lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240715182042.GAZpVoenFmK87PlcjT@fat_crate.local>
Date: Mon, 15 Jul 2024 20:20:42 +0200
From: Borislav Petkov <bp@...en8.de>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: x86-ml <x86@...nel.org>, lkml <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] x86/cpu for v6.11-rc1

Hi Linus,

please pull the x86/cpu lineup for v6.11-rc1.

If you encounter a merge conflict - likely - I've added the resolve we've been
using in linux-next at the end of that mail if you'd like to compare notes.

Thx.

---

The following changes since commit 1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0:

  Linux 6.10-rc1 (2024-05-26 15:20:12 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip tags/x86_cpu_for_v6.11_rc1

for you to fetch changes up to 34b3fc558b537bdf99644dcde539e151716f6331:

  x86/cpu/intel: Drop stray FAM6 check with new Intel CPU model defines (2024-06-29 16:10:37 +0200)

----------------------------------------------------------------
- Flip the logic to add feature names to /proc/cpuinfo to having to
  explicitly specify the flag if there's a valid reason to show it in
  /proc/cpuinfo

- Switch a bunch of Intel x86 model checking code to the new CPU model
  defines

- Fixes and cleanups

----------------------------------------------------------------
Alison Schofield (2):
      x86/cpu: Remove useless work in detect_tme_early()
      x86/pconfig: Remove unused MKTME pconfig code

Andrew Cooper (1):
      x86/cpu/intel: Drop stray FAM6 check with new Intel CPU model defines

Borislav Petkov (AMD) (1):
      x86/cpufeatures: Flip the /proc/cpuinfo appearance logic

Jeff Johnson (1):
      x86/mce/inject: Add missing MODULE_DESCRIPTION() line

Mateusz Guzik (1):
      x86/CPU/AMD: Always inline amd_clear_divider()

Tony Luck (8):
      x86/platform/intel-mid: Switch to new Intel CPU model defines
      x86/cpu/intel: Switch to new Intel CPU model defines
      x86/PCI: Switch to new Intel CPU model defines
      x86/virt/tdx: Switch to new Intel CPU model defines
      perf/x86/intel: Switch to new Intel CPU model defines
      x86/cpu: Switch to new Intel CPU model defines
      x86/boot: Switch to new Intel CPU model defines
      perf/x86/rapl: Switch to new Intel CPU model defines

 arch/x86/boot/cpucheck.c                |   2 +-
 arch/x86/events/intel/core.c            | 212 ++++-----
 arch/x86/events/rapl.c                  |  90 ++--
 arch/x86/include/asm/cpu_device_id.h    |   8 +-
 arch/x86/include/asm/cpufeatures.h      | 800 ++++++++++++++++----------------
 arch/x86/include/asm/intel_pconfig.h    |  65 ---
 arch/x86/include/asm/processor.h        |  12 +-
 arch/x86/include/asm/vmxfeatures.h      | 110 ++---
 arch/x86/kernel/cpu/Makefile            |   2 +-
 arch/x86/kernel/cpu/amd.c               |  11 -
 arch/x86/kernel/cpu/intel.c             | 188 +++-----
 arch/x86/kernel/cpu/intel_pconfig.c     |  84 ----
 arch/x86/kernel/cpu/mce/inject.c        |   1 +
 arch/x86/kernel/cpu/mkcapflags.sh       |   3 +-
 arch/x86/pci/intel_mid_pci.c            |   4 +-
 arch/x86/platform/intel-mid/intel-mid.c |   6 +-
 arch/x86/virt/vmx/tdx/tdx.c             |   8 +-
 17 files changed, 701 insertions(+), 905 deletions(-)
 delete mode 100644 arch/x86/include/asm/intel_pconfig.h
 delete mode 100644 arch/x86/kernel/cpu/intel_pconfig.c

---

diff --cc arch/x86/include/asm/vmxfeatures.h
index 695f36664889,fe42067cd6d8..09b1d7e607c1
--- a/arch/x86/include/asm/vmxfeatures.h
+++ b/arch/x86/include/asm/vmxfeatures.h
@@@ -70,24 -70,24 +70,24 @@@
  #define VMX_FEATURE_APIC_REGISTER_VIRT	( 2*32+  8) /* "vapic_reg" Hardware emulation of reads to the virtual-APIC */
  #define VMX_FEATURE_VIRT_INTR_DELIVERY	( 2*32+  9) /* "vid" Evaluation and delivery of pending virtual interrupts */
  #define VMX_FEATURE_PAUSE_LOOP_EXITING	( 2*32+ 10) /* "ple" Conditionally VM-Exit on PAUSE at CPL0 */
- #define VMX_FEATURE_RDRAND_EXITING	( 2*32+ 11) /* "" VM-Exit on RDRAND*/
- #define VMX_FEATURE_INVPCID		( 2*32+ 12) /* "" Enable INVPCID in guest */
- #define VMX_FEATURE_VMFUNC		( 2*32+ 13) /* "" Enable VM-Functions (leaf dependent) */
- #define VMX_FEATURE_SHADOW_VMCS		( 2*32+ 14) /* VMREAD/VMWRITE in guest can access shadow VMCS */
- #define VMX_FEATURE_ENCLS_EXITING	( 2*32+ 15) /* "" VM-Exit on ENCLS (leaf dependent) */
- #define VMX_FEATURE_RDSEED_EXITING	( 2*32+ 16) /* "" VM-Exit on RDSEED */
+ #define VMX_FEATURE_RDRAND_EXITING	( 2*32+ 11) /* VM-Exit on RDRAND*/
+ #define VMX_FEATURE_INVPCID		( 2*32+ 12) /* Enable INVPCID in guest */
+ #define VMX_FEATURE_VMFUNC		( 2*32+ 13) /* Enable VM-Functions (leaf dependent) */
+ #define VMX_FEATURE_SHADOW_VMCS		( 2*32+ 14) /* "shadow_vmcs" VMREAD/VMWRITE in guest can access shadow VMCS */
+ #define VMX_FEATURE_ENCLS_EXITING	( 2*32+ 15) /* VM-Exit on ENCLS (leaf dependent) */
+ #define VMX_FEATURE_RDSEED_EXITING	( 2*32+ 16) /* VM-Exit on RDSEED */
  #define VMX_FEATURE_PAGE_MOD_LOGGING	( 2*32+ 17) /* "pml" Log dirty pages into buffer */
--#define VMX_FEATURE_EPT_VIOLATION_VE	( 2*32+ 18) /* Conditionally reflect EPT violations as #VE exceptions */
- #define VMX_FEATURE_PT_CONCEAL_VMX	( 2*32+ 19) /* "" Suppress VMX indicators in Processor Trace */
- #define VMX_FEATURE_XSAVES		( 2*32+ 20) /* "" Enable XSAVES and XRSTORS in guest */
++#define VMX_FEATURE_EPT_VIOLATION_VE	( 2*32+ 18) /* "ept_violation_ve" Conditionally reflect EPT violations as #VE exceptions */
+ #define VMX_FEATURE_PT_CONCEAL_VMX	( 2*32+ 19) /* Suppress VMX indicators in Processor Trace */
+ #define VMX_FEATURE_XSAVES		( 2*32+ 20) /* Enable XSAVES and XRSTORS in guest */
  #define VMX_FEATURE_MODE_BASED_EPT_EXEC	( 2*32+ 22) /* "ept_mode_based_exec" Enable separate EPT EXEC bits for supervisor vs. user */
- #define VMX_FEATURE_PT_USE_GPA		( 2*32+ 24) /* "" Processor Trace logs GPAs */
- #define VMX_FEATURE_TSC_SCALING		( 2*32+ 25) /* Scale hardware TSC when read in guest */
- #define VMX_FEATURE_USR_WAIT_PAUSE	( 2*32+ 26) /* Enable TPAUSE, UMONITOR, UMWAIT in guest */
- #define VMX_FEATURE_ENCLV_EXITING	( 2*32+ 28) /* "" VM-Exit on ENCLV (leaf dependent) */
- #define VMX_FEATURE_BUS_LOCK_DETECTION	( 2*32+ 30) /* "" VM-Exit when bus lock caused */
- #define VMX_FEATURE_NOTIFY_VM_EXITING	( 2*32+ 31) /* VM-Exit when no event windows after notify window */
+ #define VMX_FEATURE_PT_USE_GPA		( 2*32+ 24) /* Processor Trace logs GPAs */
+ #define VMX_FEATURE_TSC_SCALING		( 2*32+ 25) /* "tsc_scaling" Scale hardware TSC when read in guest */
+ #define VMX_FEATURE_USR_WAIT_PAUSE	( 2*32+ 26) /* "usr_wait_pause" Enable TPAUSE, UMONITOR, UMWAIT in guest */
+ #define VMX_FEATURE_ENCLV_EXITING	( 2*32+ 28) /* VM-Exit on ENCLV (leaf dependent) */
+ #define VMX_FEATURE_BUS_LOCK_DETECTION	( 2*32+ 30) /* VM-Exit when bus lock caused */
+ #define VMX_FEATURE_NOTIFY_VM_EXITING	( 2*32+ 31) /* "notify_vm_exiting" VM-Exit when no event windows after notify window */
  
  /* Tertiary Processor-Based VM-Execution Controls, word 3 */
- #define VMX_FEATURE_IPI_VIRT		( 3*32+  4) /* Enable IPI virtualization */
+ #define VMX_FEATURE_IPI_VIRT		( 3*32+  4) /* "ipi_virt" Enable IPI virtualization */
  #endif /* _ASM_X86_VMXFEATURES_H */
diff --cc arch/x86/kernel/cpu/intel.c
index fdf3489d92a4,a9ea0dba6f0c..08b95a35b5cb
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@@ -230,61 -201,23 +201,39 @@@ static void detect_tme_early(struct cpu
  		clear_cpu_cap(c, X86_FEATURE_TME);
  		return;
  	}
- 
- 	if (mktme_status != MKTME_UNINITIALIZED)
- 		goto detect_keyid_bits;
- 
- 	pr_info("x86/tme: enabled by BIOS\n");
- 
- 	tme_policy = TME_ACTIVATE_POLICY(tme_activate);
- 	if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128)
- 		pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy);
- 
- 	tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate);
- 	if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) {
- 		pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n",
- 				tme_crypto_algs);
- 		mktme_status = MKTME_DISABLED;
- 	}
- detect_keyid_bits:
+ 	pr_info_once("x86/tme: enabled by BIOS\n");
  	keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate);
- 	nr_keyids = (1UL << keyid_bits) - 1;
- 	if (nr_keyids) {
- 		pr_info_once("x86/mktme: enabled by BIOS\n");
- 		pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids);
- 	} else {
- 		pr_info_once("x86/mktme: disabled by BIOS\n");
- 	}
- 
- 	if (mktme_status == MKTME_UNINITIALIZED) {
- 		/* MKTME is usable */
- 		mktme_status = MKTME_ENABLED;
- 	}
+ 	if (!keyid_bits)
+ 		return;
  
  	/*
- 	 * KeyID bits effectively lower the number of physical address
- 	 * bits.  Update cpuinfo_x86::x86_phys_bits accordingly.
+ 	 * KeyID bits are set by BIOS and can be present regardless
+ 	 * of whether the kernel is using them. They effectively lower
+ 	 * the number of physical address bits.
+ 	 *
+ 	 * Update cpuinfo_x86::x86_phys_bits accordingly.
  	 */
  	c->x86_phys_bits -= keyid_bits;
+ 	pr_info_once("x86/mktme: BIOS enabled: x86_phys_bits reduced by %d\n",
+ 		     keyid_bits);
  }
  
 +void intel_unlock_cpuid_leafs(struct cpuinfo_x86 *c)
 +{
 +	if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL)
 +		return;
 +
 +	if (c->x86 < 6 || (c->x86 == 6 && c->x86_model < 0xd))
 +		return;
 +
 +	/*
 +	 * The BIOS can have limited CPUID to leaf 2, which breaks feature
 +	 * enumeration. Unlock it and update the maximum leaf info.
 +	 */
 +	if (msr_clear_bit(MSR_IA32_MISC_ENABLE, MSR_IA32_MISC_ENABLE_LIMIT_CPUID_BIT) > 0)
 +		c->cpuid_level = cpuid_eax(0);
 +}
 +
  static void early_init_intel(struct cpuinfo_x86 *c)
  {
  	u64 misc_enable;


-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ