HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS354649

Workaround for Intel SKL002/SKL012S errata.
rS354649
Actions

Description

Workaround for Intel SKL002/SKL012S errata.

Disable the use of executable 2M page mappings in EPT-format page
tables on affected CPUs. For bhyve virtual machines, this effectively
disables all use of superpage mappings on affected CPUs. The
vm.pmap.allow_2m_x_ept sysctl can be set to override the default and
enable mappings on affected CPUs.

Alternate approaches have been suggested, but at present we do not
believe the complexity is warranted for typical bhyve's use cases.

Reviewed by: alc, emaste, markj, scottl
Security: CVE-2018-12207
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D21884

Details

Provenance
kibAuthored on
Reviewer
alc
Differential Revision
Restricted Differential Revision
Parents
rS354648: nvdimm(4): Fix various problems when the using the second label index block
Branches
Unknown
Tags
Unknown

Event Timeline

kib committed rS354649: Workaround for Intel SKL002/SKL012S errata..Nov 12 2019, 6:01 PM
kib added an edge: Restricted Differential Revision.

Changes (5)

PathSize
head/
share/
man/
man7/
sys/
amd64/
amd64/
include/
dev/
cpuctl/
x86/
include/

rS354649

View Options

head/share/man/man7/security.7

Loading...
View Options

head/sys/amd64/amd64/pmap.c

Loading...
View Options

head/sys/amd64/include/pmap.h

Loading...
View Options

head/sys/dev/cpuctl/cpuctl.c

Loading...
View Options

head/sys/x86/include/specialreg.h

Loading...