Loading Documentation/ABI/testing/sysfs-devices-system-cpu +24 −0 Original line number Diff line number Diff line Loading @@ -356,6 +356,7 @@ What: /sys/devices/system/cpu/vulnerabilities /sys/devices/system/cpu/vulnerabilities/spectre_v1 /sys/devices/system/cpu/vulnerabilities/spectre_v2 /sys/devices/system/cpu/vulnerabilities/spec_store_bypass /sys/devices/system/cpu/vulnerabilities/l1tf Date: January 2018 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org> Description: Information about CPU vulnerabilities Loading @@ -367,3 +368,26 @@ Description: Information about CPU vulnerabilities "Not affected" CPU is not affected by the vulnerability "Vulnerable" CPU is affected and no mitigation in effect "Mitigation: $M" CPU is affected and mitigation $M is in effect Details about the l1tf file can be found in Documentation/admin-guide/l1tf.rst What: /sys/devices/system/cpu/smt /sys/devices/system/cpu/smt/active /sys/devices/system/cpu/smt/control Date: June 2018 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org> Description: Control Symetric Multi Threading (SMT) active: Tells whether SMT is active (enabled and siblings online) control: Read/write interface to control SMT. Possible values: "on" SMT is enabled "off" SMT is disabled "forceoff" SMT is force disabled. Cannot be changed. "notsupported" SMT is not supported by the CPU If control status is "forceoff" or "notsupported" writes are rejected. Documentation/index.rst +1 −0 Original line number Diff line number Diff line Loading @@ -12,6 +12,7 @@ Contents: :maxdepth: 2 kernel-documentation l1tf development-process/index dev-tools/tools driver-api/index Loading Documentation/kernel-parameters.txt +78 −0 Original line number Diff line number Diff line Loading @@ -2032,10 +2032,84 @@ bytes respectively. Such letter suffixes can also be entirely omitted. (virtualized real and unpaged mode) on capable Intel chips. Default is 1 (enabled) kvm-intel.vmentry_l1d_flush=[KVM,Intel] Mitigation for L1 Terminal Fault CVE-2018-3620. Valid arguments: never, cond, always always: L1D cache flush on every VMENTER. cond: Flush L1D on VMENTER only when the code between VMEXIT and VMENTER can leak host memory. never: Disables the mitigation Default is cond (do L1 cache flush in specific instances) kvm-intel.vpid= [KVM,Intel] Disable Virtual Processor Identification feature (tagged TLBs) on capable Intel chips. Default is 1 (enabled) l1tf= [X86] Control mitigation of the L1TF vulnerability on affected CPUs The kernel PTE inversion protection is unconditionally enabled and cannot be disabled. full Provides all available mitigations for the L1TF vulnerability. Disables SMT and enables all mitigations in the hypervisors, i.e. unconditional L1D flush. SMT control and L1D flush control via the sysfs interface is still possible after boot. Hypervisors will issue a warning when the first VM is started in a potentially insecure configuration, i.e. SMT enabled or L1D flush disabled. full,force Same as 'full', but disables SMT and L1D flush runtime control. Implies the 'nosmt=force' command line option. (i.e. sysfs control of SMT is disabled.) flush Leaves SMT enabled and enables the default hypervisor mitigation, i.e. conditional L1D flush. SMT control and L1D flush control via the sysfs interface is still possible after boot. Hypervisors will issue a warning when the first VM is started in a potentially insecure configuration, i.e. SMT enabled or L1D flush disabled. flush,nosmt Disables SMT and enables the default hypervisor mitigation. SMT control and L1D flush control via the sysfs interface is still possible after boot. Hypervisors will issue a warning when the first VM is started in a potentially insecure configuration, i.e. SMT enabled or L1D flush disabled. flush,nowarn Same as 'flush', but hypervisors will not warn when a VM is started in a potentially insecure configuration. off Disables hypervisor mitigations and doesn't emit any warnings. Default is 'flush'. For details see: Documentation/admin-guide/l1tf.rst l2cr= [PPC] l3cr= [PPC] Loading Loading @@ -2716,6 +2790,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. nosmt [KNL,S390] Disable symmetric multithreading (SMT). Equivalent to smt=1. [KNL,x86] Disable symmetric multithreading (SMT). nosmt=force: Force disable SMT, cannot be undone via the sysfs control file. nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2 (indirect branch prediction) vulnerability. System may allow data leaks with this option, which is equivalent Loading Documentation/l1tf.rst 0 → 100644 +610 −0 File added.Preview size limit exceeded, changes collapsed. Show changes Documentation/virtual/kvm/api.txt +28 −12 Original line number Diff line number Diff line Loading @@ -122,14 +122,15 @@ KVM_CAP_S390_UCONTROL and use the flag KVM_VM_S390_UCONTROL as privileged user (CAP_SYS_ADMIN). 4.3 KVM_GET_MSR_INDEX_LIST 4.3 KVM_GET_MSR_INDEX_LIST, KVM_GET_MSR_FEATURE_INDEX_LIST Capability: basic Capability: basic, KVM_CAP_GET_MSR_FEATURES for KVM_GET_MSR_FEATURE_INDEX_LIST Architectures: x86 Type: system Type: system ioctl Parameters: struct kvm_msr_list (in/out) Returns: 0 on success; -1 on error Errors: EFAULT: the msr index list cannot be read from or written to E2BIG: the msr index list is to be to fit in the array specified by the user. Loading @@ -138,16 +139,23 @@ struct kvm_msr_list { __u32 indices[0]; }; This ioctl returns the guest msrs that are supported. The list varies by kvm version and host processor, but does not change otherwise. The user fills in the size of the indices array in nmsrs, and in return kvm adjusts nmsrs to reflect the actual number of msrs and fills in the indices array with their numbers. The user fills in the size of the indices array in nmsrs, and in return kvm adjusts nmsrs to reflect the actual number of msrs and fills in the indices array with their numbers. KVM_GET_MSR_INDEX_LIST returns the guest msrs that are supported. The list varies by kvm version and host processor, but does not change otherwise. Note: if kvm indicates supports MCE (KVM_CAP_MCE), then the MCE bank MSRs are not returned in the MSR list, as different vcpus can have a different number of banks, as set via the KVM_X86_SETUP_MCE ioctl. KVM_GET_MSR_FEATURE_INDEX_LIST returns the list of MSRs that can be passed to the KVM_GET_MSRS system ioctl. This lets userspace probe host capabilities and processor features that are exposed via MSRs (e.g., VMX capabilities). This list also varies by kvm version and host processor, but does not change otherwise. 4.4 KVM_CHECK_EXTENSION Loading Loading @@ -474,14 +482,22 @@ Support for this has been removed. Use KVM_SET_GUEST_DEBUG instead. 4.18 KVM_GET_MSRS Capability: basic Capability: basic (vcpu), KVM_CAP_GET_MSR_FEATURES (system) Architectures: x86 Type: vcpu ioctl Type: system ioctl, vcpu ioctl Parameters: struct kvm_msrs (in/out) Returns: 0 on success, -1 on error Returns: number of msrs successfully returned; -1 on error When used as a system ioctl: Reads the values of MSR-based features that are available for the VM. This is similar to KVM_GET_SUPPORTED_CPUID, but it returns MSR indices and values. The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST in a system ioctl. When used as a vcpu ioctl: Reads model-specific registers from the vcpu. Supported msr indices can be obtained using KVM_GET_MSR_INDEX_LIST. be obtained using KVM_GET_MSR_INDEX_LIST in a system ioctl. struct kvm_msrs { __u32 nmsrs; /* number of msrs in entries */ Loading Loading
Documentation/ABI/testing/sysfs-devices-system-cpu +24 −0 Original line number Diff line number Diff line Loading @@ -356,6 +356,7 @@ What: /sys/devices/system/cpu/vulnerabilities /sys/devices/system/cpu/vulnerabilities/spectre_v1 /sys/devices/system/cpu/vulnerabilities/spectre_v2 /sys/devices/system/cpu/vulnerabilities/spec_store_bypass /sys/devices/system/cpu/vulnerabilities/l1tf Date: January 2018 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org> Description: Information about CPU vulnerabilities Loading @@ -367,3 +368,26 @@ Description: Information about CPU vulnerabilities "Not affected" CPU is not affected by the vulnerability "Vulnerable" CPU is affected and no mitigation in effect "Mitigation: $M" CPU is affected and mitigation $M is in effect Details about the l1tf file can be found in Documentation/admin-guide/l1tf.rst What: /sys/devices/system/cpu/smt /sys/devices/system/cpu/smt/active /sys/devices/system/cpu/smt/control Date: June 2018 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org> Description: Control Symetric Multi Threading (SMT) active: Tells whether SMT is active (enabled and siblings online) control: Read/write interface to control SMT. Possible values: "on" SMT is enabled "off" SMT is disabled "forceoff" SMT is force disabled. Cannot be changed. "notsupported" SMT is not supported by the CPU If control status is "forceoff" or "notsupported" writes are rejected.
Documentation/index.rst +1 −0 Original line number Diff line number Diff line Loading @@ -12,6 +12,7 @@ Contents: :maxdepth: 2 kernel-documentation l1tf development-process/index dev-tools/tools driver-api/index Loading
Documentation/kernel-parameters.txt +78 −0 Original line number Diff line number Diff line Loading @@ -2032,10 +2032,84 @@ bytes respectively. Such letter suffixes can also be entirely omitted. (virtualized real and unpaged mode) on capable Intel chips. Default is 1 (enabled) kvm-intel.vmentry_l1d_flush=[KVM,Intel] Mitigation for L1 Terminal Fault CVE-2018-3620. Valid arguments: never, cond, always always: L1D cache flush on every VMENTER. cond: Flush L1D on VMENTER only when the code between VMEXIT and VMENTER can leak host memory. never: Disables the mitigation Default is cond (do L1 cache flush in specific instances) kvm-intel.vpid= [KVM,Intel] Disable Virtual Processor Identification feature (tagged TLBs) on capable Intel chips. Default is 1 (enabled) l1tf= [X86] Control mitigation of the L1TF vulnerability on affected CPUs The kernel PTE inversion protection is unconditionally enabled and cannot be disabled. full Provides all available mitigations for the L1TF vulnerability. Disables SMT and enables all mitigations in the hypervisors, i.e. unconditional L1D flush. SMT control and L1D flush control via the sysfs interface is still possible after boot. Hypervisors will issue a warning when the first VM is started in a potentially insecure configuration, i.e. SMT enabled or L1D flush disabled. full,force Same as 'full', but disables SMT and L1D flush runtime control. Implies the 'nosmt=force' command line option. (i.e. sysfs control of SMT is disabled.) flush Leaves SMT enabled and enables the default hypervisor mitigation, i.e. conditional L1D flush. SMT control and L1D flush control via the sysfs interface is still possible after boot. Hypervisors will issue a warning when the first VM is started in a potentially insecure configuration, i.e. SMT enabled or L1D flush disabled. flush,nosmt Disables SMT and enables the default hypervisor mitigation. SMT control and L1D flush control via the sysfs interface is still possible after boot. Hypervisors will issue a warning when the first VM is started in a potentially insecure configuration, i.e. SMT enabled or L1D flush disabled. flush,nowarn Same as 'flush', but hypervisors will not warn when a VM is started in a potentially insecure configuration. off Disables hypervisor mitigations and doesn't emit any warnings. Default is 'flush'. For details see: Documentation/admin-guide/l1tf.rst l2cr= [PPC] l3cr= [PPC] Loading Loading @@ -2716,6 +2790,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. nosmt [KNL,S390] Disable symmetric multithreading (SMT). Equivalent to smt=1. [KNL,x86] Disable symmetric multithreading (SMT). nosmt=force: Force disable SMT, cannot be undone via the sysfs control file. nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2 (indirect branch prediction) vulnerability. System may allow data leaks with this option, which is equivalent Loading
Documentation/l1tf.rst 0 → 100644 +610 −0 File added.Preview size limit exceeded, changes collapsed. Show changes
Documentation/virtual/kvm/api.txt +28 −12 Original line number Diff line number Diff line Loading @@ -122,14 +122,15 @@ KVM_CAP_S390_UCONTROL and use the flag KVM_VM_S390_UCONTROL as privileged user (CAP_SYS_ADMIN). 4.3 KVM_GET_MSR_INDEX_LIST 4.3 KVM_GET_MSR_INDEX_LIST, KVM_GET_MSR_FEATURE_INDEX_LIST Capability: basic Capability: basic, KVM_CAP_GET_MSR_FEATURES for KVM_GET_MSR_FEATURE_INDEX_LIST Architectures: x86 Type: system Type: system ioctl Parameters: struct kvm_msr_list (in/out) Returns: 0 on success; -1 on error Errors: EFAULT: the msr index list cannot be read from or written to E2BIG: the msr index list is to be to fit in the array specified by the user. Loading @@ -138,16 +139,23 @@ struct kvm_msr_list { __u32 indices[0]; }; This ioctl returns the guest msrs that are supported. The list varies by kvm version and host processor, but does not change otherwise. The user fills in the size of the indices array in nmsrs, and in return kvm adjusts nmsrs to reflect the actual number of msrs and fills in the indices array with their numbers. The user fills in the size of the indices array in nmsrs, and in return kvm adjusts nmsrs to reflect the actual number of msrs and fills in the indices array with their numbers. KVM_GET_MSR_INDEX_LIST returns the guest msrs that are supported. The list varies by kvm version and host processor, but does not change otherwise. Note: if kvm indicates supports MCE (KVM_CAP_MCE), then the MCE bank MSRs are not returned in the MSR list, as different vcpus can have a different number of banks, as set via the KVM_X86_SETUP_MCE ioctl. KVM_GET_MSR_FEATURE_INDEX_LIST returns the list of MSRs that can be passed to the KVM_GET_MSRS system ioctl. This lets userspace probe host capabilities and processor features that are exposed via MSRs (e.g., VMX capabilities). This list also varies by kvm version and host processor, but does not change otherwise. 4.4 KVM_CHECK_EXTENSION Loading Loading @@ -474,14 +482,22 @@ Support for this has been removed. Use KVM_SET_GUEST_DEBUG instead. 4.18 KVM_GET_MSRS Capability: basic Capability: basic (vcpu), KVM_CAP_GET_MSR_FEATURES (system) Architectures: x86 Type: vcpu ioctl Type: system ioctl, vcpu ioctl Parameters: struct kvm_msrs (in/out) Returns: 0 on success, -1 on error Returns: number of msrs successfully returned; -1 on error When used as a system ioctl: Reads the values of MSR-based features that are available for the VM. This is similar to KVM_GET_SUPPORTED_CPUID, but it returns MSR indices and values. The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST in a system ioctl. When used as a vcpu ioctl: Reads model-specific registers from the vcpu. Supported msr indices can be obtained using KVM_GET_MSR_INDEX_LIST. be obtained using KVM_GET_MSR_INDEX_LIST in a system ioctl. struct kvm_msrs { __u32 nmsrs; /* number of msrs in entries */ Loading
