[SRU Mantic][PATCH 8/9] KVM: x86: Add BHI_NO
Stefan Bader
stefan.bader at canonical.com
Mon Apr 15 09:48:19 UTC 2024
From: Daniel Sneddon <daniel.sneddon at linux.intel.com>
commit ed2e8d49b54d677f3123668a21a57822d679651f upstream.
Intel processors that aren't vulnerable to BHI will set
MSR_IA32_ARCH_CAPABILITIES[BHI_NO] = 1;. Guests may use this BHI_NO bit to
determine if they need to implement BHI mitigations or not. Allow this bit
to be passed to the guests.
Signed-off-by: Daniel Sneddon <daniel.sneddon at linux.intel.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta at linux.intel.com>
Signed-off-by: Daniel Sneddon <daniel.sneddon at linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx at linutronix.de>
Reviewed-by: Alexandre Chartre <alexandre.chartre at oracle.com>
Reviewed-by: Josh Poimboeuf <jpoimboe at kernel.org>
Signed-off-by: Daniel Sneddon <daniel.sneddon at linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
CVE-2024-2201
(backported from commit 1c42ff893a8fb802dd90ca06af928826fdf0d16b linux-6.6.y)
[smb: Context adjustments in arch/x86/kvm/x86.c]
Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
---
arch/x86/kvm/x86.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index a5c8a01f7e7e..1000f8aabbf1 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1616,7 +1616,8 @@ static bool kvm_is_immutable_feature_msr(u32 msr)
ARCH_CAP_SKIP_VMENTRY_L1DFLUSH | ARCH_CAP_SSB_NO | ARCH_CAP_MDS_NO | \
ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \
ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \
- ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO)
+ ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO | \
+ ARCH_CAP_BHI_NO)
static u64 kvm_get_arch_capabilities(void)
{
--
2.34.1
More information about the kernel-team
mailing list