Skip to content

Commit

Permalink
x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
Browse files Browse the repository at this point in the history
If the L1TF CPU bug is present we allow the KVM module to be loaded as the
major of users that use Linux and KVM have trusted guests and do not want a
broken setup.

Cloud vendors are the ones that are uncomfortable with CVE 2018-3620 and as
such they are the ones that should set nosmt to one.

Setting 'nosmt' means that the system administrator also needs to disable
SMT (Hyper-threading) in the BIOS, or via the 'nosmt' command line
parameter, or via the /sys/devices/system/cpu/smt/control. See commit
05736e4 ("cpu/hotplug: Provide knobs to control SMT").

Other mitigations are to use task affinity, cpu sets, interrupt binding,
etc - anything to make sure that _only_ the same guests vCPUs are running
on sibling threads.

Signed-off-by: Konrad Rzeszutek Wilk <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
  • Loading branch information
konradwilk authored and KAGA-KOKO committed Jul 4, 2018
1 parent 0cc3cd2 commit 26acfb6
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 0 deletions.
6 changes: 6 additions & 0 deletions Documentation/admin-guide/kernel-parameters.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1946,6 +1946,12 @@
[KVM,ARM] Allow use of GICv4 for direct injection of
LPIs.

kvm-intel.nosmt=[KVM,Intel] If the L1TF CPU bug is present (CVE-2018-3620)
and the system has SMT (aka Hyper-Threading) enabled then
don't allow guests to be created.

Default is 0 (allow guests to be created).

kvm-intel.ept= [KVM,Intel] Disable extended page tables
(virtualized MMU) support on capable Intel chips.
Default is 1 (enabled)
Expand Down
13 changes: 13 additions & 0 deletions arch/x86/kvm/vmx.c
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,9 @@ static const struct x86_cpu_id vmx_cpu_id[] = {
};
MODULE_DEVICE_TABLE(x86cpu, vmx_cpu_id);

static bool __read_mostly nosmt;
module_param(nosmt, bool, S_IRUGO);

static bool __read_mostly enable_vpid = 1;
module_param_named(vpid, enable_vpid, bool, 0444);

Expand Down Expand Up @@ -10370,10 +10373,20 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
return ERR_PTR(err);
}

#define L1TF_MSG "SMT enabled with L1TF CPU bug present. Refer to CVE-2018-3620 for details.\n"

static int vmx_vm_init(struct kvm *kvm)
{
if (!ple_gap)
kvm->arch.pause_in_guest = true;

if (boot_cpu_has(X86_BUG_L1TF) && cpu_smt_control == CPU_SMT_ENABLED) {
if (nosmt) {
pr_err(L1TF_MSG);
return -EOPNOTSUPP;
}
pr_warn(L1TF_MSG);
}
return 0;
}

Expand Down
1 change: 1 addition & 0 deletions kernel/cpu.c
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,7 @@ EXPORT_SYMBOL_GPL(cpu_hotplug_enable);

#ifdef CONFIG_HOTPLUG_SMT
enum cpuhp_smt_control cpu_smt_control __read_mostly = CPU_SMT_ENABLED;
EXPORT_SYMBOL_GPL(cpu_smt_control);

static int __init smt_cmdline_disable(char *str)
{
Expand Down

0 comments on commit 26acfb6

Please sign in to comment.