CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	kib <kib@FreeBSD.org>
	Sun, 19 Aug 2018 18:47:16 +0000 (18:47 +0000)
committer	kib <kib@FreeBSD.org>
	Sun, 19 Aug 2018 18:47:16 +0000 (18:47 +0000)
commit	04480b85720f408ee5f0312e9e1001542917804d
tree	f4e38a4a2790deefe3868fdc1d25baf70c9c89dd	tree \| snapshot
parent	de3fd6a50385dcd5d328513d739d927923c8128d	commit \| diff

Update L1TF workaround to sustain L1D pollution from NMI.

Current mitigation for L1TF in bhyve flushes L1D either by an explicit
WRMSR command, or by software reading enough uninteresting data to
fully populate all lines of L1D.  If NMI occurs after either of
methods is completed, but before VM entry, L1D becomes polluted with
the cache lines touched by NMI handlers.  There is no interesting data
which NMI accesses, but something sensitive might be co-located on the
same cache line, and then L1TF exposes that to a rogue guest.

Use VM entry MSR load list to ensure atomicity of L1D cache and VM
entry if updated microcode was loaded.  If only software flush method
is available, try to help the bhyve sw flusher by also flushing L1D on
NMI exit to kernel mode.

Suggested by and discussed with: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D16790

sys/amd64/amd64/exception.S		diff \| blob \| history
sys/amd64/amd64/support.S		diff \| blob \| history
sys/amd64/amd64/trap.c		diff \| blob \| history
sys/amd64/include/md_var.h		diff \| blob \| history
sys/amd64/vmm/intel/vmx.c		diff \| blob \| history
sys/amd64/vmm/intel/vmx_support.S		diff \| blob \| history