x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

	/* Index into per_cpu list: */

	/* Index into per_cpu list: */

	u16			cpu_index;

	u16			cpu_index;

	u32			microcode;

	u32			microcode;

	/* Address space bits used by the cache internally */

	u8			x86_cache_bits;

	unsigned		initialized : 1;

	unsigned		initialized : 1;

} __randomize_layout;

} __randomize_layout;

static inline unsigned long long l1tf_pfn_limit(void)

static inline unsigned long long l1tf_pfn_limit(void)

{

{

	return BIT_ULL(boot_cpu_data.x86_phys_bits - 1 - PAGE_SHIFT);

	return BIT_ULL(boot_cpu_data.x86_cache_bits - 1 - PAGE_SHIFT);

}

}

extern void early_cpu_init(void);

extern void early_cpu_init(void);

enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO;

enum vmx_l1d_flush_state l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_AUTO;

EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation);

EXPORT_SYMBOL_GPL(l1tf_vmx_mitigation);

/*

 * These CPUs all support 44bits physical address space internally in the

 * cache but CPUID can report a smaller number of physical address bits.

 *

 * The L1TF mitigation uses the top most address bit for the inversion of

 * non present PTEs. When the installed memory reaches into the top most

 * address bit due to memory holes, which has been observed on machines

 * which report 36bits physical address bits and have 32G RAM installed,

 * then the mitigation range check in l1tf_select_mitigation() triggers.

 * This is a false positive because the mitigation is still possible due to

 * the fact that the cache uses 44bit internally. Use the cache bits

 * instead of the reported physical bits and adjust them on the affected

 * machines to 44bit if the reported bits are less than 44.

 */

static void override_cache_bits(struct cpuinfo_x86 *c)

{

	if (c->x86 != 6)

		return;

	switch (c->x86_model) {

	case INTEL_FAM6_NEHALEM:

	case INTEL_FAM6_WESTMERE:

	case INTEL_FAM6_SANDYBRIDGE:

	case INTEL_FAM6_IVYBRIDGE:

	case INTEL_FAM6_HASWELL_CORE:

	case INTEL_FAM6_HASWELL_ULT:

	case INTEL_FAM6_HASWELL_GT3E:

	case INTEL_FAM6_BROADWELL_CORE:

	case INTEL_FAM6_BROADWELL_GT3E:

	case INTEL_FAM6_SKYLAKE_MOBILE:

	case INTEL_FAM6_SKYLAKE_DESKTOP:

	case INTEL_FAM6_KABYLAKE_MOBILE:

	case INTEL_FAM6_KABYLAKE_DESKTOP:

		if (c->x86_cache_bits < 44)

			c->x86_cache_bits = 44;

		break;

	}

}

static void __init l1tf_select_mitigation(void)

static void __init l1tf_select_mitigation(void)

{

{

	u64 half_pa;

	u64 half_pa;

	if (!boot_cpu_has_bug(X86_BUG_L1TF))

	if (!boot_cpu_has_bug(X86_BUG_L1TF))

		return;

		return;

	override_cache_bits(&boot_cpu_data);

	switch (l1tf_mitigation) {

	switch (l1tf_mitigation) {

	case L1TF_MITIGATION_OFF:

	case L1TF_MITIGATION_OFF:

	case L1TF_MITIGATION_FLUSH_NOWARN:

	case L1TF_MITIGATION_FLUSH_NOWARN:

	return;

	return;

#endif

#endif

	/*

	 * This is extremely unlikely to happen because almost all

	 * systems have far more MAX_PA/2 than RAM can be fit into

	 * DIMM slots.

	 */

	half_pa = (u64)l1tf_pfn_limit() << PAGE_SHIFT;

	half_pa = (u64)l1tf_pfn_limit() << PAGE_SHIFT;

	if (e820__mapped_any(half_pa, ULLONG_MAX - half_pa, E820_TYPE_RAM)) {

	if (e820__mapped_any(half_pa, ULLONG_MAX - half_pa, E820_TYPE_RAM)) {

		pr_warn("System has more than MAX_PA/2 memory. L1TF mitigation not effective.\n");

		pr_warn("System has more than MAX_PA/2 memory. L1TF mitigation not effective.\n");

	else if (cpu_has(c, X86_FEATURE_PAE) || cpu_has(c, X86_FEATURE_PSE36))

	else if (cpu_has(c, X86_FEATURE_PAE) || cpu_has(c, X86_FEATURE_PSE36))

		c->x86_phys_bits = 36;

		c->x86_phys_bits = 36;

#endif

#endif

	c->x86_cache_bits = c->x86_phys_bits;

}

}

static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c)

static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c)