1. Patchew
  2. linux
  3. [PATCH v4 0/8] x86/bugs: KVM: L1TF and MMIO Stale Data cleanups
  4. View patch

[PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS

Sean Christopherson posted 8 patches 3 months, 1 week ago
There is a newer version of this series
[PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS
Posted by Sean Christopherson 3 months, 1 week ago 
Now that VMX encodes its own sequency for clearing CPU buffers, move
VM_CLEAR_CPU_BUFFERS into SVM to minimize the chances of KVM botching a
mitigation in the future, e.g. using VM_CLEAR_CPU_BUFFERS instead of
checking multiple mitigation flags.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/include/asm/nospec-branch.h | 3 ---
 arch/x86/kvm/svm/vmenter.S           | 6 ++++--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index b29df45b1edb..88fe40d6949a 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -323,9 +323,6 @@
 #define CLEAR_CPU_BUFFERS \
 	ALTERNATIVE "", __CLEAR_CPU_BUFFERS, X86_FEATURE_CLEAR_CPU_BUF
 
-#define VM_CLEAR_CPU_BUFFERS \
-	ALTERNATIVE "", __CLEAR_CPU_BUFFERS, X86_FEATURE_CLEAR_CPU_BUF_VM
-
 #ifdef CONFIG_X86_64
 .macro CLEAR_BRANCH_HISTORY
 	ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP
diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S
index 235c4af6b692..da5f481cb17e 100644
--- a/arch/x86/kvm/svm/vmenter.S
+++ b/arch/x86/kvm/svm/vmenter.S
@@ -92,6 +92,8 @@
 	jmp 901b
 .endm
 
+#define SVM_CLEAR_CPU_BUFFERS \
+	ALTERNATIVE "", __CLEAR_CPU_BUFFERS, X86_FEATURE_CLEAR_CPU_BUF_VM
 
 /**
  * __svm_vcpu_run - Run a vCPU via a transition to SVM guest mode
@@ -170,7 +172,7 @@ SYM_FUNC_START(__svm_vcpu_run)
 	mov VCPU_RDI(%_ASM_DI), %_ASM_DI
 
 	/* Clobbers EFLAGS.ZF */
-	VM_CLEAR_CPU_BUFFERS
+	SVM_CLEAR_CPU_BUFFERS
 
 	/* Enter guest mode */
 3:	vmrun %_ASM_AX
@@ -339,7 +341,7 @@ SYM_FUNC_START(__svm_sev_es_vcpu_run)
 	mov KVM_VMCB_pa(%rax), %rax
 
 	/* Clobbers EFLAGS.ZF */
-	VM_CLEAR_CPU_BUFFERS
+	SVM_CLEAR_CPU_BUFFERS
 
 	/* Enter guest mode */
 1:	vmrun %rax
-- 
2.51.1.930.gacf6e81ea2-goog
Re: [PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS
Posted by Borislav Petkov 2 months, 3 weeks ago 
On Thu, Oct 30, 2025 at 05:30:37PM -0700, Sean Christopherson wrote:
> Now that VMX encodes its own sequency for clearing CPU buffers, move

Now that VMX encodes its own sequency for clearing CPU buffers, move
Unknown word [sequency] in commit message.
Suggestions: ['sequence',

Please introduce a spellchecker into your patch creation workflow. :)

> VM_CLEAR_CPU_BUFFERS into SVM to minimize the chances of KVM botching a
> mitigation in the future, e.g. using VM_CLEAR_CPU_BUFFERS instead of
> checking multiple mitigation flags.
> 
> No functional change intended.
> 
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> ---
>  arch/x86/include/asm/nospec-branch.h | 3 ---
>  arch/x86/kvm/svm/vmenter.S           | 6 ++++--

...

> +#define SVM_CLEAR_CPU_BUFFERS \

I need to remember to grep for "CLEAR_CPU_BUF" in the future in order to catch
them all...

Acked-by: Borislav Petkov (AMD) <bp@alien8.de>

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette
Re: [PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS
Posted by Sean Christopherson 2 months, 3 weeks ago 
On Thu, Nov 13, 2025, Borislav Petkov wrote:
> On Thu, Oct 30, 2025 at 05:30:37PM -0700, Sean Christopherson wrote:
> > Now that VMX encodes its own sequency for clearing CPU buffers, move
> 
> Now that VMX encodes its own sequency for clearing CPU buffers, move
> Unknown word [sequency] in commit message.
> Suggestions: ['sequence',
> 
> Please introduce a spellchecker into your patch creation workflow. :)

I use codespell, but it's obviously imperfect.  Do you use something fancier?
Re: [PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS
Posted by Borislav Petkov 2 months, 3 weeks ago 
On Thu, Nov 13, 2025 at 07:37:52AM -0800, Sean Christopherson wrote:
> On Thu, Nov 13, 2025, Borislav Petkov wrote:
> > On Thu, Oct 30, 2025 at 05:30:37PM -0700, Sean Christopherson wrote:
> > > Now that VMX encodes its own sequency for clearing CPU buffers, move
> > 
> > Now that VMX encodes its own sequency for clearing CPU buffers, move
> > Unknown word [sequency] in commit message.
> > Suggestions: ['sequence',
> > 
> > Please introduce a spellchecker into your patch creation workflow. :)
> 
> I use codespell, but it's obviously imperfect.  Do you use something fancier?

Fancy? no.

Homegrown and thus moldable as time provides? Yeah:

https://git.kernel.org/pub/scm/linux/kernel/git/bp/bp.git/tree/.tip/bin/vp.py?h=vp&id=880f7f0393ae7d10643aeab32234086ee253687a#n815

That's my patch checker.

I also have enabled spellchecking in vim when I write the commit message.

But meh, typos will slip from time to time regardless...

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette
Re: [PATCH v4 5/8] x86/bugs: KVM: Move VM_CLEAR_CPU_BUFFERS into SVM as SVM_CLEAR_CPU_BUFFERS
Posted by Brendan Jackman 3 months, 1 week ago 
On Fri Oct 31, 2025 at 12:30 AM UTC, Sean Christopherson wrote:
> Now that VMX encodes its own sequency for clearing CPU buffers, move
> VM_CLEAR_CPU_BUFFERS into SVM to minimize the chances of KVM botching a
> mitigation in the future, e.g. using VM_CLEAR_CPU_BUFFERS instead of
> checking multiple mitigation flags.
>
> No functional change intended.
>
> Signed-off-by: Sean Christopherson <seanjc@google.com>

Reviewed-by: Brendan Jackman <jackmanb@google.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.