x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
If the L1D flush module parameter is set to 'always' and the IA32_FLUSH_CMD MSR is available, optimize the VMENTER code with the MSR save list. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
This commit is contained in:
parent
989e3992d2
commit
390d975e0c
|
@ -6237,6 +6237,16 @@ static void ept_set_mmio_spte_mask(void)
|
|||
VMX_EPT_MISCONFIG_WX_VALUE);
|
||||
}
|
||||
|
||||
static bool vmx_l1d_use_msr_save_list(void)
|
||||
{
|
||||
if (!enable_ept || !boot_cpu_has_bug(X86_BUG_L1TF) ||
|
||||
static_cpu_has(X86_FEATURE_HYPERVISOR) ||
|
||||
!static_cpu_has(X86_FEATURE_FLUSH_L1D))
|
||||
return false;
|
||||
|
||||
return vmentry_l1d_flush == VMENTER_L1D_FLUSH_ALWAYS;
|
||||
}
|
||||
|
||||
#define VMX_XSS_EXIT_BITMAP 0
|
||||
/*
|
||||
* Sets up the vmcs for emulated real mode.
|
||||
|
@ -6358,6 +6368,12 @@ static void vmx_vcpu_setup(struct vcpu_vmx *vmx)
|
|||
vmcs_write64(PML_ADDRESS, page_to_phys(vmx->pml_pg));
|
||||
vmcs_write16(GUEST_PML_INDEX, PML_ENTITY_NUM - 1);
|
||||
}
|
||||
/*
|
||||
* If flushing the L1D cache on every VMENTER is enforced and the
|
||||
* MSR is available, use the MSR save list.
|
||||
*/
|
||||
if (vmx_l1d_use_msr_save_list())
|
||||
add_atomic_switch_msr(vmx, MSR_IA32_FLUSH_CMD, L1D_FLUSH, 0, true);
|
||||
}
|
||||
|
||||
static void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
|
||||
|
@ -9607,11 +9623,26 @@ static void vmx_l1d_flush(struct kvm_vcpu *vcpu)
|
|||
bool always;
|
||||
|
||||
/*
|
||||
* If the mitigation mode is 'flush always', keep the flush bit
|
||||
* set, otherwise clear it. It gets set again either from
|
||||
* vcpu_run() or from one of the unsafe VMEXIT handlers.
|
||||
* This code is only executed when:
|
||||
* - the flush mode is 'cond'
|
||||
* - the flush mode is 'always' and the flush MSR is not
|
||||
* available
|
||||
*
|
||||
* If the CPU has the flush MSR then clear the flush bit because
|
||||
* 'always' mode is handled via the MSR save list.
|
||||
*
|
||||
* If the MSR is not avaibable then act depending on the mitigation
|
||||
* mode: If 'flush always', keep the flush bit set, otherwise clear
|
||||
* it.
|
||||
*
|
||||
* The flush bit gets set again either from vcpu_run() or from one
|
||||
* of the unsafe VMEXIT handlers.
|
||||
*/
|
||||
always = vmentry_l1d_flush == VMENTER_L1D_FLUSH_ALWAYS;
|
||||
if (static_cpu_has(X86_FEATURE_FLUSH_L1D))
|
||||
always = false;
|
||||
else
|
||||
always = vmentry_l1d_flush == VMENTER_L1D_FLUSH_ALWAYS;
|
||||
|
||||
vcpu->arch.l1tf_flush_l1d = always;
|
||||
|
||||
vcpu->stat.l1d_flush++;
|
||||
|
@ -13205,7 +13236,8 @@ static int __init vmx_setup_l1d_flush(void)
|
|||
struct page *page;
|
||||
|
||||
if (vmentry_l1d_flush == VMENTER_L1D_FLUSH_NEVER ||
|
||||
!boot_cpu_has_bug(X86_BUG_L1TF))
|
||||
!boot_cpu_has_bug(X86_BUG_L1TF) ||
|
||||
vmx_l1d_use_msr_save_list())
|
||||
return 0;
|
||||
|
||||
if (!boot_cpu_has(X86_FEATURE_FLUSH_L1D)) {
|
||||
|
|
Loading…
Reference in New Issue