Commit 7965c809 authored by Pawan Gupta's avatar Pawan Gupta Committed by Stefan Bader

UBUNTU: SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT

Problem: The global mitigation knob mitigations=off does not turn off
X86_BUG_ITLB_MULTIHIT mitigation.

Fix: Turn off the mitigation when ITLB_MULTIHIT mitigation mode is
"auto" and mitigations are turned off globally via cmdline
mitigations=off.
Signed-off-by: default avatarPawan Gupta <pawan.kumar.gupta@linux.intel.com>

CVE-2018-12207

[tyhicks Backport to 4.4
 - Minor context adjustment due to missing kvm_set_mmio_spte_mask()
 - kernel-parameters.txt is up one directory level]
Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
parent 218bd776
...@@ -2295,6 +2295,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted. ...@@ -2295,6 +2295,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
l1tf=off [X86] l1tf=off [X86]
mds=off [X86] mds=off [X86]
tsx_async_abort=off [X86] tsx_async_abort=off [X86]
kvm.nx_huge_pages=off [X86].
Exceptions:
This does not have any effect on
kvm.nx_huge_pages when
kvm.nx_huge_pages=force.
auto (default) auto (default)
Mitigate all CPU vulnerabilities, but leave SMT Mitigate all CPU vulnerabilities, but leave SMT
......
...@@ -4991,6 +4991,12 @@ static void mmu_destroy_caches(void) ...@@ -4991,6 +4991,12 @@ static void mmu_destroy_caches(void)
kmem_cache_destroy(mmu_page_header_cache); kmem_cache_destroy(mmu_page_header_cache);
} }
static bool get_nx_auto_mode(void)
{
/* Return true when CPU has the bug, and mitigations are ON */
return boot_cpu_has_bug(X86_BUG_ITLB_MULTIHIT) && !cpu_mitigations_off();
}
static void __set_nx_huge_pages(bool val) static void __set_nx_huge_pages(bool val)
{ {
nx_huge_pages = itlb_multihit_kvm_mitigation = val; nx_huge_pages = itlb_multihit_kvm_mitigation = val;
...@@ -5007,7 +5013,7 @@ static int set_nx_huge_pages(const char *val, const struct kernel_param *kp) ...@@ -5007,7 +5013,7 @@ static int set_nx_huge_pages(const char *val, const struct kernel_param *kp)
else if (sysfs_streq(val, "force")) else if (sysfs_streq(val, "force"))
new_val = 1; new_val = 1;
else if (sysfs_streq(val, "auto")) else if (sysfs_streq(val, "auto"))
new_val = boot_cpu_has_bug(X86_BUG_ITLB_MULTIHIT); new_val = get_nx_auto_mode();
else if (strtobool(val, &new_val) < 0) else if (strtobool(val, &new_val) < 0)
return -EINVAL; return -EINVAL;
...@@ -5035,7 +5041,7 @@ static int set_nx_huge_pages(const char *val, const struct kernel_param *kp) ...@@ -5035,7 +5041,7 @@ static int set_nx_huge_pages(const char *val, const struct kernel_param *kp)
int kvm_mmu_module_init(void) int kvm_mmu_module_init(void)
{ {
if (nx_huge_pages == -1) if (nx_huge_pages == -1)
__set_nx_huge_pages(boot_cpu_has_bug(X86_BUG_ITLB_MULTIHIT)); __set_nx_huge_pages(get_nx_auto_mode());
pte_list_desc_cache = kmem_cache_create("pte_list_desc", pte_list_desc_cache = kmem_cache_create("pte_list_desc",
sizeof(struct pte_list_desc), sizeof(struct pte_list_desc),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment