Commit 81ac7e5d authored by Daniel Sneddon's avatar Daniel Sneddon Committed by Dave Hansen

KVM: Add GDS_NO support to KVM

Gather Data Sampling (GDS) is a transient execution attack using
gather instructions from the AVX2 and AVX512 extensions. This attack
allows malicious code to infer data that was previously stored in
vector registers. Systems that are not vulnerable to GDS will set the
GDS_NO bit of the IA32_ARCH_CAPABILITIES MSR. This is useful for VM
guests that may think they are on vulnerable systems that are, in
fact, not affected. Guests that are running on affected hosts where
the mitigation is enabled are protected as if they were running
on an unaffected system.

On all hosts that are not affected or that are mitigated, set the
GDS_NO bit.
Signed-off-by: default avatarDaniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Acked-by: default avatarJosh Poimboeuf <jpoimboe@kernel.org>
parent 53cf5797
...@@ -674,6 +674,13 @@ static const char * const gds_strings[] = { ...@@ -674,6 +674,13 @@ static const char * const gds_strings[] = {
[GDS_MITIGATION_HYPERVISOR] = "Unknown: Dependent on hypervisor status", [GDS_MITIGATION_HYPERVISOR] = "Unknown: Dependent on hypervisor status",
}; };
bool gds_ucode_mitigated(void)
{
return (gds_mitigation == GDS_MITIGATION_FULL ||
gds_mitigation == GDS_MITIGATION_FULL_LOCKED);
}
EXPORT_SYMBOL_GPL(gds_ucode_mitigated);
void update_gds_msr(void) void update_gds_msr(void)
{ {
u64 mcu_ctrl_after; u64 mcu_ctrl_after;
......
...@@ -314,6 +314,8 @@ u64 __read_mostly host_xcr0; ...@@ -314,6 +314,8 @@ u64 __read_mostly host_xcr0;
static struct kmem_cache *x86_emulator_cache; static struct kmem_cache *x86_emulator_cache;
extern bool gds_ucode_mitigated(void);
/* /*
* When called, it means the previous get/set msr reached an invalid msr. * When called, it means the previous get/set msr reached an invalid msr.
* Return true if we want to ignore/silent this failed msr access. * Return true if we want to ignore/silent this failed msr access.
...@@ -1607,7 +1609,7 @@ static bool kvm_is_immutable_feature_msr(u32 msr) ...@@ -1607,7 +1609,7 @@ static bool kvm_is_immutable_feature_msr(u32 msr)
ARCH_CAP_SKIP_VMENTRY_L1DFLUSH | ARCH_CAP_SSB_NO | ARCH_CAP_MDS_NO | \ ARCH_CAP_SKIP_VMENTRY_L1DFLUSH | ARCH_CAP_SSB_NO | ARCH_CAP_MDS_NO | \
ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \ ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \
ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \ ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \
ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO) ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO)
static u64 kvm_get_arch_capabilities(void) static u64 kvm_get_arch_capabilities(void)
{ {
...@@ -1664,6 +1666,9 @@ static u64 kvm_get_arch_capabilities(void) ...@@ -1664,6 +1666,9 @@ static u64 kvm_get_arch_capabilities(void)
*/ */
} }
if (!boot_cpu_has_bug(X86_BUG_GDS) || gds_ucode_mitigated())
data |= ARCH_CAP_GDS_NO;
return data; return data;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment