HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS338068

Update L1TF workaround to sustain L1D pollution from NMI.
rS338068
Actions

Description

Update L1TF workaround to sustain L1D pollution from NMI.

Current mitigation for L1TF in bhyve flushes L1D either by an explicit
WRMSR command, or by software reading enough uninteresting data to
fully populate all lines of L1D. If NMI occurs after either of
methods is completed, but before VM entry, L1D becomes polluted with
the cache lines touched by NMI handlers. There is no interesting data
which NMI accesses, but something sensitive might be co-located on the
same cache line, and then L1TF exposes that to a rogue guest.

Use VM entry MSR load list to ensure atomicity of L1D cache and VM
entry if updated microcode was loaded. If only software flush method
is available, try to help the bhyve sw flusher by also flushing L1D on
NMI exit to kernel mode.

Suggested by and discussed with: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D16790

Details

Provenance
kibAuthored on
Reviewer
jhb
Differential Revision
D16790: Update L1TF workaround to sustain L1D pollution from NMI.
Parents
rS338067: lualoader: Add drawer-exported variables for default logodefs
Branches
Unknown
Tags
Unknown

Changes (6)

PathSize
head/
sys/
amd64/
amd64/
include/
vmm/
intel/

rS338068

View Options

head/sys/amd64/amd64/exception.S

Loading...
View Options

head/sys/amd64/amd64/support.S

Loading...
View Options

head/sys/amd64/amd64/trap.c

Loading...
View Options

head/sys/amd64/include/md_var.h

Loading...
View Options

head/sys/amd64/vmm/intel/vmx.c

Loading...
View Options

head/sys/amd64/vmm/intel/vmx_support.S

Loading...