From: Josh Poimboeuf <jpoimboe@redhat.com>
Subject: [PATCH] cpu/hotplug: detect SMT disabled by BIOS
Patch-mainline: v4.19-rc1
Git-commit: 73d5e2b472640b1fcdb61ae8be389912ef211bda
References: bsc#1089343 CVE-2018-3646
commit 73d5e2b472640b1fcdb61ae8be389912ef211bda upstream
If SMT is disabled in BIOS, the CPU code doesn't properly detect it.
The /sys/devices/system/cpu/smt/control file shows 'on', and the 'l1tf'
vulnerabilities file shows SMT as vulnerable.
Fix it by forcing 'cpu_smt_control' to CPU_SMT_NOT_SUPPORTED in such a
case. Unfortunately the detection can only be done after bringing all
the CPUs online, so we have to overwrite any previous writes to the
variable.
Reported-by: Joe Mario <jmario@redhat.com>
Tested-by: Jiri Kosina <jkosina@suse.cz>
Fixes: f048c399e0f7 ("x86/topology: Provide topology_smt_supported()")
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
---
kernel/cpu.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/kernel/cpu.c b/kernel/cpu.c
index 39b9e0c65f12..4547bc72febb 100644
--- a/kernel/cpu.c
+++ b/kernel/cpu.c
@@ -2137,6 +2137,15 @@ static const struct attribute_group cpuhp_smt_attr_group = {
static int __init cpu_smt_state_init(void)
{
+ /*
+ * If SMT was disabled by BIOS, detect it here, after the CPUs have
+ * been brought online. This ensures the smt/l1tf sysfs entries are
+ * consistent with reality. Note this may overwrite cpu_smt_control's
+ * previous setting.
+ */
+ if (topology_max_smt_threads() == 1)
+ cpu_smt_control = CPU_SMT_NOT_SUPPORTED;
+
return sysfs_create_group(&cpu_subsys.dev_root->kobj,
&cpuhp_smt_attr_group);
}
--
2.12.3