Pawan Gupta 1c42ff893a x86/bhi: Mitigate KVM by default ... commit 95a6ccbdc7 upstream. BHI mitigation mode spectre_bhi=auto does not deploy the software mitigation by default. In a cloud environment, it is a likely scenario where userspace is trusted but the guests are not trusted. Deploying system wide mitigation in such cases is not desirable. Update the auto mode to unconditionally mitigate against malicious guests. Deploy the software sequence at VMexit in auto mode also, when hardware mitigation is not available. Unlike the force =on mode, software sequence is not deployed at syscalls in auto mode. Suggested-by: Alexandre Chartre <alexandre.chartre@oracle.com> Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2024-04-10 16:36:08 +02:00
..
ABI	x86/rfds: Mitigate Register File Data Sampling (RFDS)	2024-03-15 10:48:22 -04:00
accel
accounting
admin-guide	x86/bhi: Mitigate KVM by default	2024-04-10 16:36:08 +02:00
arch	x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT	2024-04-03 15:28:50 +02:00
block
bpf
cdrom
core-api
cpu-freq
crypto
dev-tools
devicetree	dt-bindings: msm: qcom, mdss: Include ommited fam-b compatible	2024-03-26 18:19:47 -04:00
doc-guide
driver-api	PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg()	2024-01-25 15:35:47 -08:00
fault-injection
fb
features
filesystems	ovl: add support for appending lowerdirs one by one	2024-03-26 18:19:18 -04:00
firmware-guide
firmware_class
fpga
gpu	drm: Allow drivers to indicate the damage helpers to ignore damage clips	2024-01-31 16:19:08 -08:00
hid
hwmon
i2c	i2c: i801: Add support for Intel Birch Stream SoC	2023-11-28 17:19:46 +00:00
iio
images
infiniband
input
isdn
kbuild
kernel-hacking
leds
litmus-tests
livepatch
locking
maintainer
mhi
misc-devices
mm
netlabel
netlink
networking	devlink: Fix command annotation documentation	2024-02-23 09:24:50 +01:00
nvdimm
nvme
PCI
pcmcia
peci
power
powerpc	docs: kernel_feat.py: fix potential command injection	2024-01-31 16:18:46 -08:00
process	rust: upgrade to Rust 1.73.0	2024-02-16 19:10:43 +01:00
RCU
riscv	docs: kernel_feat.py: fix potential command injection	2024-01-31 16:18:46 -08:00
rust
scheduler
scsi
security
sound	ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument	2024-02-05 20:14:26 +00:00
sphinx	docs: kernel_feat.py: fix build error for missing files	2024-02-23 09:25:16 +01:00
sphinx-static
spi
staging
target
timers
tools
trace
translations	docs: kernel_feat.py: fix potential command injection	2024-01-31 16:18:46 -08:00
usb
userspace-api	media: mc: Expand MUST_CONNECT flag to always require an enabled link	2024-04-03 15:28:17 +02:00
virt
w1
watchdog
wmi
.gitignore
atomic_bitops.txt
atomic_t.txt
Changes
CodingStyle
conf.py	docs: Restore "smart quotes" for quotes	2024-04-03 15:28:22 +02:00
docutils.conf
dontdiff
index.rst
Kconfig
Makefile
memory-barriers.txt
SubmittingPatches
subsystem-apis.rst