diff options
author | Junaid Shahid <junaids@google.com> | 2018-08-14 10:15:34 -0700 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2018-08-14 19:25:59 +0200 |
commit | 28a1f3ac1d0c8558ee4453d9634dad891a6e922e (patch) | |
tree | c5dcce8e4448224ddc737ca8e1a8dc63bd6dff44 /virt | |
parent | fd8ca6dac9b45db8503cf508880edd63e039e2f2 (diff) |
kvm: x86: Set highest physical address bits in non-present/reserved SPTEs
Always set the 5 upper-most supported physical address bits to 1 for SPTEs
that are marked as non-present or reserved, to make them unusable for
L1TF attacks from the guest. Currently, this just applies to MMIO SPTEs.
(We do not need to mark PTEs that are completely 0 as physical page 0
is already reserved.)
This allows mitigation of L1TF without disabling hyper-threading by using
shadow paging mode instead of EPT.
Signed-off-by: Junaid Shahid <junaids@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'virt')
0 files changed, 0 insertions, 0 deletions