On Fri, Sep 19, 2025 at 10:32:59AM -0700, Harshit Mogalapalli wrote:
From: Borislav Petkov bp@alien8.de
[ Upstream commit 8442df2b49ed9bcd67833ad4f091d15ac91efd00 ]
Add support for
CPUID Fn8000_0021_EAX[31] (SRSO_MSR_FIX). If this bit is 1, it indicates that software may use MSR BP_CFG[BpSpecReduce] to mitigate SRSO.
Enable BpSpecReduce to mitigate SRSO across guest/host boundaries.
Switch back to enabling the bit when virtualization is enabled and to clear the bit when virtualization is disabled because using a MSR slot would clear the bit when the guest is exited and any training the guest has done, would potentially influence the host kernel when execution enters the kernel and hasn't VMRUN the guest yet.
More detail on the public thread in Link below.
Co-developed-by: Sean Christopherson seanjc@google.com Signed-off-by: Sean Christopherson seanjc@google.com Signed-off-by: Borislav Petkov (AMD) bp@alien8.de Link: https://lore.kernel.org/r/20241202120416.6054-1-bp@kernel.org (cherry picked from commit 8442df2b49ed9bcd67833ad4f091d15ac91efd00)
This and the next patch doesn't need those "cherry picked from" - that's what the "Upstream commit... " tag is for.
But Greg will zap that when applying.
Other than that, LGTM.
Thx for doing that.