Skip to content

GitLab

Switch branch/tag
History Find file
Clone
x86/speculation/l1tf: Protect PAE swap entries against L1TF
Vlastimil Babka authored 
The PAE 3-level paging code currently doesn't mitigate L1TF by flipping the
offset bits, and uses the high PTE word, thus bits 32-36 for type, 37-63 for
offset. The lower word is zeroed, thus systems with less than 4GB memory are
safe. With 4GB to 128GB the swap type selects the memory locations vulnerable
to L1TF; with even more memory, also the swap offfset influences the address.
This might be a problem with 32bit PAE guests running on large 64bit hosts.

By continuing to keep the whole swap entry in either high or low 32bit word of
PTE we would limit the swap size too much. Thus this patch uses the whole PAE
PTE with the same layout as the 64bit version does. The macros just become a
bit tricky since they assume the arch-dependent swp_entry_t to be 32bit.
Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Acked-by: default avatarMichal Hocko <mhocko@suse.com>
0d0f6249
Name Last commit Last update
..
boot Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
configs x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*'
crypto crypto: x86/salsa20 - remove x86 salsa20 implementations
entry docs: Fix some broken references
events treewide: kzalloc() -> kcalloc()
hyperv x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header
ia32 syscalls/x86: auto-create compat_sys_*() prototypes
include x86/speculation/l1tf: Protect PAE swap entries against L1TF
kernel x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
kvm KVM: x86: VMX: redo fix for link error without CONFIG_HYPERV
lib Merge tag 'libnvdimm-for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
math-emu License cleanup: add SPDX GPL-2.0 license identifier to files with no license
mm x86/speculation/l1tf: Protect PAE swap entries against L1TF
net treewide: kmalloc() -> kmalloc_array()
oprofile x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
pci treewide: kzalloc() -> kcalloc()
platform treewide: kzalloc() -> kcalloc()
power x86/mm: Stop pretending pgtable_l5_enabled is a variable
purgatory kernel/kexec_file.c: move purgatories sha256 to common code
ras License cleanup: add SPDX GPL-2.0 license identifier to files with no license
realmode x86-64/realmode: Add instruction suffix
tools x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
um Merge tag 'kconfig-v4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
video x86/video: Don't assume all FB devices are PCI devices
xen Merge tag 'for-linus-4.18-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip
.gitignore x86/build: Add arch/x86/tools/insn_decoder_test to .gitignore
Kbuild Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Kconfig cpu/hotplug: Provide knobs to control SMT
Kconfig.cpu Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Kconfig.debug x86, nfit_test: Add unit test for memcpy_mcsafe()
Makefile kbuild: add machine size to CHECKFLAGS
Makefile.um License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Makefile_32.cpu License cleanup: add SPDX GPL-2.0 license identifier to files with no license