x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()

For VMEXITs caused by external interrupts, vmx_handle_external_intr()
indirectly calls into the interrupt handlers through the host's IDT.

It follows that these interrupts get accounted for in the
kvm_cpu_l1tf_flush_l1d per-cpu flag.

The subsequently executed vmx_l1d_flush() will thus be aware that some
interrupts have happened and conduct a L1d flush anyway.

Setting l1tf_flush_l1d from vmx_handle_external_intr() isn't needed
anymore. Drop it.

Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Orabug: 28220674
CVE: CVE-2018-3646

(cherry picked from commit 18b57ce2eb8c8b9a24174a89250cf5f57c76ecdc)

Signed-off-by: Mihai Carabas <mihai.carabas@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Conflicts:
	arch/x86/kvm/vmx.c
Contextual: different content

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 622b5bbf9d734ca8b41e4ca6386ec61d693f8748..78f629fa3feb31ca27c4e56f156ca76232c72b18 100644 (file)
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -8303,7 +8303,6 @@ static void vmx_handle_external_intr(struct kvm_vcpu *vcpu)
                        [ss]"i"(__KERNEL_DS),
                        [cs]"i"(__KERNEL_CS)
                        );
-               vcpu->arch.l1tf_flush_l1d = true;
        } else
                local_irq_enable();
 }