releases/4.9.120/x86-speculation-simplify-sysfs-report-of-vmx-l1tf-vulnerability.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From foo@baz Tue Aug 14 16:14:56 CEST 2018
 From: Paolo Bonzini <pbonzini@redhat.com>
 Date: Sun, 5 Aug 2018 16:07:45 +0200
 Subject: x86/speculation: Simplify sysfs report of VMX L1TF vulnerability

 From: Paolo Bonzini <pbonzini@redhat.com>

 commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream

 Three changes to the content of the sysfs file:

  - If EPT is disabled, L1TF cannot be exploited even across threads on the
    same core, and SMT is irrelevant.

  - If mitigation is completely disabled, and SMT is enabled, print "vulnerable"
    instead of "vulnerable, SMT vulnerable"

  - Reorder the two parts so that the main vulnerability state comes first
    and the detail on SMT is second.

 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
 Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
 Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  arch/x86/kernel/cpu/bugs.c |   12 +++++++++---
  1 file changed, 9 insertions(+), 3 deletions(-)

 --- a/arch/x86/kernel/cpu/bugs.c
 +++ b/arch/x86/kernel/cpu/bugs.c
 @@ -737,9 +737,15 @@ static ssize_t l1tf_show_state(char *buf
  	if (l1tf_vmx_mitigation == VMENTER_L1D_FLUSH_AUTO)
  		return sprintf(buf, "%s\n", L1TF_DEFAULT_MSG);

 -	return sprintf(buf, "%s; VMX: SMT %s, L1D %s\n", L1TF_DEFAULT_MSG,
 -		       cpu_smt_control == CPU_SMT_ENABLED ? "vulnerable" : "disabled",
 -		       l1tf_vmx_states[l1tf_vmx_mitigation]);
 +	if (l1tf_vmx_mitigation == VMENTER_L1D_FLUSH_EPT_DISABLED ||
 +	    (l1tf_vmx_mitigation == VMENTER_L1D_FLUSH_NEVER &&
 +	     cpu_smt_control == CPU_SMT_ENABLED))
 +		return sprintf(buf, "%s; VMX: %s\n", L1TF_DEFAULT_MSG,
 +			       l1tf_vmx_states[l1tf_vmx_mitigation]);
 +
 +	return sprintf(buf, "%s; VMX: %s, SMT %s\n", L1TF_DEFAULT_MSG,
 +		       l1tf_vmx_states[l1tf_vmx_mitigation],
 +		       cpu_smt_control == CPU_SMT_ENABLED ? "vulnerable" : "disabled");
  }
  #else
  static ssize_t l1tf_show_state(char *buf)
	From foo@baz Tue Aug 14 16:14:56 CEST 2018
	From: Paolo Bonzini <pbonzini@redhat.com>
	Date: Sun, 5 Aug 2018 16:07:45 +0200
	Subject: x86/speculation: Simplify sysfs report of VMX L1TF vulnerability

	From: Paolo Bonzini <pbonzini@redhat.com>

	commit ea156d192f5257a5bf393d33910d3b481bf8a401 upstream

	Three changes to the content of the sysfs file:

	- If EPT is disabled, L1TF cannot be exploited even across threads on the
	same core, and SMT is irrelevant.

	- If mitigation is completely disabled, and SMT is enabled, print "vulnerable"
	instead of "vulnerable, SMT vulnerable"

	- Reorder the two parts so that the main vulnerability state comes first
	and the detail on SMT is second.

	Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
	Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
	Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	---
	arch/x86/kernel/cpu/bugs.c \| 12 +++++++++---
	1 file changed, 9 insertions(+), 3 deletions(-)

	--- a/arch/x86/kernel/cpu/bugs.c
	+++ b/arch/x86/kernel/cpu/bugs.c
	@@ -737,9 +737,15 @@ static ssize_t l1tf_show_state(char *buf
	if (l1tf_vmx_mitigation == VMENTER_L1D_FLUSH_AUTO)
	return sprintf(buf, "%s\n", L1TF_DEFAULT_MSG);

	- return sprintf(buf, "%s; VMX: SMT %s, L1D %s\n", L1TF_DEFAULT_MSG,
	- cpu_smt_control == CPU_SMT_ENABLED ? "vulnerable" : "disabled",
	- l1tf_vmx_states[l1tf_vmx_mitigation]);
	+ if (l1tf_vmx_mitigation == VMENTER_L1D_FLUSH_EPT_DISABLED \|\|
	+ (l1tf_vmx_mitigation == VMENTER_L1D_FLUSH_NEVER &&
	+ cpu_smt_control == CPU_SMT_ENABLED))
	+ return sprintf(buf, "%s; VMX: %s\n", L1TF_DEFAULT_MSG,
	+ l1tf_vmx_states[l1tf_vmx_mitigation]);
	+
	+ return sprintf(buf, "%s; VMX: %s, SMT %s\n", L1TF_DEFAULT_MSG,
	+ l1tf_vmx_states[l1tf_vmx_mitigation],
	+ cpu_smt_control == CPU_SMT_ENABLED ? "vulnerable" : "disabled");
	}
	#else
	static ssize_t l1tf_show_state(char *buf)