linux/arch/x86/kernel/cpu
Alejandro Jimenez c1f7fec1eb x86/speculation: Allow guests to use SSBD even if host does not
The bits set in x86_spec_ctrl_mask are used to calculate the guest's value
of SPEC_CTRL that is written to the MSR before VMENTRY, and control which
mitigations the guest can enable.  In the case of SSBD, unless the host has
enabled SSBD always on mode (by passing "spec_store_bypass_disable=on" in
the kernel parameters), the SSBD bit is not set in the mask and the guest
can not properly enable the SSBD always on mitigation mode.

This has been confirmed by running the SSBD PoC on a guest using the SSBD
always on mitigation mode (booted with kernel parameter
"spec_store_bypass_disable=on"), and verifying that the guest is vulnerable
unless the host is also using SSBD always on mode. In addition, the guest
OS incorrectly reports the SSB vulnerability as mitigated.

Always set the SSBD bit in x86_spec_ctrl_mask when the host CPU supports
it, allowing the guest to use SSBD whether or not the host has chosen to
enable the mitigation in any of its modes.

Fixes: be6fcb5478 ("x86/bugs: Rework spec_ctrl base and mask logic")
Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: bp@alien8.de
Cc: rkrcmar@redhat.com
Cc: kvm@vger.kernel.org
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/1560187210-11054-1-git-send-email-alejandro.j.jimenez@oracle.com
2019-06-26 16:38:36 +02:00
..
mce treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 172 2019-05-30 11:26:39 -07:00
microcode x86/microcode: Fix the microcode load on CPU hotplug for real 2019-06-19 09:16:35 +02:00
mtrr treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
resctrl x86/resctrl: Prevent possible overrun during bitmap operations 2019-06-20 15:39:19 +02:00
.gitignore
amd.c x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor 2019-05-24 08:50:32 +02:00
aperfmperf.c x86: Convert some slow-path static_cpu_has() callers to boot_cpu_has() 2019-04-08 12:13:34 +02:00
bugs.c x86/speculation: Allow guests to use SSBD even if host does not 2019-06-26 16:38:36 +02:00
cacheinfo.c x86/kernel: Mark expected switch-case fall-throughs 2019-01-26 11:19:13 +01:00
centaur.c x86/CPU: Move x86_cpuinfo::x86_max_cores assignment to detect_num_cpu_cores() 2018-05-13 16:14:24 +02:00
common.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
cpu.h PM / arch: x86: Rework the MSR_IA32_ENERGY_PERF_BIAS handling 2019-04-07 22:33:19 +02:00
cpuid-deps.c x86/cpuid: Switch to 'static const' specifier 2018-03-08 12:23:42 +01:00
cyrix.c x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors 2019-03-21 12:28:50 +01:00
hygon.c x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors 2019-03-23 17:41:09 +01:00
hypervisor.c x86/jailhouse: Add infrastructure for running in non-root cell 2018-01-14 21:11:54 +01:00
intel_epb.c x86: intel_epb: Take CONFIG_PM into account 2019-05-10 10:47:35 +02:00
intel_pconfig.c x86/pconfig: Detect PCONFIG targets 2018-03-12 12:10:54 +01:00
intel.c x86/cpu/intel: Lower the "ENERGY_PERF_BIAS: Set to normal" message's log priority 2019-04-19 19:23:13 +02:00
Makefile PM / arch: x86: Rework the MSR_IA32_ENERGY_PERF_BIAS handling 2019-04-07 22:33:19 +02:00
match.c x86/cpufeature: Add facility to check for min microcode revisions 2019-02-11 07:59:23 +01:00
mkcapflags.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mshyperv.c x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available 2019-02-28 11:12:16 +01:00
perfctr-watchdog.c x86/events: Add Hygon Dhyana support to PMU infrastructure 2018-09-27 18:28:57 +02:00
powerflags.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
proc.c x86: Convert some slow-path static_cpu_has() callers to boot_cpu_has() 2019-04-08 12:13:34 +02:00
rdrand.c
scattered.c Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-12-26 17:35:41 -08:00
topology.c x86/kernel: Fix more -Wmissing-prototypes warnings 2018-12-08 12:24:35 +01:00
transmeta.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
umc.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vmware.c x86/cpu/vmware: Do not trace vmware_sched_clock() 2018-11-09 21:39:14 +01:00