x86/bugs: Restructure L1TF mitigation

Restructure L1TF to use select/apply functions to create consistent vulnerability handling. Define new AUTO mitigation for L1TF. Signed-off-by: David Kaplan <david.kaplan@amd.com> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Link: https://lore.kernel.org/20250418161721.1855190-16-david.kaplan@amd.com
author: David Kaplan <david.kaplan@amd.com> 2025-04-18 11:17:20 -0500
committer: Borislav Petkov (AMD) <bp@alien8.de> 2025-04-29 18:57:30 +0200
commit: d43ba2dc8eeeca21811fd9b30e3bd15bb35caaec (patch)
tree: 900621ab2ef80fa1b91903e9510daac9a4196589 /arch/x86/kvm/vmx/vmx.c
parent: 5ece59a2fca6e1467558467a05cf742b7e52d1b7 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index a1754f7ba889..0aba4719ae0a 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -273,6 +273,7 @@ static int vmx_setup_l1d_flush(enum vmx_l1d_flush_state l1tf)
 		case L1TF_MITIGATION_OFF:
 			l1tf = VMENTER_L1D_FLUSH_NEVER;
 			break;
+		case L1TF_MITIGATION_AUTO:
 		case L1TF_MITIGATION_FLUSH_NOWARN:
 		case L1TF_MITIGATION_FLUSH:
 		case L1TF_MITIGATION_FLUSH_NOSMT:
@@ -7704,6 +7705,7 @@ int vmx_vm_init(struct kvm *kvm)
 		case L1TF_MITIGATION_FLUSH_NOWARN:
 			/* 'I explicitly don't care' is set */
 			break;
+		case L1TF_MITIGATION_AUTO:
 		case L1TF_MITIGATION_FLUSH:
 		case L1TF_MITIGATION_FLUSH_NOSMT:
 		case L1TF_MITIGATION_FULL:
author	David Kaplan <david.kaplan@amd.com>	2025-04-18 11:17:20 -0500
committer	Borislav Petkov (AMD) <bp@alien8.de>	2025-04-29 18:57:30 +0200
commit	d43ba2dc8eeeca21811fd9b30e3bd15bb35caaec (patch)
tree	900621ab2ef80fa1b91903e9510daac9a4196589 /arch/x86/kvm/vmx/vmx.c
parent	5ece59a2fca6e1467558467a05cf742b7e52d1b7 (diff)