| From foo@baz Tue Aug 14 16:14:56 CEST 2018 |
| From: Thomas Gleixner <tglx@linutronix.de> |
| Date: Fri, 13 Jul 2018 16:23:22 +0200 |
| Subject: x86/kvm: Allow runtime control of L1D flush |
| |
| From: Thomas Gleixner <tglx@linutronix.de> |
| |
| commit 895ae47f9918833c3a880fbccd41e0692b37e7d9 upstream |
| |
| All mitigation modes can be switched at run time with a static key now: |
| |
| - Use sysfs_streq() instead of strcmp() to handle the trailing new line |
| from sysfs writes correctly. |
| - Make the static key management handle multiple invocations properly. |
| - Set the module parameter file to RW |
| |
| Signed-off-by: Thomas Gleixner <tglx@linutronix.de> |
| Tested-by: Jiri Kosina <jkosina@suse.cz> |
| Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com> |
| Link: https://lkml.kernel.org/r/20180713142322.954525119@linutronix.de |
| Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/x86/kernel/cpu/bugs.c | 2 +- |
| arch/x86/kvm/vmx.c | 13 ++++++++----- |
| 2 files changed, 9 insertions(+), 6 deletions(-) |
| |
| --- a/arch/x86/kernel/cpu/bugs.c |
| +++ b/arch/x86/kernel/cpu/bugs.c |
| @@ -638,7 +638,7 @@ void x86_spec_ctrl_setup_ap(void) |
| #define pr_fmt(fmt) "L1TF: " fmt |
| |
| #if IS_ENABLED(CONFIG_KVM_INTEL) |
| -enum vmx_l1d_flush_state l1tf_vmx_mitigation __ro_after_init = VMENTER_L1D_FLUSH_AUTO; |
| +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO; |
| EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation); |
| #endif |
| |
| --- a/arch/x86/kvm/vmx.c |
| +++ b/arch/x86/kvm/vmx.c |
| @@ -235,12 +235,15 @@ static int vmx_setup_l1d_flush(enum vmx_ |
| |
| l1tf_vmx_mitigation = l1tf; |
| |
| - if (l1tf == VMENTER_L1D_FLUSH_NEVER) |
| - return 0; |
| + if (l1tf != VMENTER_L1D_FLUSH_NEVER) |
| + static_branch_enable(&vmx_l1d_should_flush); |
| + else |
| + static_branch_disable(&vmx_l1d_should_flush); |
| |
| - static_branch_enable(&vmx_l1d_should_flush); |
| if (l1tf == VMENTER_L1D_FLUSH_ALWAYS) |
| static_branch_enable(&vmx_l1d_flush_always); |
| + else |
| + static_branch_disable(&vmx_l1d_flush_always); |
| return 0; |
| } |
| |
| @@ -250,7 +253,7 @@ static int vmentry_l1d_flush_parse(const |
| |
| if (s) { |
| for (i = 0; i < ARRAY_SIZE(vmentry_l1d_param); i++) { |
| - if (!strcmp(s, vmentry_l1d_param[i].option)) |
| + if (sysfs_streq(s, vmentry_l1d_param[i].option)) |
| return vmentry_l1d_param[i].cmd; |
| } |
| } |
| @@ -294,7 +297,7 @@ static const struct kernel_param_ops vme |
| .set = vmentry_l1d_flush_set, |
| .get = vmentry_l1d_flush_get, |
| }; |
| -module_param_cb(vmentry_l1d_flush, &vmentry_l1d_flush_ops, NULL, S_IRUGO); |
| +module_param_cb(vmentry_l1d_flush, &vmentry_l1d_flush_ops, NULL, 0644); |
| |
| #define NR_AUTOLOAD_MSRS 8 |
| |