kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (28a1f3ac) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit 28a1f3ac authored Aug 14, 2018 by

Junaid Shahid Committed by Paolo Bonzini Aug 14, 2018

kvm: x86: Set highest physical address bits in non-present/reserved SPTEs



Always set the 5 upper-most supported physical address bits to 1 for SPTEs
that are marked as non-present or reserved, to make them unusable for
L1TF attacks from the guest. Currently, this just applies to MMIO SPTEs.
(We do not need to mark PTEs that are completely 0 as physical page 0
is already reserved.)

This allows mitigation of L1TF without disabling hyper-threading by using
shadow paging mode instead of EPT.

Signed-off-by: Junaid Shahid <junaids@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

parent fd8ca6da

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit a4e761c9
· Mar 06, 2020

mentioned in commit a4e761c9

mentioned in commit a4e761c9f63ae12c5e2fc586b77082fd07e54212

Toggle commit list
mirror @mirror
mentioned in commit 48711322
· Mar 06, 2020

mentioned in commit 48711322

mentioned in commit 487113220d0b5ac4763accf2ba5a552f5e44cbd3

Toggle commit list
mirror @mirror
mentioned in commit 36a896ec
· Mar 06, 2020

mentioned in commit 36a896ec

mentioned in commit 36a896ecbb65d53131d6e80f99344e9ff668e06b

Toggle commit list
mirror @mirror
mentioned in commit e12afc7d
· Mar 12, 2020

mentioned in commit e12afc7d

mentioned in commit e12afc7d76d63eabadc444f620bcf6be4306f0d6

Toggle commit list
mirror @mirror
mentioned in commit f70e3cd5
· May 24, 2020

mentioned in commit f70e3cd5

mentioned in commit f70e3cd5460ba1d7d2c3133bbea8176e4ec5c6b6

Toggle commit list

Please register or to comment