Merge tag 'gds-for-linus-2023-08-01' of git://git.kernel.org/pub/scm/linux/kernel...

Pull x86/gds fixes from Dave Hansen:
 "Mitigate Gather Data Sampling issue:

   - Add Base GDS mitigation

   - Support GDS_NO under KVM

   - Fix a documentation typo"

* tag 'gds-for-linus-2023-08-01' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  Documentation/x86: Fix backwards on/off logic about YMM support
  KVM: Add GDS_NO support to KVM
  x86/speculation: Add Kconfig option for GDS
  x86/speculation: Add force option to GDS mitigation
  x86/speculation: Add Gather Data Sampling mitigation

diff --cc Documentation/admin-guide/hw-vuln/index.rst
index ff4d3fa,436fac0..a7d37e1
--- 1/Documentation/admin-guide/hw-vuln/index.rst
--- 2/Documentation/admin-guide/hw-vuln/index.rst
+++ b/Documentation/admin-guide/hw-vuln/index.rst
@@@ -19,4 -19,4 +19,5 @@@ are configurable at compile, boot or ru
     l1d_flush.rst
     processor_mmio_stale_data.rst
     cross-thread-rsb.rst
 +   srso
+    gather_data_sampling.rst

diff --cc Documentation/admin-guide/kernel-parameters.txt
Simple merge

diff --cc arch/x86/Kconfig
Simple merge

diff --cc arch/x86/include/asm/cpufeatures.h
index 7600a8a,8d6b347..094f88f
--- 1/arch/x86/include/asm/cpufeatures.h
--- 2/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@@ -491,7 -483,6 +491,8 @@@
  #define X86_BUG_RETBLEED              X86_BUG(27) /* CPU is affected by RETBleed */
  #define X86_BUG_EIBRS_PBRSB           X86_BUG(28) /* EIBRS is vulnerable to Post Barrier RSB Predictions */
  #define X86_BUG_SMT_RSB                       X86_BUG(29) /* CPU is vulnerable to Cross-Thread Return Address Predictions */
+ #define X86_BUG_GDS                   X86_BUG(30) /* CPU is affected by Gather Data Sampling */
  
 +/* BUG word 2 */
 +#define X86_BUG_SRSO                  X86_BUG(1*32 + 0) /* AMD SRSO bug */
  #endif /* _ASM_X86_CPUFEATURES_H */

diff --cc arch/x86/include/asm/msr-index.h
Simple merge

diff --cc arch/x86/kernel/cpu/bugs.c
index d81f40a,7985c65..d02f73c
--- 1/arch/x86/kernel/cpu/bugs.c
--- 2/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@@ -47,7 -47,7 +47,8 @@@ static void __init taa_select_mitigatio
  static void __init mmio_select_mitigation(void);
  static void __init srbds_select_mitigation(void);
  static void __init l1d_flush_select_mitigation(void);
 +static void __init srso_select_mitigation(void);
+ static void __init gds_select_mitigation(void);
  
  /* The base value of the SPEC_CTRL MSR without task-specific bits set */
  u64 x86_spec_ctrl_base;
@@@ -164,7 -161,7 +165,8 @@@ void __init cpu_select_mitigations(void
        md_clear_select_mitigation();
        srbds_select_mitigation();
        l1d_flush_select_mitigation();
 +      srso_select_mitigation();
+       gds_select_mitigation();
  }
  
  /*
@@@ -2549,13 -2527,11 +2694,18 @@@ static ssize_t retbleed_show_state(cha
        return sysfs_emit(buf, "%s\n", retbleed_strings[retbleed_mitigation]);
  }
  
 +static ssize_t srso_show_state(char *buf)
 +{
 +      return sysfs_emit(buf, "%s%s\n",
 +                        srso_strings[srso_mitigation],
 +                        (cpu_has_ibpb_brtype_microcode() ? "" : ", no microcode"));
 +}
 +
+ static ssize_t gds_show_state(char *buf)
+ {
+       return sysfs_emit(buf, "%s\n", gds_strings[gds_mitigation]);
+ }
+ 
  static ssize_t cpu_show_common(struct device *dev, struct device_attribute *attr,
                               char *buf, unsigned int bug)
  {
@@@ -2605,9 -2581,9 +2755,12 @@@
        case X86_BUG_RETBLEED:
                return retbleed_show_state(buf);
  
 +      case X86_BUG_SRSO:
 +              return srso_show_state(buf);
 +
+       case X86_BUG_GDS:
+               return gds_show_state(buf);
+ 
        default:
                break;
        }
@@@ -2673,8 -2649,8 +2826,13 @@@ ssize_t cpu_show_retbleed(struct devic
        return cpu_show_common(dev, attr, buf, X86_BUG_RETBLEED);
  }
  
 +ssize_t cpu_show_spec_rstack_overflow(struct device *dev, struct device_attribute *attr, char *buf)
 +{
 +      return cpu_show_common(dev, attr, buf, X86_BUG_SRSO);
 +}
++
+ ssize_t cpu_show_gds(struct device *dev, struct device_attribute *attr, char *buf)
+ {
+       return cpu_show_common(dev, attr, buf, X86_BUG_GDS);
+ }
  #endif

diff --cc arch/x86/kernel/cpu/common.c
index 1d7e228,53224fe..e3a65e9
--- 1/arch/x86/kernel/cpu/common.c
--- 2/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@@ -1250,8 -1250,8 +1250,10 @@@ static const __initconst struct x86_cpu
  #define RETBLEED      BIT(3)
  /* CPU is affected by SMT (cross-thread) return predictions */
  #define SMT_RSB               BIT(4)
 -#define GDS           BIT(5)
 +/* CPU is affected by SRSO */
 +#define SRSO          BIT(5)
+ /* CPU is affected by GDS */
++#define GDS           BIT(6)
  
  static const struct x86_cpu_id cpu_vuln_blacklist[] __initconst = {
        VULNBL_INTEL_STEPPINGS(IVYBRIDGE,       X86_STEPPING_ANY,               SRBDS),
@@@ -1409,11 -1410,16 +1413,21 @@@ static void __init cpu_set_bug_bits(str
        if (cpu_matches(cpu_vuln_blacklist, SMT_RSB))
                setup_force_cpu_bug(X86_BUG_SMT_RSB);
  
 +      if (!cpu_has(c, X86_FEATURE_SRSO_NO)) {
 +              if (cpu_matches(cpu_vuln_blacklist, SRSO))
 +                      setup_force_cpu_bug(X86_BUG_SRSO);
 +      }
 +
+       /*
+        * Check if CPU is vulnerable to GDS. If running in a virtual machine on
+        * an affected processor, the VMM may have disabled the use of GATHER by
+        * disabling AVX2. The only way to do this in HW is to clear XCR0[2],
+        * which means that AVX will be disabled.
+        */
+       if (cpu_matches(cpu_vuln_blacklist, GDS) && !(ia32_cap & ARCH_CAP_GDS_NO) &&
+           boot_cpu_has(X86_FEATURE_AVX))
+               setup_force_cpu_bug(X86_BUG_GDS);
+ 
        if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN))
                return;
  

diff --cc arch/x86/kvm/x86.c
Simple merge

diff --cc drivers/base/cpu.c
index f111586,0469c09..52df435
--- 1/drivers/base/cpu.c
--- 2/drivers/base/cpu.c
+++ b/drivers/base/cpu.c
@@@ -577,12 -577,12 +577,18 @@@ ssize_t __weak cpu_show_retbleed(struc
        return sysfs_emit(buf, "Not affected\n");
  }
  
 +ssize_t __weak cpu_show_spec_rstack_overflow(struct device *dev,
 +                                           struct device_attribute *attr, char *buf)
 +{
 +      return sysfs_emit(buf, "Not affected\n");
 +}
 +
+ ssize_t __weak cpu_show_gds(struct device *dev,
+                           struct device_attribute *attr, char *buf)
+ {
+       return sysfs_emit(buf, "Not affected\n");
+ }
+ 
  static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
  static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
  static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
@@@ -594,7 -594,7 +600,8 @@@ static DEVICE_ATTR(itlb_multihit, 0444
  static DEVICE_ATTR(srbds, 0444, cpu_show_srbds, NULL);
  static DEVICE_ATTR(mmio_stale_data, 0444, cpu_show_mmio_stale_data, NULL);
  static DEVICE_ATTR(retbleed, 0444, cpu_show_retbleed, NULL);
 +static DEVICE_ATTR(spec_rstack_overflow, 0444, cpu_show_spec_rstack_overflow, NULL);
+ static DEVICE_ATTR(gather_data_sampling, 0444, cpu_show_gds, NULL);
  
  static struct attribute *cpu_root_vulnerabilities_attrs[] = {
        &dev_attr_meltdown.attr,
@@@ -608,7 -608,7 +615,8 @@@
        &dev_attr_srbds.attr,
        &dev_attr_mmio_stale_data.attr,
        &dev_attr_retbleed.attr,
 +      &dev_attr_spec_rstack_overflow.attr,
+       &dev_attr_gather_data_sampling.attr,
        NULL
  };