From: Brendan Jackman <jackmanb@google.com>
To: Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>,
Peter Zijlstra <peterz@infradead.org>,
Josh Poimboeuf <jpoimboe@kernel.org>
Cc: <kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Brendan Jackman <jackmanb@google.com>
Subject: Re: [PATCH v4 3/8] x86/bugs: Use an X86_FEATURE_xxx flag for the MMIO Stale Data mitigation
Date: Fri, 31 Oct 2025 11:44:36 +0000 [thread overview]
Message-ID: <DDWHCMBU8GVB.1CXGUGVWSF8RD@google.com> (raw)
In-Reply-To: <20251031003040.3491385-4-seanjc@google.com>
On Fri Oct 31, 2025 at 12:30 AM UTC, Sean Christopherson wrote:
> Convert the MMIO Stale Data mitigation flag from a static branch into an
> X86_FEATURE_xxx so that it can be used via ALTERNATIVE_2 in KVM.
>
> No functional change intended.
>
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> ---
> arch/x86/include/asm/cpufeatures.h | 1 +
> arch/x86/include/asm/nospec-branch.h | 2 --
> arch/x86/kernel/cpu/bugs.c | 11 +----------
> arch/x86/kvm/mmu/spte.c | 2 +-
> arch/x86/kvm/vmx/vmx.c | 4 ++--
> 5 files changed, 5 insertions(+), 15 deletions(-)
>
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index 7129eb44adad..d1d7b5ec6425 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -501,6 +501,7 @@
> #define X86_FEATURE_ABMC (21*32+15) /* Assignable Bandwidth Monitoring Counters */
> #define X86_FEATURE_MSR_IMM (21*32+16) /* MSR immediate form instructions */
> #define X86_FEATURE_X2AVIC_EXT (21*32+17) /* AMD SVM x2AVIC support for 4k vCPUs */
> +#define X86_FEATURE_CLEAR_CPU_BUF_MMIO (21*32+18) /* Clear CPU buffers using VERW before VMRUN, iff the vCPU can access host MMIO*/
>
> /*
> * BUG word(s)
> diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
> index 923ae21cbef1..b29df45b1edb 100644
> --- a/arch/x86/include/asm/nospec-branch.h
> +++ b/arch/x86/include/asm/nospec-branch.h
> @@ -579,8 +579,6 @@ DECLARE_STATIC_KEY_FALSE(cpu_buf_idle_clear);
>
> DECLARE_STATIC_KEY_FALSE(switch_mm_cond_l1d_flush);
>
> -DECLARE_STATIC_KEY_FALSE(cpu_buf_vm_clear);
> -
> extern u16 x86_verw_sel;
>
> #include <asm/segment.h>
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index 723666a1357e..9acf6343b0ac 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -192,14 +192,6 @@ EXPORT_SYMBOL_GPL(cpu_buf_idle_clear);
> */
> DEFINE_STATIC_KEY_FALSE(switch_mm_cond_l1d_flush);
>
> -/*
> - * Controls CPU Fill buffer clear before VMenter. This is a subset of
> - * X86_FEATURE_CLEAR_CPU_BUF_VM, and should only be enabled when KVM-only
> - * mitigation is required.
> - */
This comment wasn't super clear IMO but now that we're losing it, maybe
we can replace it with a WARN_ON() at the end of
cpu_apply_mitigations() or something (maybe it belongs in VMX code)? To
make it more obvious that X86_FEATURE_CLEAR_CPU_BUF_VM and
X86_FEATURE_CLEAR_CPU_BUF_MMIO are mutually exclusive.
Other than the continued bikeshedding,
Reviewed-by: Brendan Jackman <jackmanb@google.com>
next prev parent reply other threads:[~2025-10-31 11:44 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-31 0:30 [PATCH v4 0/8] x86/bugs: KVM: L1TF and MMIO Stale Data cleanups Sean Christopherson
2025-10-31 0:30 ` [PATCH v4 1/8] x86/bugs: Use VM_CLEAR_CPU_BUFFERS in VMX as well Sean Christopherson
2025-10-31 11:30 ` Brendan Jackman
2025-11-01 1:46 ` Pawan Gupta
2025-11-03 18:18 ` Pawan Gupta
2025-11-07 19:05 ` Borislav Petkov
2025-11-11 22:03 ` Sean Christopherson
2025-11-12 10:23 ` Borislav Petkov
2025-11-12 18:19 ` Pawan Gupta
2025-11-12 18:17 ` Pawan Gupta
2025-11-07 18:59 ` Borislav Petkov
2025-11-12 18:02 ` Pawan Gupta
2025-10-31 0:30 ` [PATCH v4 2/8] x86/bugs: Decouple ALTERNATIVE usage from VERW macro definition Sean Christopherson
2025-10-31 11:37 ` Brendan Jackman
2025-10-31 17:43 ` Sean Christopherson
2025-11-01 4:13 ` Pawan Gupta
2025-11-03 17:00 ` Sean Christopherson
2025-11-03 17:40 ` Pawan Gupta
2025-11-12 12:15 ` Borislav Petkov
2025-10-31 0:30 ` [PATCH v4 3/8] x86/bugs: Use an X86_FEATURE_xxx flag for the MMIO Stale Data mitigation Sean Christopherson
2025-10-31 11:44 ` Brendan Jackman [this message]
2025-10-31 21:47 ` Sean Christopherson
2025-11-03 10:49 ` Brendan Jackman
2025-10-31 22:28 ` Pawan Gupta
2025-10-31 22:37 ` Sean Christopherson
2025-10-31 22:50 ` Pawan Gupta
2025-11-12 14:46 ` Borislav Petkov
2025-11-12 18:24 ` Pawan Gupta
2025-10-31 0:30 ` [PATCH v4 4/8] KVM: VMX: Handle MMIO Stale Data in VM-Enter assembly via ALTERNATIVES_2 Sean Christopherson
2025-10-31 12:32 ` Brendan Jackman
2025-10-31 21:44 ` Sean Christopherson
2025-11-03 10:51 ` Brendan Jackman
2025-10-31 23:55 ` Pawan Gupta
2025-11-01 3:41 ` Pawan Gupta
2025-11-03 9:17 ` Peter Zijlstra
2025-11-03 17:37 ` Pawan Gupta
2025-11-03 17:46 ` Pawan Gupta
2025-11-12 16:41 ` Borislav Petkov
2025-11-12 17:15 ` Sean Christopherson
2025-11-12 18:38 ` Borislav Petkov
2025-11-12 20:30 ` Sean Christopherson
2025-11-12 23:01 ` Pawan Gupta
2025-11-13 14:20 ` Borislav Petkov
2025-11-13 22:01 ` Sean Christopherson
2025-10-31 0:30 ` [PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS Sean Christopherson
2025-10-31 12:34 ` Brendan Jackman
2025-11-13 15:03 ` Borislav Petkov
2025-11-13 15:37 ` Sean Christopherson
2025-11-13 16:19 ` Borislav Petkov
2025-10-31 0:30 ` [PATCH v4 6/8] KVM: VMX: Bundle all L1 data cache flush mitigation code together Sean Christopherson
2025-11-03 18:26 ` Pawan Gupta
2025-10-31 0:30 ` [PATCH v4 7/8] KVM: VMX: Disable L1TF L1 data cache flush if CONFIG_CPU_MITIGATIONS=n Sean Christopherson
2025-10-31 12:37 ` Brendan Jackman
2025-10-31 0:30 ` [PATCH v4 8/8] KVM: x86: Unify L1TF flushing under per-CPU variable Sean Christopherson
2025-10-31 11:22 ` [PATCH v4 0/8] x86/bugs: KVM: L1TF and MMIO Stale Data cleanups Brendan Jackman
2025-10-31 17:36 ` Sean Christopherson
2025-11-04 10:58 ` Brendan Jackman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DDWHCMBU8GVB.1CXGUGVWSF8RD@google.com \
--to=jackmanb@google.com \
--cc=bp@alien8.de \
--cc=jpoimboe@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.