forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
Linux kernel for uConsole
797,520 commits 5 branches 3 tags 4.3 GiB
  • C 97.1%
  • Assembly 1.8%
  • Shell 0.4%
  • Makefile 0.3%
  • Python 0.2%
Find a file
Kai Huang 40202c0356 kvm: x86: Fix L1TF mitigation for shadow MMU 
[ Upstream commit 61455bf262 ]

Currently KVM sets 5 most significant bits of physical address bits
reported by CPUID (boot_cpu_data.x86_phys_bits) for nonpresent or
reserved bits SPTE to mitigate L1TF attack from guest when using shadow
MMU. However for some particular Intel CPUs the physical address bits
of internal cache is greater than physical address bits reported by
CPUID.

Use the kernel's existing boot_cpu_data.x86_cache_bits to determine the
five most significant bits. Doing so improves KVM's L1TF mitigation in
the unlikely scenario that system RAM overlaps the high order bits of
the "real" physical address space as reported by CPUID. This aligns with
the kernel's warnings regarding L1TF mitigation, e.g. in the above
scenario the kernel won't warn the user about lack of L1TF mitigation
if x86_cache_bits is greater than x86_phys_bits.

Also initialize shadow_nonpresent_or_rsvd_mask explicitly to make it
consistent with other 'shadow_{xxx}_mask', and opportunistically add a
WARN once if KVM's L1TF mitigation cannot be applied on a system that
is marked as being susceptible to L1TF.

Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-06-22 09:05:04 +02:00
arch kvm: x86: Fix L1TF mitigation for shadow MMU 2020-06-22 09:05:04 +02:00
block block, bfq: fix use-after-free in bfq_idle_slice_timer_body 2020-04-17 10:48:42 +02:00
certs export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR() 2018-08-22 23:21:44 +09:00
crypto gcc-10: avoid shadowing standard library 'free()' in crypto 2020-05-20 08:18:46 +02:00
Documentation x86/speculation: Add Ivy Bridge to affected list 2020-06-10 21:35:01 +02:00
drivers crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated 2020-06-22 09:05:03 +02:00
firmware Fix built-in early-load Intel microcode alignment 2020-01-23 08:21:29 +01:00
fs nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() 2020-06-22 09:05:03 +02:00
include KVM: x86: Fix APIC page invalidation race 2020-06-22 09:05:04 +02:00
init x86: Fix early boot crash on gcc-10, third try 2020-05-20 08:18:49 +02:00
ipc ipc/util.c: sysvipc_find_ipc() incorrectly updates position index 2020-05-20 08:18:40 +02:00
kernel sched/fair: Don't NUMA balance for kthreads 2020-06-22 09:05:00 +02:00
lib lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-06-22 09:04:59 +02:00
LICENSES LICENSES: Remove CC-BY-SA-4.0 license text 2018-10-18 11:28:50 +02:00
mm mm: add kvfree_sensitive() for freeing sensitive data objects 2020-06-22 09:05:01 +02:00
net bridge: Avoid infinite loop when suppressing NS messages with invalid options 2020-06-22 09:04:58 +02:00
samples samples: bpf: Fix build error 2020-06-03 08:19:31 +02:00
scripts gcc-common.h: Update for GCC 10 2020-05-27 17:37:30 +02:00
security mm: add kvfree_sensitive() for freeing sensitive data objects 2020-06-22 09:05:01 +02:00
sound ALSA: pcm: disallow linking stream to itself 2020-06-22 09:05:03 +02:00
tools perf probe: Accept the instance number of kretprobe event 2020-06-22 09:05:00 +02:00
usr initramfs: restore default compression behavior 2020-04-13 10:44:59 +02:00
virt KVM: x86: Fix APIC page invalidation race 2020-06-22 09:05:04 +02:00
.clang-format clang-format: Set IndentWrappedFunctionNames false 2018-08-01 18:38:51 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Kbuild updates for v4.17 (2nd) 2018-04-15 17:21:30 -07:00
.mailmap libnvdimm-for-4.19_misc 2018-08-25 18:13:10 -07:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS 9p: remove Ron Minnich from MAINTAINERS 2018-08-17 16:20:26 -07:00
Kbuild Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Kconfig kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt 2018-08-02 08:06:55 +09:00
MAINTAINERS MAINTAINERS: Update drm/i915 bug filing URL 2020-02-28 16:38:49 +01:00
Makefile Linux 4.19.128 2020-06-10 21:35:02 +02:00
README Docs: Added a pointer to the formatted docs to README 2018-03-21 09:02:53 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.