From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 12 Jul 2018 17:11:39 -0000 Received: from mail.linuxfoundation.org ([140.211.169.12]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fdf7x-0002LV-6I for speck@linutronix.de; Thu, 12 Jul 2018 19:11:37 +0200 Date: Thu, 12 Jul 2018 19:11:28 +0200 From: Greg KH Subject: [MODERATED] Re: [patch V10 07/10] Control knobs and Documentation 7 Message-ID: <20180712171128.GH23030@kroah.com> References: <20180712141902.576562442@linutronix.de> <20180712142957.540646470@linutronix.de> MIME-Version: 1.0 In-Reply-To: <20180712142957.540646470@linutronix.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Thu, Jul 12, 2018 at 04:19:09PM +0200, speck for Thomas Gleixner wrote: > Subject: [patch V10 07/10] x86/kvm: Allow runtime control of L1D flush > From: Thomas Gleixner > > All mitigation modes can be switched at run time with a static key now: > > - Use sysfs_streq() instead of strcmp() to handle the trailing new line > from sysfs writes correctly. > - Make the static key management handle multiple invocations properly. > - Set the module parameter file to RW > > Signed-off-by: Thomas Gleixner > --- > arch/x86/kernel/cpu/bugs.c | 2 +- > arch/x86/kvm/vmx.c | 13 ++++++++----- > 2 files changed, 9 insertions(+), 6 deletions(-) > > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -661,7 +661,7 @@ void x86_spec_ctrl_setup_ap(void) > #define pr_fmt(fmt) "L1TF: " fmt > > #if IS_ENABLED(CONFIG_KVM_INTEL) > -enum vmx_l1d_flush_state l1tf_vmx_mitigation __ro_after_init = VMENTER_L1D_FLUSH_AUTO; > +enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO; > EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation); > #endif > > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -234,12 +234,15 @@ static int vmx_setup_l1d_flush(enum vmx_ > > l1tf_vmx_mitigation = l1tf; > > - if (l1tf == VMENTER_L1D_FLUSH_NEVER) > - return 0; > + if (l1tf != VMENTER_L1D_FLUSH_NEVER) > + static_branch_enable(&vmx_l1d_should_flush); > + else > + static_branch_disable(&vmx_l1d_should_flush); > > - static_branch_enable(&vmx_l1d_should_flush); > if (l1tf == VMENTER_L1D_FLUSH_ALWAYS) > static_branch_enable(&vmx_l1d_flush_always); > + else > + static_branch_disable(&vmx_l1d_flush_always); > return 0; > } > > @@ -249,7 +252,7 @@ static int vmentry_l1d_flush_parse(const > > if (s) { > for (i = 0; i < ARRAY_SIZE(vmentry_l1d_param); i++) { > - if (!strcmp(s, vmentry_l1d_param[i].option)) > + if (sysfs_streq(s, vmentry_l1d_param[i].option)) > return vmentry_l1d_param[i].cmd; > } > } > @@ -293,7 +296,7 @@ static const struct kernel_param_ops vme > .set = vmentry_l1d_flush_set, > .get = vmentry_l1d_flush_get, > }; > -module_param_cb(vmentry_l1d_flush, &vmentry_l1d_flush_ops, NULL, S_IRUGO); > +module_param_cb(vmentry_l1d_flush, &vmentry_l1d_flush_ops, NULL, 0644); Thanks for this last change, that was bothering me... Reviewed-by: Greg Kroah-Hartman