Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1811758ybt; Thu, 2 Jul 2020 14:41:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz+UbBS0RmHQsttfS5uGlMSKmRaMEVl+uG4XBlUEXFmznVu/qnXFDO3EEo0Q1dTJkM2GC63 X-Received: by 2002:a17:906:82d2:: with SMTP id a18mr28678302ejy.522.1593726096227; Thu, 02 Jul 2020 14:41:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1593726096; cv=none; d=google.com; s=arc-20160816; b=n4+nahnmbUN5BiB9ysV2l4m+YbBunZGEUPr/mwKutmK3pF/3P8R2+vXj8IXp9I44L+ WHyJb0pOX7MSm+zXG4y4qOHTwUNDjNkRzundtw2rKoE1g6+9D/2UIpRuuvbsZMxKXSE7 5dWXumMalZ+b3zvab/TlKMqCTijTGwrcfKFyytLT9VEZwUzDj468Tyz9WjxsC3Bo59rs a3KzHEZrWFEJS3yWtScn2LxYTFMvdOdOHT7q9aETIiD3zUWBi382nnSC5j2EUosWBmcv 0r1+nd8zniY/7nBz/rocKamHG+MKo1B/M13JdGZrJm3hFeR4A49Dtb9ur3ImEREedbU5 jN+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:mime-version :message-id:date:dkim-signature; bh=3jFVmOWTZ7tfbragSeisWuV593ZLuszzQyS3jGQXGNo=; b=MVdeX/fzQZXhi1iTyTs3+JgMrZ8i2Ur1ANBIR5yuTwJ7lSWS5XmSj74kq4NH3PnwgL tAhBPflkD2Zalchg7VIGXo4fbR4pe2DbXOcDtGdxkQ6ZdfVIreq5wetouRENXfw9Ssdi DmHtqBRbpJ4RtbJBCzGBEzs8Kejr0w8+RsgeIGGv8M3FgmHgGPMGBsDNgjVEQv2oGvd3 N13hpkyk3n8rd+3WW27MsudJD+SDZQJh7lCL/aLtuO1IVTDFRzCPaNEnqWZN0hiXrOA5 7jvK0UuG4IRdOM1dI5bFL7hFe+NAiay3jrTriQcuWODJ0f4Oksq0F51cZI1DHcBqqbm6 gecA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Dk979kDT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n19si2705641edt.434.2020.07.02.14.41.13; Thu, 02 Jul 2020 14:41:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Dk979kDT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726163AbgGBViW (ORCPT + 99 others); Thu, 2 Jul 2020 17:38:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57288 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725994AbgGBViV (ORCPT ); Thu, 2 Jul 2020 17:38:21 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A80CCC08C5DD for ; Thu, 2 Jul 2020 14:38:21 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id l9so30543803ybm.20 for ; Thu, 02 Jul 2020 14:38:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=3jFVmOWTZ7tfbragSeisWuV593ZLuszzQyS3jGQXGNo=; b=Dk979kDTJeU8TS2UZalznCkhwAAk6oVDP7ehiHAWnidaRkcctFc1ICv1lZHft17wne l4FHMTIEX/Qv4t2ItkVRx0k/K4zpIs+Z97Y4aerzejJR/J4O4YnmNxURCmUxliI+kpag gEe98j4v1HfOuRViBx9LDs/PEVeK/0ex5Vd9Dkxk88L7LkSEV4UbjK3xo4bjS+qrLZHu ahE49X8pltTgTVCRAA/xfyPyLueBbXAH/o6cOBsXzJ2B0FTDBmfXvkbWXQRKNSqeivIy UtPqk0Fb9kMmzlTYNf9MYnUZIV+NtWNqc1XnvElkMjVqWlEsIA/c2FByVBxaRrVBJmL/ UIoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=3jFVmOWTZ7tfbragSeisWuV593ZLuszzQyS3jGQXGNo=; b=IlndlgbhDsGSlX7tbK/l2VLSzrVv3JLXzM1VXDiKeSt3Z8eKLNjPWn0av66pLhky7d z++geGg90IJ4kgkvHXA21TwVLfStfm7pVgDj/Qi+KsAk9X+kAD3PZ4MhDxn21wZnv9r0 JIjDvHNTKj99AkIHXpDyHVZ+pHJr9AN4iJQF5GI0h9xH2+IG6pL4577YL/iVB9wa4ryE ADsqfqfgwvMIJGR0vk+A0Jedyyjd1/ZdESmdwEG3QvTcL4/BGIs8b88fdJc9VhzDf8gf 6Niyo9NwYkMeWo1dsdYBk5Fr6UtbK1UzTtQHAg9srqXtyNc3buWrehkb4axBlekn8R8V B+qw== X-Gm-Message-State: AOAM5316WGTYrlVcHkycvj4Lf3mQlZETdlRvpqrEL9t4ytpeq+IidKwx BCuXteRfd8w2hjSpjrPei3o/b7FC7pUuPSnv54w/g186DJUb0Km21a9kFYAPIKjs5dT0VlDwcdv Hhq3X2lo5DTNQhN7UZC474eGU9gJ2wpVecjz3wTHhuYN8zyAEfB/2AuiacSyesXgtSVUdCfotgh HH48gT X-Received: by 2002:a25:9904:: with SMTP id z4mr52596021ybn.146.1593725900728; Thu, 02 Jul 2020 14:38:20 -0700 (PDT) Date: Thu, 2 Jul 2020 14:38:07 -0700 Message-Id: <20200702213807.2511503-1-abhishekbh@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.27.0.212.ge8ba1cc988-goog Subject: [PATCH v2] x86/speculation/l1tf: Add KConfig for setting the L1D cache flush mode From: Abhishek Bhardwaj To: LKML Cc: Abhishek Bhardwaj , Anthony Steinhauser , Borislav Petkov , "H. Peter Anvin" , Ingo Molnar , Jim Mattson , Joerg Roedel , Josh Poimboeuf , Mark Gross , Paolo Bonzini , Pawan Gupta , Peter Zijlstra , Sean Christopherson , Thomas Gleixner , Tony Luck , Vitaly Kuznetsov , Waiman Long , Wanpeng Li , kvm@vger.kernel.org, x86@kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This change adds a new kernel configuration that sets the l1d cache flush setting at compile time rather than at run time. Signed-off-by: Abhishek Bhardwaj --- Changes in v2: - Fix typo in the help of the new KConfig. arch/x86/kernel/cpu/bugs.c | 8 ++++++++ arch/x86/kvm/Kconfig | 17 +++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0b71970d2d3d2..1dcc875cf5547 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1406,7 +1406,15 @@ enum l1tf_mitigations l1tf_mitigation __ro_after_init = L1TF_MITIGATION_FLUSH; #if IS_ENABLED(CONFIG_KVM_INTEL) EXPORT_SYMBOL_GPL(l1tf_mitigation); #endif +#if (CONFIG_KVM_VMENTRY_L1D_FLUSH == 1) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_NEVER; +#elif (CONFIG_KVM_VMENTRY_L1D_FLUSH == 2) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_COND; +#elif (CONFIG_KVM_VMENTRY_L1D_FLUSH == 3) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_ALWAYS; +#else enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO; +#endif EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation); /* diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index b277a2db62676..d375dcedd447d 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -107,4 +107,21 @@ config KVM_MMU_AUDIT This option adds a R/W kVM module parameter 'mmu_audit', which allows auditing of KVM MMU events at runtime. +config KVM_VMENTRY_L1D_FLUSH + int "L1D cache flush settings (1-3)" + range 1 3 + default "2" + depends on KVM && X86 && X86_64 + help + This setting determines the L1D cache flush behavior before a VMENTER. + This is similar to setting the option / parameter to + kvm-intel.vmentry_l1d_flush. + 1 - Never flush. + 2 - Conditionally flush. + 3 - Always flush. + +# OK, it's a little counter-intuitive to do this, but it puts it neatly under +# the virtualization menu. +source "drivers/vhost/Kconfig" + endif # VIRTUALIZATION -- 2.27.0.212.ge8ba1cc988-goog