mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 04:47:05 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86/kvm
History
Pawan Gupta 1c42ff893a x86/bhi: Mitigate KVM by default 
commit 95a6ccbdc7 upstream.

BHI mitigation mode spectre_bhi=auto does not deploy the software
mitigation by default. In a cloud environment, it is a likely scenario
where userspace is trusted but the guests are not trusted. Deploying
system wide mitigation in such cases is not desirable.

Update the auto mode to unconditionally mitigate against malicious
guests. Deploy the software sequence at VMexit in auto mode also, when
hardware mitigation is not available. Unlike the force =on mode,
software sequence is not deployed at syscalls in auto mode.

Suggested-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-04-10 16:36:08 +02:00
..
mmu mm/treewide: replace pud_large() with pud_leaf() 2024-04-10 16:35:46 +02:00
svm KVM: SVM: Add support for allowing zero SEV ASIDs 2024-04-10 16:35:57 +02:00
vmx x86/bhi: Mitigate KVM by default 2024-04-10 16:36:08 +02:00
.gitignore KVM: x86: use a separate asm-offsets.c file 2022-11-09 12:10:17 -05:00
cpuid.c KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace 2024-04-03 15:28:15 +02:00
cpuid.h KVM: x86: Add a framework for enabling KVM-governed x86 features 2023-08-17 11:38:27 -07:00
debugfs.c KVM: x86: Unify pr_fmt to use module name for all KVM modules 2022-12-29 15:47:35 -05:00
emulate.c KVM: x86: Remove break statements that will never be executed 2023-08-17 11:28:00 -07:00
fpu.h
governed_features.h KVM: nSVM: Use KVM-governed feature framework to track "vNMI enabled" 2023-08-17 11:43:31 -07:00
hyperv.c KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space 2023-11-28 17:19:56 +00:00
hyperv.h KVM: x86: Hyper-V invariant TSC control 2022-12-29 15:33:29 -05:00
i8254.c KVM: x86: Unify pr_fmt to use module name for all KVM modules 2022-12-29 15:47:35 -05:00
i8254.h KVM: x86: PIT: Preserve state of speaker port data bit 2022-06-08 13:06:20 -04:00
i8259.c KVM: x86: Fix poll command 2023-06-01 13:44:13 -07:00
ioapic.c KVM: x86/ioapic: Resample the pending state of an IRQ when unmasking 2023-03-27 10:13:28 -04:00
ioapic.h
irq.c KVM: x86: Unify pr_fmt to use module name for all KVM modules 2022-12-29 15:47:35 -05:00
irq.h
irq_comm.c KVM: x86: Unify pr_fmt to use module name for all KVM modules 2022-12-29 15:47:35 -05:00
Kconfig KVM: x86/mmu: Replace MMU_DEBUG with proper KVM_PROVE_MMU Kconfig 2023-08-31 13:48:47 -04:00
kvm-asm-offsets.c KVM: SVM: move MSR_IA32_SPEC_CTRL save/restore to assembly 2022-11-09 12:25:53 -05:00
kvm_cache_regs.h KVM: x86: Add helpers to query individual CR0/CR4 bits 2023-03-22 10:10:53 -07:00
kvm_emulate.h KVM: x86: Remove x86_emulate_ops::guest_has_long_mode 2023-08-02 15:47:27 -07:00
kvm_onhyperv.c KVM: x86/mmu: Move filling of Hyper-V's TLB range struct into Hyper-V code 2023-04-10 15:17:29 -07:00
kvm_onhyperv.h s390: 2023-05-01 12:06:20 -07:00
lapic.c KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled 2024-04-03 15:28:24 +02:00
lapic.h KVM: x86: Split out logic to generate "readable" APIC regs mask to helper 2023-01-24 10:04:35 -08:00
Makefile KVM: x86: Introduce .hv_inject_synthetic_vmexit_post_tlb_flush() nested hook 2022-11-18 12:59:13 -05:00
mmu.h KVM: x86/mmu: Don't bounce through page-track mechanism for guest PTEs 2023-08-31 13:49:00 -04:00
mtrr.c KVM: x86: Make kvm_mtrr_valid() static now that there are no external users 2023-06-01 13:41:06 -07:00
pmu.c KVM: x86/pmu: Reset the PMU, i.e. stop counters, before refreshing 2024-01-25 15:35:48 -08:00
pmu.h KVM: x86/pmu: Move PMU reset logic to common x86 code 2024-01-25 15:35:48 -08:00
reverse_cpuid.h x86/bhi: Define SPEC_CTRL_BHI_DIS_S 2024-04-10 16:36:08 +02:00
smm.c KVM: x86: Use emulator callbacks instead of duplicating "host flags" 2023-01-31 17:29:09 -08:00
smm.h KVM: x86: smm: preserve interrupt shadow in SMRAM 2022-11-09 12:31:26 -05:00
trace.h KVM: SVM: Use unsigned integers when dealing with ASIDs 2024-04-10 16:35:57 +02:00
tss.h
x86.c KVM: x86: Mark target gfn of emulated atomic instruction as dirty 2024-04-03 15:28:41 +02:00
x86.h KVM: x86: Snapshot host's MSR_IA32_ARCH_CAPABILITIES 2023-08-02 16:37:26 -07:00
xen.c KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled 2024-04-03 15:28:24 +02:00
xen.h KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled 2024-04-03 15:28:24 +02:00