mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-23 17:30:02 +00:00
Code Issues Releases Wiki Activity
linux-stable/Documentation
History
Konrad Rzeszutek Wilk c2fdbbb47c x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present 
commit 26acfb666a upstream

If the L1TF CPU bug is present we allow the KVM module to be loaded as the
major of users that use Linux and KVM have trusted guests and do not want a
broken setup.

Cloud vendors are the ones that are uncomfortable with CVE 2018-3620 and as
such they are the ones that should set nosmt to one.

Setting 'nosmt' means that the system administrator also needs to disable
SMT (Hyper-threading) in the BIOS, or via the 'nosmt' command line
parameter, or via the /sys/devices/system/cpu/smt/control. See commit
05736e4ac1 ("cpu/hotplug: Provide knobs to control SMT").

Other mitigations are to use task affinity, cpu sets, interrupt binding,
etc - anything to make sure that _only_ the same guests vCPUs are running
on sibling threads.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-08-15 18:12:54 +02:00
..
ABI cpu/hotplug: Provide knobs to control SMT 2018-08-15 18:12:52 +02:00
accounting
acpi
admin-guide x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present 2018-08-15 18:12:54 +02:00
aoe
arm
arm64 arm64: Add work around for Arm Cortex-A55 Erratum 1024718 2018-05-16 10:10:25 +02:00
auxdisplay
backlight
blackfin
block
blockdev
bus-devices
cdrom
cgroup-v1
cma
connector
console
core-api doc: Fix RCU's docbook options 2017-10-19 22:26:11 -04:00
cpu-freq cpufreq: docs: Drop intel-pstate.txt from index.txt 2017-09-28 02:08:43 +02:00
cpuidle
cris
crypto
dev-tools kmemcheck: rip it out 2018-02-22 15:42:24 +01:00
device-mapper dm thin: fix documentation relative to low water mark threshold 2018-04-26 11:02:07 +02:00
devicetree net: dsa: qca8k: Add QCA8334 binding documentation 2018-08-03 07:50:44 +02:00
dmaengine
doc-guide
driver-api PM: docs: Drop an excess character from devices.rst 2017-09-19 22:57:38 +02:00
driver-model driver core: remove DRIVER_ATTR 2017-09-19 09:20:33 +02:00
early-userspace
EDID
extcon
fault-injection
fb
features
filesystems ext4: correct documentation for grpid mount option 2018-02-22 15:42:26 +01:00
firmware_class
fmc
fpga
frv
gpio
gpu
hid
hwmon
i2c i2c: i801: Add support for Intel Cedar Fork 2017-10-05 14:44:56 +02:00
ia64
ide
iio
infiniband
input
ioctl
isdn
kbuild kbuild: delete INSTALL_FW_PATH from kbuild documentation 2018-07-17 11:39:30 +02:00
kdump
kernel-hacking
laptops
leds
lightnvm
livepatch
locking
m68k
md
media
memory-devices
metag
mic
mips
misc-devices
mmc
mn10300
mtd
namespaces
netlabel
networking netdev-FAQ: clarify DaveM's position for stable backports 2018-06-11 22:49:19 +02:00
nfc
nios2
nvdimm
nvmem
parisc
PCI
pcmcia
perf
phy
platform
power
powerpc
pps
process Documentation: Add Frank Rowand to list of enforcement statement endorsers 2017-11-04 11:52:39 +01:00
pti
ptp
rapidio
RCU
s390
scheduler
scsi
security
serial
sh
sound
sparc
sphinx Documentation/sphinx: Fix Directive import error 2018-03-15 10:54:32 +01:00
sphinx-static
spi
sysctl Major additions: 2017-09-22 16:16:41 -10:00
target
thermal
timers
trace
translations
usb
userspace-api Documentation/spec_ctrl: Do some minor cleanups 2018-05-22 18:54:04 +02:00
virtual arm/arm64: KVM: Add PSCI version selection API 2018-05-01 12:58:27 -07:00
vm
w1
watchdog
wimax
x86 x86/pti: Document fix wrong index 2018-01-23 19:58:20 +01:00
xtensa
.gitignore
00-INDEX
atomic_bitops.txt
atomic_t.txt
bcache.txt
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
cachetlb.txt
cgroup-v2.txt
Changes
circular-buffers.txt
clk.txt
CodingStyle
conf.py
cpu-load.txt
cputopology.txt
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt
digsig.txt
DMA-API-HOWTO.txt
DMA-API.txt
DMA-attributes.txt
DMA-ISA-LPC.txt
docutils.conf
dontdiff
efi-stub.txt
eisa.txt
errseq.rst
flexible-arrays.txt
futex-requeue-pi.txt
gcc-plugins.txt
highuid.txt
hw_random.txt
hwspinlock.txt
index.rst
Intel-IOMMU.txt
intel_txt.txt
io-mapping.txt
io_ordering.txt
iostats.txt
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
irqflags-tracing.txt
isa.txt
isapnp.txt
kernel-doc-nano-HOWTO.txt
kernel-per-CPU-kthreads.txt
kobject.txt
kprobes.txt
kref.txt
ldm.txt
lockup-watchdogs.txt
logo.gif
logo.txt
lsm.txt
lzo.txt
mailbox.txt
Makefile
memory-barriers.txt
memory-hotplug.txt
men-chameleon-bus.txt
nommu-mmap.txt
ntb.txt
numastat.txt
padata.txt
parport-lowlevel.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pnp.txt
preempt-locking.txt
printk-formats.txt lib/vsprintf: Remove atomic-unsafe support for %pCr 2018-07-03 11:24:48 +02:00
pwm.txt
rbtree.txt
remoteproc.txt
rfkill.txt
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
rtc.txt
SAK.txt
sgi-ioc4.txt
siphash.txt
SM501.txt
smsc_ece1099.txt
speculation.txt Documentation: Document array_index_nospec 2018-02-07 11:12:22 -08:00
static-keys.txt
SubmittingPatches
svga.txt
switchtec.txt
sync_file.txt
tee.txt
this_cpu_ops.txt
unaligned-memory-access.txt
vfio-mediated-device.txt vfio/mdev: Check globally for duplicate devices 2018-08-03 07:50:22 +02:00
vfio.txt
video-output.txt
xillybus.txt
xz.txt
zorro.txt