Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp819204ybt; Wed, 8 Jul 2020 12:28:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw6q+jtJ8bKJV5jjXPT9QjATVzZLBBkm+i5pVHcvc4NtObCX9PQ4AWwCkNlCvxV5lx5wI9/ X-Received: by 2002:aa7:d802:: with SMTP id v2mr60651810edq.77.1594236511435; Wed, 08 Jul 2020 12:28:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594236511; cv=none; d=google.com; s=arc-20160816; b=AZj54vn/x14P/dEOt3VXUxBZSVz7edati5SAWvnYycn4tcZq5Sqb6tF1JMM4xXHOZU QCoYJXYxAKNLE1zYUPanmWR5sedfiy/tXKXP3gzfZrggIcpze9SpKRLIzSixVQ1zKBBO ImtDibVvkr/H7ZeV++VOhzOqJbEE9E8q6vVRH80msmfq0TOHWxnWpDvTBv+LlbapwBH2 9oFRf/0kBJnKiqU2trQ4X5b7owjTPcIhw0mdTfRY50/3Lexq8KiwK3HlXHlHRpMZqTvF UsoeToL6dWMKlGPOE40DQlK//x3DWiP353F2iAGyrASXkTjTC1sCpjFE2MfgSpZ47SqI bICg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:mime-version :message-id:date:dkim-signature; bh=M9lyp9aB5g7rtu5MiUgfbjfYjZdXTeZw0fg1xRRWYVs=; b=KVWwCPY3gHGoddKSN/hf+jAIaL6jwnEI29YfWqiIp17HxLtkR7sQBbb5bQ3yMQIYKi Qo4s4GF9EQV4pjMtYtEVhHxHFQ9W1gxR9+mXLKdDCllzPIosXJTZmvjg802IlFNKF4M2 WgrMqvzO/amaJhXqUNcmFCR1sS2rogIYdnXuknkHc4bp13IOeKgocPSfVF0Wnu+XygMy 4yJHus9QGdDrISqedzw4+rw1REBFvj/z/aDemvS6QwHTneQQK1RBDOwQKNVrBi5Eu9e2 MZPCa14M7CT1YASlCfZxrfmc4hqTK6Q0v9iy8aWx5OYKaTpwo3xMkKI6yYM1rY8M5XgZ TkZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=M8YyI1cO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c102si684517edf.216.2020.07.08.12.28.08; Wed, 08 Jul 2020 12:28:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=M8YyI1cO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725848AbgGHTZw (ORCPT + 99 others); Wed, 8 Jul 2020 15:25:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39660 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725903AbgGHTZv (ORCPT ); Wed, 8 Jul 2020 15:25:51 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 39144C08C5C1 for ; Wed, 8 Jul 2020 12:25:51 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id n11so52650080ybg.15 for ; Wed, 08 Jul 2020 12:25:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=M9lyp9aB5g7rtu5MiUgfbjfYjZdXTeZw0fg1xRRWYVs=; b=M8YyI1cOHmEenNKeoDViXyo+AQX0kE3jm3iwIVLWA4P4XH0qdh5ysQ43fTzbQyPFO1 MnbGya77iRrx6CFhaFI3kZJIVnTEX7bBL294rMqemb+dfKhEnHxAR8WMFhwGJmReM7kB ji00aDP4DTe7S5vq/p4kxMEV2m5CnVJx5xZ/25UBgFp3w4ISZyGMhTIftqZRMS1lRnnY 1CRtpf3JVllxgJcU1jTYPxlTTXNn/OiHaFA+KoY13oBNKKA6mx0OlLrLayW/DKVYPNf3 wpknbzNy1pWoLwNKWIOH2IaHKLgOF3R6o5cxD6j9tfA7ZJQOnzcgQKGxfufUl0B8rGAx FDkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=M9lyp9aB5g7rtu5MiUgfbjfYjZdXTeZw0fg1xRRWYVs=; b=CAXhOQJ6I6COlyNZnSUaqkq/P4Jm/p3dJndW3GfT82RV5kTlDy3rRQ4FNUpXxKb5mc 7wrnCjOlmWAodCw0//EyZk9YwSofGwPs6qAsfukbr1UYyJgP+RyM1nGPjfc7TwWjJgpR n+HKY0bEMIFclYOSUCsoZy8akiUr/0fCgH1Hy1cZ2TTiQy70HT+KpgcjhvL/2a6KTjbp eqxJCBUKLso55f+Teq/FyFVKQlRlVndXz9rD3YhIz5UCI2Pgzps0OHoDgA/Vl/NVMdpy 9Gjp8NZuBUg+ENtpvzvEvSrZkj/iHRDYpHtRwNi3TT3MXx5J0/l94xk5be8tQlWETF/1 pXJA== X-Gm-Message-State: AOAM531J+SeMWUKngQfdJEs+nmSTNthh0ofTW5+AlqJfgDpA1cqCb9KZ trYk6hx5irh4qVNEmASbFE7cy3a1okGLU7kLsVtBmVKGYo3fXo4svKNnFCW8oooe/Sycu5bKtV0 NBks7HI7uCEuhk8/l9gK5Ltzkvwrunlx7fvP8Z55lxHw68sKwvcsNkkoBIdr3LPizSBP1+rQxaD xzyptM X-Received: by 2002:a25:aaf1:: with SMTP id t104mr101753518ybi.163.1594236350296; Wed, 08 Jul 2020 12:25:50 -0700 (PDT) Date: Wed, 8 Jul 2020 12:25:46 -0700 Message-Id: <20200708192546.4068026-1-abhishekbh@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.27.0.383.g050319c2ae-goog Subject: [PATCH v4] x86/speculation/l1tf: Add KConfig for setting the L1D cache flush mode From: Abhishek Bhardwaj To: LKML Cc: Abhishek Bhardwaj , Anthony Steinhauser , Borislav Petkov , "H. Peter Anvin" , Ingo Molnar , Jim Mattson , Joerg Roedel , Josh Poimboeuf , Mark Gross , Mike Rapoport , Paolo Bonzini , Pawan Gupta , Peter Zijlstra , Sean Christopherson , Thomas Gleixner , Tony Luck , Vitaly Kuznetsov , Waiman Long , Wanpeng Li , kvm@vger.kernel.org, x86@kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This change adds a new kernel configuration that sets the l1d cache flush setting at compile time rather than at run time. The reasons for this change are as follows - - Kernel command line arguments are getting unwieldy. These parameters are not a scalable way to set the kernel config. They're intended as a super limited way for the bootloader to pass info to the kernel and also as a way for end users who are not compiling the kernel themselves to tweak the kernel behavior. - Also, if a user wants this setting from the start. It's a definite smell that it deserves to be a compile time thing rather than adding extra code plus whatever miniscule time at runtime to pass an extra argument. - Finally, it doesn't preclude the runtime / kernel command line way. Users are free to use those as well. Signed-off-by: Abhishek Bhardwaj --- Changes in v4: - Add motivation for the change in the commit message. Changes in v3: - Change depends on to only x86_64. - Remove copy paste errors at the end of the KConfig. Changes in v2: - Fix typo in the help of the new KConfig. arch/x86/kernel/cpu/bugs.c | 8 ++++++++ arch/x86/kvm/Kconfig | 13 +++++++++++++ 2 files changed, 21 insertions(+) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0b71970d2d3d2..1dcc875cf5547 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1406,7 +1406,15 @@ enum l1tf_mitigations l1tf_mitigation __ro_after_init = L1TF_MITIGATION_FLUSH; #if IS_ENABLED(CONFIG_KVM_INTEL) EXPORT_SYMBOL_GPL(l1tf_mitigation); #endif +#if (CONFIG_KVM_VMENTRY_L1D_FLUSH == 1) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_NEVER; +#elif (CONFIG_KVM_VMENTRY_L1D_FLUSH == 2) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_COND; +#elif (CONFIG_KVM_VMENTRY_L1D_FLUSH == 3) +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_ALWAYS; +#else enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO; +#endif EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation); /* diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index b277a2db62676..1f85374a0b812 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -107,4 +107,17 @@ config KVM_MMU_AUDIT This option adds a R/W kVM module parameter 'mmu_audit', which allows auditing of KVM MMU events at runtime. +config KVM_VMENTRY_L1D_FLUSH + int "L1D cache flush settings (1-3)" + range 1 3 + default "2" + depends on KVM && X86_64 + help + This setting determines the L1D cache flush behavior before a VMENTER. + This is similar to setting the option / parameter to + kvm-intel.vmentry_l1d_flush. + 1 - Never flush. + 2 - Conditionally flush. + 3 - Always flush. + endif # VIRTUALIZATION -- 2.27.0.383.g050319c2ae-goog