]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 5c19e61) | patch
x86/KVM/VMX: Add L1D flush algorithm
authorPaolo Bonzini <pbonzini@redhat.com>
Mon, 2 Jul 2018 10:47:38 +0000 (12:47 +0200)
committerKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Sat, 11 Aug 2018 00:44:38 +0000 (20:44 -0400)
commitb5eacf4d0002b6fc57fdac82cd3451456a48d083
tree0505d41510d633124056aa67ef7fa612010b0746tree
parent5c19e617cd353b4f80866983a5af02019cd6c9e3commit | diff
x86/KVM/VMX: Add L1D flush algorithm

To mitigate the L1 Terminal Fault vulnerability it's required to flush L1D
on VMENTER to prevent rogue guests from snooping host memory.

CPUs will have a new control MSR via a microcode update to flush L1D with a
single MSR write, but in the absence of microcode a fallback to a software
based flush algorithm is required.

Add a software flush loop which is based on code from Intel.

[ tglx: Split out from combo patch ]
[ bpetkov: Polish the asm code ]

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Orabug: 28220674
CVE: CVE-2018-3646

(cherry picked from commit a47dd5f06714c844b33f3b5f517b6f3e81ce57b5)

Signed-off-by: Mihai Carabas <mihai.carabas@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Conflicts:
    arch/x86/kvm/vmx.c
Contextual: different content
arch/x86/kvm/vmx.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.