[GIT pull] x86/pti updates for 4.17

Sat, 26 May 2018 13:10:22 -0700 

Linus,

please pull the latest x86-pti-for-linus git tree from:

   git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86-pti-for-linus

Two fixes for the SSBD mitigation code:

 - Expose SSBD properly to guests. This got broken when the CPU feature
   flags got reshuffled.

 - Simplify the CPU detection logic to avoid duplicate entries in the
   tables.

Thanks,

        tglx

------------------>
Dominik Brodowski (1):
      x86/speculation: Simplify the CPU bug detection logic

Konrad Rzeszutek Wilk (1):
      KVM/VMX: Expose SSBD properly to guests


 arch/x86/kernel/cpu/common.c | 22 +++++++---------------
 arch/x86/kvm/cpuid.c         |  4 ++--
 2 files changed, 9 insertions(+), 17 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 78decc3e3067..38276f58d3bf 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -942,12 +942,8 @@ static const __initconst struct x86_cpu_id 
cpu_no_meltdown[] = {
        {}
 };
 
+/* Only list CPUs which speculate but are non susceptible to SSB */
 static const __initconst struct x86_cpu_id cpu_no_spec_store_bypass[] = {
-       { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_PINEVIEW        },
-       { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_LINCROFT        },
-       { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_PENWELL         },
-       { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_CLOVERVIEW      },
-       { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_CEDARVIEW       },
        { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_SILVERMONT1     },
        { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_AIRMONT         },
        { X86_VENDOR_INTEL,     6,      INTEL_FAM6_ATOM_SILVERMONT2     },
@@ -955,14 +951,10 @@ static const __initconst struct x86_cpu_id 
cpu_no_spec_store_bypass[] = {
        { X86_VENDOR_INTEL,     6,      INTEL_FAM6_CORE_YONAH           },
        { X86_VENDOR_INTEL,     6,      INTEL_FAM6_XEON_PHI_KNL         },
        { X86_VENDOR_INTEL,     6,      INTEL_FAM6_XEON_PHI_KNM         },
-       { X86_VENDOR_CENTAUR,   5,                                      },
-       { X86_VENDOR_INTEL,     5,                                      },
-       { X86_VENDOR_NSC,       5,                                      },
        { X86_VENDOR_AMD,       0x12,                                   },
        { X86_VENDOR_AMD,       0x11,                                   },
        { X86_VENDOR_AMD,       0x10,                                   },
        { X86_VENDOR_AMD,       0xf,                                    },
-       { X86_VENDOR_ANY,       4,                                      },
        {}
 };
 
@@ -970,6 +962,12 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
 {
        u64 ia32_cap = 0;
 
+       if (x86_match_cpu(cpu_no_speculation))
+               return;
+
+       setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
+       setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
+
        if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES))
                rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap);
 
@@ -977,12 +975,6 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
           !(ia32_cap & ARCH_CAP_SSB_NO))
                setup_force_cpu_bug(X86_BUG_SPEC_STORE_BYPASS);
 
-       if (x86_match_cpu(cpu_no_speculation))
-               return;
-
-       setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
-       setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
-
        if (x86_match_cpu(cpu_no_meltdown))
                return;
 
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index ced851169730..598461e24be3 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -407,8 +407,8 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 
*entry, u32 function,
 
        /* cpuid 7.0.edx*/
        const u32 kvm_cpuid_7_0_edx_x86_features =
-               F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) | F(SSBD) |
-               F(ARCH_CAPABILITIES);
+               F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) |
+               F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES);
 
        /* all calls to cpuid_count() should be made on the same cpu */
        get_cpu();

Reply via email to