x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d

The last missing piece to having vmx_l1d_flush() take interrupts after
VMEXIT into account is to set the kvm_cpu_l1tf_flush_l1d per-cpu flag on
irq entry.

Issue calls to kvm_set_cpu_l1tf_flush_l1d() from entering_irq(),
ipi_entering_ack_irq(), smp_reschedule_interrupt() and
uv_bau_message_interrupt().
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

CVE-2018-3620
CVE-2018-3646

[smb: Minor context adjustments]
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

arch/x86/include/asm/apic.h

@@ -11,6 +11,7 @@
 #include <asm/fixmap.h>
 #include <asm/mpspec.h>
 #include <asm/msr.h>
+#include <asm/hardirq.h>
 #include <asm/idle.h>
 
 #define ARCH_APICTIMER_STOPS_ON_C3	1
@@ -639,6 +640,7 @@ extern void irq_exit(void);
 static inline void entering_irq(void)
 {
 	irq_enter();
+	kvm_set_cpu_l1tf_flush_l1d();
 	exit_idle();
 }
 
@@ -652,6 +654,7 @@ static inline void ipi_entering_ack_irq(void)
 {
 	irq_enter();
 	ack_APIC_irq();
+	kvm_set_cpu_l1tf_flush_l1d();
 }
 
 static inline void exiting_irq(void)

arch/x86/kernel/smp.c

@@ -261,6 +261,7 @@ __visible void smp_reschedule_interrupt(struct pt_regs *regs)
 {
 	ack_APIC_irq();
 	__smp_reschedule_interrupt();
+	kvm_set_cpu_l1tf_flush_l1d();
 	/*
 	 * KVM uses this interrupt to force a cpu out of guest mode
 	 */

arch/x86/platform/uv/tlb_uv.c

@@ -1249,6 +1249,7 @@ void uv_bau_message_interrupt(struct pt_regs *regs)
 	struct msg_desc msgdesc;
 
 	ack_APIC_irq();
+	kvm_set_cpu_l1tf_flush_l1d();
 	time_start = get_cycles();
 
 	bcp = &per_cpu(bau_control, smp_processor_id());