Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a3ab5da4 authored by Minming Qi's avatar Minming Qi
Browse files

Merge android-4.9.120 (f85543ba) into msm-4.9 



* refs/heads/tmp-f85543ba:
  Linux 4.9.120
  x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
  x86/cpu/amd: Limit cpu_core_id fixup to families older than F17h
  x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
  x86/init: fix build with CONFIG_SWAP=n
  cpu/hotplug: Non-SMP machines do not make use of booted_once
  x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread
  x86/microcode: Allow late microcode loading with SMT disabled
  x86/microcode: Do not upload microcode if CPUs are offline
  tools headers: Synchronise x86 cpufeatures.h for L1TF additions
  x86/mm/kmmio: Make the tracer robust against L1TF
  x86/mm/pat: Make set_memory_np() L1TF safe
  x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
  x86/speculation/l1tf: Invert all not present mappings
  cpu/hotplug: Fix SMT supported evaluation
  KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
  x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
  x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
  KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
  KVM: X86: Allow userspace to define the microcode version
  KVM: X86: Introduce kvm_get_msr_feature()
  KVM: SVM: Add MSR-based feature support for serializing LFENCE
  KVM: x86: Add a framework for supporting MSR-based features
  Documentation/l1tf: Remove Yonah processors from not vulnerable list
  x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
  x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
  x86: Don't include linux/irq.h from asm/hardirq.h
  x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
  x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
  x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
  x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
  x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
  cpu/hotplug: detect SMT disabled by BIOS
  Documentation/l1tf: Fix typos
  x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
  Documentation: Add section about CPU vulnerabilities
  x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
  cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
  cpu/hotplug: Expose SMT control init function
  x86/kvm: Allow runtime control of L1D flush
  x86/kvm: Serialize L1D flush parameter setter
  x86/kvm: Add static key for flush always
  x86/kvm: Move l1tf setup function
  x86/l1tf: Handle EPT disabled state proper
  x86/kvm: Drop L1TF MSR list approach
  x86/litf: Introduce vmx status variable
  cpu/hotplug: Online siblings when SMT control is turned on
  x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
  x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
  x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
  x86/KVM/VMX: Add find_msr() helper function
  x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
  kvm: nVMX: Update MSR load counts on a VMCS switch
  x86/KVM/VMX: Add L1D flush logic
  x86/KVM/VMX: Add L1D MSR based flush
  x86/KVM/VMX: Add L1D flush algorithm
  x86/KVM/VMX: Add module argument for L1TF mitigation
  x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
  cpu/hotplug: Boot HT siblings at least once
  Revert "x86/apic: Ignore secondary threads if nosmt=force"
  x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
  x86/speculation/l1tf: Protect PAE swap entries against L1TF
  x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
  x86/cpufeatures: Add detection of L1D cache flush support.
  x86/speculation/l1tf: Extend 64bit swap file size limit
  x86/apic: Ignore secondary threads if nosmt=force
  x86/cpu/AMD: Evaluate smp_num_siblings early
  x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
  x86/cpu/intel: Evaluate smp_num_siblings early
  x86/cpu/topology: Provide detect_extended_topology_early()
  x86/cpu/common: Provide detect_ht_early()
  x86/cpu/AMD: Remove the pointless detect_ht() call
  x86/cpu: Remove the pointless CPU printout
  cpu/hotplug: Provide knobs to control SMT
  cpu/hotplug: Split do_cpu_down()
  cpu/hotplug: Make bringup/teardown of smp threads symmetric
  x86/topology: Provide topology_smt_supported()
  x86/smp: Provide topology_is_primary_thread()
  x86/bugs: Move the l1tf function and define pr_fmt properly
  x86/speculation/l1tf: Limit swap file size to MAX_PA/2
  x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
  x86/speculation/l1tf: Add sysfs reporting for l1tf
  x86/speculation/l1tf: Make sure the first page is always reserved
  x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
  x86/speculation/l1tf: Protect swap entries against L1TF
  x86/speculation/l1tf: Change order of offset/type in swap entry
  mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
  x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
  x86/irqflags: Provide a declaration for native_save_fl
  kprobes/x86: Fix %p uses in error messages
  x86/speculation: Protect against userspace-userspace spectreRSB
  x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
  ARM: dts: imx6sx: fix irq for pcie bridge
  IB/ocrdma: fix out of bounds access to local buffer
  mtd: nand: qcom: Add a NULL check for devm_kasprintf()
  IB/mlx4: Mark user MR as writable if actual virtual memory is writable
  IB/core: Make testing MR flags for writability a static inline function
  proc: Fix proc_sys_prune_dcache to hold a sb reference
  proc/sysctl: Don't grab i_lock under sysctl_lock.
  proc/sysctl: prune stale dentries during unregistering
  fix __legitimize_mnt()/mntput() race
  fix mntput/mntput race
  make sure that __dentry_kill() always invalidates d_seq, unhashed or not
  root dentries need RCU-delayed freeing
  init: rename and re-order boot_cpu_state_init()
  scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled
  ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
  xen/netfront: don't cache skb_shinfo()
  Mark HI and TASKLET softirq synchronous
  kasan: add no_sanitize attribute for clang builds
  parisc: Define mb() and add memory barriers to assembler unlock sequences
  parisc: Enable CONFIG_MLONGCALLS by default
  tpm: fix race condition in tpm_common_write()
  ext4: fix check to prevent initializing reserved inodes
  ANDROID: AVB error handler to invalidate vbmeta partition.

Conflicts:
	include/linux/swapfile.h
	kernel/smp.c
	kernel/softirq.c

Change-Id: Ied9792f455e336bf7e3bdcf9a6c21f7a212b6db6
Signed-off-by: default avatarBlagovest Kolenichev <bkolenichev@codeaurora.org>
Signed-off-by: default avatarMinming Qi <mqi@codeaurora.org>
parents 8faa25f7 f85543ba

Documentation/ABI/testing/sysfs-devices-system-cpu

+24 −0
Original line number Diff line number Diff line
@@ -356,6 +356,7 @@ What: /sys/devices/system/cpu/vulnerabilities 
		/sys/devices/system/cpu/vulnerabilities/spectre_v1

		/sys/devices/system/cpu/vulnerabilities/spectre_v2

		/sys/devices/system/cpu/vulnerabilities/spec_store_bypass

		/sys/devices/system/cpu/vulnerabilities/l1tf

Date:		January 2018

Contact:	Linux kernel mailing list <linux-kernel@vger.kernel.org>

Description:	Information about CPU vulnerabilities
@@ -367,3 +368,26 @@ Description: Information about CPU vulnerabilities 
		"Not affected"	  CPU is not affected by the vulnerability

		"Vulnerable"	  CPU is affected and no mitigation in effect

		"Mitigation: $M"  CPU is affected and mitigation $M is in effect



		Details about the l1tf file can be found in

		Documentation/admin-guide/l1tf.rst



What:		/sys/devices/system/cpu/smt

		/sys/devices/system/cpu/smt/active

		/sys/devices/system/cpu/smt/control

Date:		June 2018

Contact:	Linux kernel mailing list <linux-kernel@vger.kernel.org>

Description:	Control Symetric Multi Threading (SMT)



		active:  Tells whether SMT is active (enabled and siblings online)



		control: Read/write interface to control SMT. Possible

			 values:



			 "on"		SMT is enabled

			 "off"		SMT is disabled

			 "forceoff"	SMT is force disabled. Cannot be changed.

			 "notsupported" SMT is not supported by the CPU



			 If control status is "forceoff" or "notsupported" writes

			 are rejected.

Documentation/index.rst

+1 −0
Original line number Diff line number Diff line
@@ -12,6 +12,7 @@ Contents: 
   :maxdepth: 2



   kernel-documentation

   l1tf

   development-process/index

   dev-tools/tools

   driver-api/index

Documentation/kernel-parameters.txt

+78 −0
Original line number Diff line number Diff line
@@ -2032,10 +2032,84 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
			(virtualized real and unpaged mode) on capable

			Intel chips. Default is 1 (enabled)



	kvm-intel.vmentry_l1d_flush=[KVM,Intel] Mitigation for L1 Terminal Fault

			CVE-2018-3620.



			Valid arguments: never, cond, always



			always: L1D cache flush on every VMENTER.

			cond:	Flush L1D on VMENTER only when the code between

				VMEXIT and VMENTER can leak host memory.

			never:	Disables the mitigation



			Default is cond (do L1 cache flush in specific instances)



	kvm-intel.vpid=	[KVM,Intel] Disable Virtual Processor Identification

			feature (tagged TLBs) on capable Intel chips.

			Default is 1 (enabled)



	l1tf=           [X86] Control mitigation of the L1TF vulnerability on

			      affected CPUs



			The kernel PTE inversion protection is unconditionally

			enabled and cannot be disabled.



			full

				Provides all available mitigations for the

				L1TF vulnerability. Disables SMT and

				enables all mitigations in the

				hypervisors, i.e. unconditional L1D flush.



				SMT control and L1D flush control via the

				sysfs interface is still possible after

				boot.  Hypervisors will issue a warning

				when the first VM is started in a

				potentially insecure configuration,

				i.e. SMT enabled or L1D flush disabled.



			full,force

				Same as 'full', but disables SMT and L1D

				flush runtime control. Implies the

				'nosmt=force' command line option.

				(i.e. sysfs control of SMT is disabled.)



			flush

				Leaves SMT enabled and enables the default

				hypervisor mitigation, i.e. conditional

				L1D flush.



				SMT control and L1D flush control via the

				sysfs interface is still possible after

				boot.  Hypervisors will issue a warning

				when the first VM is started in a

				potentially insecure configuration,

				i.e. SMT enabled or L1D flush disabled.



			flush,nosmt



				Disables SMT and enables the default

				hypervisor mitigation.



				SMT control and L1D flush control via the

				sysfs interface is still possible after

				boot.  Hypervisors will issue a warning

				when the first VM is started in a

				potentially insecure configuration,

				i.e. SMT enabled or L1D flush disabled.



			flush,nowarn

				Same as 'flush', but hypervisors will not

				warn when a VM is started in a potentially

				insecure configuration.



			off

				Disables hypervisor mitigations and doesn't

				emit any warnings.



			Default is 'flush'.



			For details see: Documentation/admin-guide/l1tf.rst



	l2cr=		[PPC]



	l3cr=		[PPC]
@@ -2716,6 +2790,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
	nosmt		[KNL,S390] Disable symmetric multithreading (SMT).

			Equivalent to smt=1.



			[KNL,x86] Disable symmetric multithreading (SMT).

			nosmt=force: Force disable SMT, cannot be undone

				     via the sysfs control file.



	nospectre_v2	[X86] Disable all mitigations for the Spectre variant 2

			(indirect branch prediction) vulnerability. System may

			allow data leaks with this option, which is equivalent

Documentation/l1tf.rst

0 → 100644
+610 −0

File added.

Preview size limit exceeded, changes collapsed.

Documentation/virtual/kvm/api.txt

+28 −12
Original line number Diff line number Diff line
@@ -122,14 +122,15 @@ KVM_CAP_S390_UCONTROL and use the flag KVM_VM_S390_UCONTROL as 
privileged user (CAP_SYS_ADMIN).





4.3 KVM_GET_MSR_INDEX_LIST

4.3 KVM_GET_MSR_INDEX_LIST, KVM_GET_MSR_FEATURE_INDEX_LIST



Capability: basic

Capability: basic, KVM_CAP_GET_MSR_FEATURES for KVM_GET_MSR_FEATURE_INDEX_LIST

Architectures: x86

Type: system

Type: system ioctl

Parameters: struct kvm_msr_list (in/out)

Returns: 0 on success; -1 on error

Errors:

  EFAULT:    the msr index list cannot be read from or written to

  E2BIG:     the msr index list is to be to fit in the array specified by

             the user.
@@ -138,16 +139,23 @@ struct kvm_msr_list { 
	__u32 indices[0];

};



This ioctl returns the guest msrs that are supported.  The list varies

by kvm version and host processor, but does not change otherwise.  The

user fills in the size of the indices array in nmsrs, and in return

kvm adjusts nmsrs to reflect the actual number of msrs and fills in

the indices array with their numbers.

The user fills in the size of the indices array in nmsrs, and in return

kvm adjusts nmsrs to reflect the actual number of msrs and fills in the

indices array with their numbers.



KVM_GET_MSR_INDEX_LIST returns the guest msrs that are supported.  The list

varies by kvm version and host processor, but does not change otherwise.



Note: if kvm indicates supports MCE (KVM_CAP_MCE), then the MCE bank MSRs are

not returned in the MSR list, as different vcpus can have a different number

of banks, as set via the KVM_X86_SETUP_MCE ioctl.



KVM_GET_MSR_FEATURE_INDEX_LIST returns the list of MSRs that can be passed

to the KVM_GET_MSRS system ioctl.  This lets userspace probe host capabilities

and processor features that are exposed via MSRs (e.g., VMX capabilities).

This list also varies by kvm version and host processor, but does not change

otherwise.





4.4 KVM_CHECK_EXTENSION
@@ -474,14 +482,22 @@ Support for this has been removed. Use KVM_SET_GUEST_DEBUG instead. 


4.18 KVM_GET_MSRS



Capability: basic

Capability: basic (vcpu), KVM_CAP_GET_MSR_FEATURES (system)

Architectures: x86

Type: vcpu ioctl

Type: system ioctl, vcpu ioctl

Parameters: struct kvm_msrs (in/out)

Returns: 0 on success, -1 on error

Returns: number of msrs successfully returned;

        -1 on error



When used as a system ioctl:

Reads the values of MSR-based features that are available for the VM.  This

is similar to KVM_GET_SUPPORTED_CPUID, but it returns MSR indices and values.

The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST

in a system ioctl.



When used as a vcpu ioctl:

Reads model-specific registers from the vcpu.  Supported msr indices can

be obtained using KVM_GET_MSR_INDEX_LIST.

be obtained using KVM_GET_MSR_INDEX_LIST in a system ioctl.



struct kvm_msrs {

	__u32 nmsrs; /* number of msrs in entries */