kvm: x86: Set highest physical address bits in non-present/reserved SPTEs - openslx/kernel-qcow2-linux.git

diff options

author	Junaid Shahid	2018-08-14 19:15:34 +0200
committer	Paolo Bonzini	2018-08-14 19:25:59 +0200
commit	28a1f3ac1d0c8558ee4453d9634dad891a6e922e (patch)
tree	c5dcce8e4448224ddc737ca8e1a8dc63bd6dff44 /arch/s390/kvm
parent	KVM/x86: Use CC_SET()/CC_OUT in arch/x86/kvm/vmx.c (diff)
download	kernel-qcow2-linux-28a1f3ac1d0c8558ee4453d9634dad891a6e922e.tar.gz kernel-qcow2-linux-28a1f3ac1d0c8558ee4453d9634dad891a6e922e.tar.xz kernel-qcow2-linux-28a1f3ac1d0c8558ee4453d9634dad891a6e922e.zip

kvm: x86: Set highest physical address bits in non-present/reserved SPTEs

Always set the 5 upper-most supported physical address bits to 1 for SPTEs that are marked as non-present or reserved, to make them unusable for L1TF attacks from the guest. Currently, this just applies to MMIO SPTEs. (We do not need to mark PTEs that are completely 0 as physical page 0 is already reserved.) This allows mitigation of L1TF without disabling hyper-threading by using shadow paging mode instead of EPT. Signed-off-by: Junaid Shahid <junaids@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Diffstat (limited to 'arch/s390/kvm')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: