Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1830665ybt; Thu, 2 Jul 2020 15:15:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxkvBYn9EW+zwBlxXezdSkSA0ry1BpoVZ2vcXVYEg7s/4m2H5f6WRPHib3z8SrUJTcnvo+K X-Received: by 2002:a50:9dc8:: with SMTP id l8mr37053166edk.248.1593728154064; Thu, 02 Jul 2020 15:15:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1593728154; cv=none; d=google.com; s=arc-20160816; b=JWRLCtE60u/F9HQaAS2/z51MXu2PoGeq7FfLj1kft+RM/5iAroWGAVGdqfp0/cn5Z/ dSFyqR3agPqq7RcteVqXGkdGbH1QeYooNTIRfu/Jrzz5jW07Vn2M7T7o5UBoscZtKoLf fnDYkTEA6BDn4zoJGFR4Xs6Di4e+oqJaZNKUUCxCVNh6I+VlqDysZ+RvP35zICZQfEAT 9JlYOKGN9huTJ9y/t4NqjkucwaPkyopNmSU6sC+2S8dp2q4nk7cnJXX1YkqU7apf4Oe3 BS7BHnXQuG3Q8lNkzZA/RV507BpM/LwKLrUxxdosdgvZJctwQnvcewkLMnTjl4fCEf51 gXKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:mime-version :message-id:date:dkim-signature; bh=PswgYOjFLHR50otlPxE8b2oGJ3kDUK3h2XTdWa425M0=; b=uSCjDx9+o2cG+fwWFDIoDghazTQ05hHbYlb/JE39iBZ9EY2MDpNR2jv0sKKFGIpPdU YWaTVjkGNdppSh6qY/qkYYu9ZfkQIb9iGoU3rRMss8ix2hz/SCTlRcXT+ctajLU6E8JJ 5nypViHPqwC3eu1G1UcWHd0JAYXxOnAnG5OotSvRXTSb4cQvkdJYDHxa/Ywo0L/tEPww EcPsxRhvHgxo6TOluYoWzQcMKv1xl3814a0FfDbHXnSc3YwgLT5rAGh30rdYpc3aFdQR zpZkGHI9karNeF/fcW5033XxzC2+y8CiHhWzSpw+Cjl82rYDFZntIrhlRsF6Aiw7GnRJ 6cDQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=miWQau21; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v6si6421916ejw.169.2020.07.02.15.15.31; Thu, 02 Jul 2020 15:15:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=miWQau21; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726247AbgGBWMo (ORCPT + 99 others); Thu, 2 Jul 2020 18:12:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34358 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726028AbgGBWMo (ORCPT ); Thu, 2 Jul 2020 18:12:44 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C45DBC08C5DD for ; Thu, 2 Jul 2020 15:12:43 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id j3so31610143yba.14 for ; Thu, 02 Jul 2020 15:12:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=PswgYOjFLHR50otlPxE8b2oGJ3kDUK3h2XTdWa425M0=; b=miWQau211dDj1fe/9wWIj67CDW+WofqWHYP6On71PKk8qGABIWIZgsg6QaVQF6200z 2HekYUpa8CR/8ZH0IXD751av4uDRNbhIdcY+G8Phl/p+3Ou/pfeWlUvJIgpUw6vNbPJg LxXCichKPhMD8l+s3+ilWXjoveWcdwpx0o6QwAYWJPoH19aeUDoNCx4srH8TcWuUmzbN fYmAJzSvKt/ujCua/IZfLJDHYuK1Xv568YfbiYgddoviuLdQNfo+a9eRDZ0tdhsrYygC guLIit+pK9pvWkFfP5DnA3Lng+PSZWCC4j/lTxqrdiuUGwgxuonF2SjkKQZoO7u+xJ/j XPUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=PswgYOjFLHR50otlPxE8b2oGJ3kDUK3h2XTdWa425M0=; b=CsGdPeWdHgNjGk2ZYw1yjWI5sr1GogdEmEIhzF+VpGtnKVFDlhNV6yxQw1/QZPUuE6 7JDI8ywmFMvXZY+1fMRVPMe1ShtSZALVRC6tds8GtiIalFbgP8oJ66tqcnSg+cyL0TG9 LH1kwR/BI2sJH8S2hKI0gZ2hufcfZbXu0BZTMqxro7CCeppMOMqaZUybR39VOVIoWy0Z UFUjZGpYxWPMycTlqcUscvSwTetmzfp6xbG5fx+AI30YlNHFX/5DrSjBm92ZDnHpcJV2 buR28j7N+5TRZjpQDn8WW76fvVLR9IfIohBHNtqfn7ZlqZSmm38v7YbtB0YADuyv6xHk 1ZIg== X-Gm-Message-State: AOAM531xDU3r/lympozlfyAXk4aDk4l3eniFSMZVbDurcZreCs1oTqPQ R7grjwtNEfOdd6lNm9B3i2i/nQoV5RHJkPdSd19uLRS/qxo3na2PY5lUChpvZiLkiTfr/lZ/iHx o/kH6iNIIJ65LXkKecVy0e5UIfI3HIK99h7fNxB9Y9XGuxStRtPWH59Im36PFubeexgUuNgjIzb /E1rea X-Received: by 2002:a25:38c5:: with SMTP id f188mr54720332yba.332.1593727962818; Thu, 02 Jul 2020 15:12:42 -0700 (PDT) Date: Thu, 2 Jul 2020 15:12:37 -0700 Message-Id: <20200702221237.2517080-1-abhishekbh@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.27.0.212.ge8ba1cc988-goog Subject: [PATCH v3] x86/speculation/l1tf: Add KConfig for setting the L1D cache flush mode From: Abhishek Bhardwaj To: LKML Cc: Abhishek Bhardwaj , Anthony Steinhauser , Borislav Petkov , "H. Peter Anvin" , Ingo Molnar , Jim Mattson , Joerg Roedel , Josh Poimboeuf , Mark Gross , Mike Rapoport , Paolo Bonzini , Pawan Gupta , Peter Zijlstra , Sean Christopherson , Thomas Gleixner , Tony Luck , Vitaly Kuznetsov , Waiman Long , Wanpeng Li , kvm@vger.kernel.org, x86@kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This change adds a new kernel configuration that sets the l1d cache flush setting at compile time rather than at run time. Signed-off-by: Abhishek Bhardwaj --- Changes in v3: - Change depends on to only x86_64. - Remove copy paste errors at the end of the KConfig. Changes in v2: - Fix typo in the help of the new KConfig. arch/x86/kernel/cpu/bugs.c | 8 ++++++++ arch/x86/kvm/Kconfig | 13 +++++++++++++ 2 files changed, 21 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0b71970d2d3d2..1dcc875cf5547 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1406,7 +1406,15 @@ enum l1tf_mitigations l1tf_mitigation __ro_after_init = L1TF_MITIGATION_FLUSH; #if IS_ENABLED(CONFIG_KVM_INTEL) EXPORT_SYMBOL_GPL(l1tf_mitigation); #endif +#if (CONFIG_KVM_VMENTRY_L1D_FLUSH == 1) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_NEVER; +#elif (CONFIG_KVM_VMENTRY_L1D_FLUSH == 2) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_COND; +#elif (CONFIG_KVM_VMENTRY_L1D_FLUSH == 3) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_ALWAYS; +#else enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO; +#endif EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation); /* diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index b277a2db62676..1f85374a0b812 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -107,4 +107,17 @@ config KVM_MMU_AUDIT This option adds a R/W kVM module parameter 'mmu_audit', which allows auditing of KVM MMU events at runtime. +config KVM_VMENTRY_L1D_FLUSH + int "L1D cache flush settings (1-3)" + range 1 3 + default "2" + depends on KVM && X86_64 + help + This setting determines the L1D cache flush behavior before a VMENTER. + This is similar to setting the option / parameter to + kvm-intel.vmentry_l1d_flush. + 1 - Never flush. + 2 - Conditionally flush. + 3 - Always flush. + endif # VIRTUALIZATION -- 2.27.0.212.ge8ba1cc988-goog