1. 18 6月, 2021 1 次提交
  2. 27 5月, 2021 1 次提交
  3. 15 5月, 2021 1 次提交
  4. 17 4月, 2021 2 次提交
  5. 07 4月, 2021 3 次提交
  6. 06 4月, 2021 1 次提交
  7. 31 3月, 2021 1 次提交
  8. 25 3月, 2021 1 次提交
  9. 19 3月, 2021 7 次提交
  10. 18 3月, 2021 1 次提交
  11. 10 3月, 2021 1 次提交
    • M
      KVM: arm64: Ensure I-cache isolation between vcpus of a same VM · 01dc9262
      Marc Zyngier 提交于
      It recently became apparent that the ARMv8 architecture has interesting
      rules regarding attributes being used when fetching instructions
      if the MMU is off at Stage-1.
      
      In this situation, the CPU is allowed to fetch from the PoC and
      allocate into the I-cache (unless the memory is mapped with
      the XN attribute at Stage-2).
      
      If we transpose this to vcpus sharing a single physical CPU,
      it is possible for a vcpu running with its MMU off to influence
      another vcpu running with its MMU on, as the latter is expected to
      fetch from the PoU (and self-patching code doesn't flush below that
      level).
      
      In order to solve this, reuse the vcpu-private TLB invalidation
      code to apply the same policy to the I-cache, nuking it every time
      the vcpu runs on a physical CPU that ran another vcpu of the same
      VM in the past.
      
      This involve renaming __kvm_tlb_flush_local_vmid() to
      __kvm_flush_cpu_context(), and inserting a local i-cache invalidation
      there.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NMarc Zyngier <maz@kernel.org>
      Acked-by: NWill Deacon <will@kernel.org>
      Acked-by: NCatalin Marinas <catalin.marinas@arm.com>
      Link: https://lore.kernel.org/r/20210303164505.68492-1-maz@kernel.org
      01dc9262
  12. 09 2月, 2021 1 次提交
  13. 23 1月, 2021 1 次提交
  14. 21 1月, 2021 1 次提交
  15. 30 12月, 2020 1 次提交
  16. 24 12月, 2020 1 次提交
  17. 22 12月, 2020 3 次提交
  18. 04 12月, 2020 10 次提交
  19. 01 12月, 2020 1 次提交
    • M
      KVM: arm64: Advertise ID_AA64PFR0_EL1.CSV3=1 if the CPUs are Meltdown-safe · 4f1df628
      Marc Zyngier 提交于
      Cores that predate the introduction of ID_AA64PFR0_EL1.CSV3 to
      the ARMv8 architecture have this field set to 0, even of some of
      them are not affected by the vulnerability.
      
      The kernel maintains a list of unaffected cores (A53, A55 and a few
      others) so that it doesn't impose an expensive mitigation uncessarily.
      
      As we do for CSV2, let's expose the CSV3 property to guests that run
      on HW that is effectively not vulnerable. This can be reset to zero
      by writing to the ID register from userspace, ensuring that VMs can
      be migrated despite the new property being set.
      Reported-by: NWill Deacon <will@kernel.org>
      Signed-off-by: NMarc Zyngier <maz@kernel.org>
      4f1df628
  20. 28 11月, 2020 1 次提交