Branch: refs/heads/next
Home: https://github.com/siemens/jailhouse
Commit: 9b7d0557abf32afc5bd02067c8bb04fdda984db0
https://github.com/siemens/jailhouse/commit/9b7d0557abf32afc5bd02067c8bb04fdda984db0
Author: Jan Kiszka <jan.kis...@siemens.com>
Date: 2018-08-15 (Wed, 15 Aug 2018)
Changed paths:
M hypervisor/arch/x86/include/asm/paging.h
M hypervisor/arch/x86/paging.c
Log Message:
-----------
x86: Harden non-present mappings against L1TF
Foreshadow(-NG) has been published, and while we are already pretty well
hardened by avoiding to share cores and by hiding sensitive data of
remote cells when running in hypervisor mode, we can and probably should
do better: I key aspect of CVE-2018-3620 and CVE-2018-3646 is that Intel
CPUs ignore the present bit when speculatively using PTEs. Therefore, a
simple and practically cost-free mitigation is to ensure that
non-present page table entries point to non-present physical addresses.
We can easily achieve that by folding invalid address bits into
PAGE_NONPRESENT_FLAGS.
This change primarily affects the hiding of the per-CPU mappings in the
hypervisor address space after setup. However, we also modify the
clear_entry callback to do the same, although there is currently no case
in the hypervisor address space where we hide sensitive data via
paging_destroy - better safe than sorry /wrt potential future changes.
Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
**NOTE:** This service has been marked for deprecation:
https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jailhouse-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
