x86/bhi: Mitigate KVM by default
authorPawan Gupta <pawan.kumar.gupta@linux.intel.com>
Mon, 11 Mar 2024 15:57:09 +0000 (08:57 -0700)
committerThomas Gleixner <tglx@linutronix.de>
Mon, 8 Apr 2024 17:27:06 +0000 (19:27 +0200)
commit95a6ccbdc7199a14b71ad8901cb788ba7fb5167b
tree2756d1354b90ff94be54ba551fbe6570365d2bf7
parentec9404e40e8f36421a2b66ecb76dc2209fe7f3ef
x86/bhi: Mitigate KVM by default

BHI mitigation mode spectre_bhi=auto does not deploy the software
mitigation by default. In a cloud environment, it is a likely scenario
where userspace is trusted but the guests are not trusted. Deploying
system wide mitigation in such cases is not desirable.

Update the auto mode to unconditionally mitigate against malicious
guests. Deploy the software sequence at VMexit in auto mode also, when
hardware mitigation is not available. Unlike the force =on mode,
software sequence is not deployed at syscalls in auto mode.

Suggested-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Documentation/admin-guide/hw-vuln/spectre.rst
Documentation/admin-guide/kernel-parameters.txt
arch/x86/include/asm/cpufeatures.h
arch/x86/include/asm/nospec-branch.h
arch/x86/kernel/cpu/bugs.c
arch/x86/kvm/vmx/vmenter.S