[PATCH v3 0/4] KVM: VMX: Unify L1D flush for L1TF

[Sean Christopherson <seanjc@google.com>]

Unify the L1D cache flushing done to mitigate L1TF under the per-CPU
variable, as the per-vCPU variable has been superfluous for quite some
time.

Patch 1 fixes a bug (I think it's a bug?) I found when poking around the code.
If L1D flushes are conditional and KVM skips an L1D flush on VM-Enter, then
arguably KVM should flush CPU buffers based on other mitigations.

Patches 2-3 bury the L1TF L1D flushing under CONFIG_CPU_MITIGATIONS, partly
because it's absurd that KVM doesn't honor CONFIG_CPU_MITIGATIONS for that
case, partly because it simplifies unifying the tracking code (helps obviate
the need for a stub).

Patch 4 is Brendan's patch and the main goal of the mini-series.

v3:
 - Put the "raw" variant in KVM, dress it up with KVM's "request" terminology,
   and add a comment explaining why _KVM_ knows its usage doesn't need to
   disable virtualization.
 - Add the prep patches.

v2:
 - https://lore.kernel.org/all/20251015-b4-l1tf-percpu-v2-1-6d7a8d3d40e9@google.com
 - Moved the bit back to irq_stat
 - Fixed DEBUG_PREEMPT issues by adding a _raw variant

v1: https://lore.kernel.org/r/20251013-b4-l1tf-percpu-v1-1-d65c5366ea1a@google.com


Brendan Jackman (1):
  KVM: x86: Unify L1TF flushing under per-CPU variable

Sean Christopherson (3):
  KVM: VMX: Flush CPU buffers as needed if L1D cache flush is skipped
  KVM: VMX: Bundle all L1 data cache flush mitigation code together
  KVM: VMX: Disable L1TF L1 data cache flush if CONFIG_CPU_MITIGATIONS=n

 arch/x86/include/asm/hardirq.h  |   4 +-
 arch/x86/include/asm/kvm_host.h |   3 -
 arch/x86/kvm/mmu/mmu.c          |   2 +-
 arch/x86/kvm/vmx/nested.c       |   2 +-
 arch/x86/kvm/vmx/vmx.c          | 222 ++++++++++++++++++--------------
 arch/x86/kvm/x86.c              |   6 +-
 arch/x86/kvm/x86.h              |  14 ++
 7 files changed, 144 insertions(+), 109 deletions(-)


base-commit: f222788458c8a7753d43befef2769cd282dc008e
-- 
2.51.0.858.gf9c4a03a3a-goog