpmc(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
@@ -1667,7 +1666,7 @@ static enum es_result vc_handle_rdpmc(struct ghcb *ghcb, struct es_em_ctxt *ctxt 


	ghcb_set_rcx(ghcb, ctxt->regs->cx);



	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_RDPMC, 0, 0);

	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_RDPMC, 0, 0);

	if (ret != ES_OK)

		return ret;
@@ -1708,7 +1707,7 @@ static enum es_result vc_handle_vmmcall(struct ghcb *ghcb, 
	if (x86_platform.hyper.sev_es_hcall_prepare)

		x86_platform.hyper.sev_es_hcall_prepare(ghcb, ctxt->regs);



	ret = sev_es_ghcb_hv_call(ghcb, true, ctxt, SVM_EXIT_VMMCALL, 0, 0);

	ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_VMMCALL, 0, 0);

	if (ret != ES_OK)

		return ret;
@@ -2197,7 +2196,7 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned 
		ghcb_set_rbx(ghcb, input->data_npages);

	}



	ret = sev_es_ghcb_hv_call(ghcb, true, &ctxt, exit_code, input->req_gpa, input->resp_gpa);

	ret = sev_es_ghcb_hv_call(ghcb, &ctxt, exit_code, input->req_gpa, input->resp_gpa);

	if (ret)

		goto e_put;