On Tue, Feb 14, 2023 at 12:09:53PM -0500, Paolo Bonzini wrote: > Certain AMD processors are vulnerable to a cross-thread return address > predictions bug. When running in SMT mode and one of the sibling threads > transitions out of C0 state, the other thread gets access to twice as many > entries in the RSB, but unfortunately the predictions of the now-halted > logical processor are not purged. Therefore, the executing processor > could speculatively execute from locations that the now-halted processor > had trained the RSB on. > > The Spectre v2 mitigations cover the Linux kernel, as it fills the RSB > when context switching to the idle thread. However, KVM allows a VMM to > prevent exiting guest mode when transitioning out of C0 using the > KVM_CAP_X86_DISABLE_EXITS capability can be used by a VMM to change this > behavior. To mitigate the cross-thread return address predictions bug, > a VMM must not be allowed to override the default behavior to intercept > C0 transitions. > > These patches introduce a KVM module parameter that, if set, will prevent > the user from disabling the HLT, MWAIT and CSTATE exits. > > The patches apply to the 5.15 stable tree, and Greg has already received > them through a git bundle. The difference is only in context, but it is > too much for "git cherry-pick" so here they are. Thanks for these, all now queued up. greg k-h
