• Kai Huang's avatar
    kvm: x86: Fix L1TF mitigation for shadow MMU · 61455bf2
    Kai Huang authored
    Currently KVM sets 5 most significant bits of physical address bits
    reported by CPUID (boot_cpu_data.x86_phys_bits) for nonpresent or
    reserved bits SPTE to mitigate L1TF attack from guest when using shadow
    MMU. However for some particular Intel CPUs the physical address bits
    of internal cache is greater than physical address bits reported by
    CPUID.
    
    Use the kernel's existing boot_cpu_data.x86_cache_bits to determine the
    five most significant bits. Doing so improves KVM's L1TF mitigation in
    the unlikely scenario that system RAM overlaps the high order bits of
    the "real" physical address space as reported by CPUID. This aligns with
    the kernel's warnings regarding L1TF mitigation, e.g. in the above
    scenario the kernel won't warn the user about lack of L1TF mitigation
    if x86_cache_bits is greater than x86_phys_bits.
    
    Also initialize shadow_nonpresent_or_rsvd_mask explicitly to make it
    consistent with other 'shadow_{xxx}_mask', and opportunistically add a
    WARN once if KVM's L1TF mitigation cannot be applied on a system that
    is marked as being susceptible to L1TF.
    Reviewed-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
    Signed-off-by: default avatarKai Huang <kai.huang@linux.intel.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    61455bf2
mmu.c 159 KB