mirror of
https://github.com/projectacrn/acrn-hypervisor.git
synced 2025-08-25 03:09:50 +00:00
doc: update l1tf.rst line endings setting to unix style
Convert line endings setting for l1tf.rst doc from windows style to unix style. Tracked-On: #1672 Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
This commit is contained in:
Yonghua Huang
David Kinder
parent
eefb06b303
commit
d6247ff721
@ -1,285 +1,285 @@
|
|||||||
.. _l1tf:
|
.. _l1tf:
|
||||||
|
|
||||||
L1TF Overview
|
L1TF Overview
|
||||||
#############
|
#############
|
||||||
|
|
||||||
L1 Terminal Fault is a speculative side channel which allows unprivileged
|
L1 Terminal Fault is a speculative side channel which allows unprivileged
|
||||||
speculative access to data which is available in the Level 1 Data Cache
|
speculative access to data which is available in the Level 1 Data Cache
|
||||||
when the page table entry controlling the virtual address, which is used
|
when the page table entry controlling the virtual address, which is used
|
||||||
for the access, has the Present bit cleared or reserved bits set.
|
for the access, has the Present bit cleared or reserved bits set.
|
||||||
|
|
||||||
When the processor accesses a linear address, it first looks for a
|
When the processor accesses a linear address, it first looks for a
|
||||||
translation to a physical address in the translation lookaside buffer (TLB).
|
translation to a physical address in the translation lookaside buffer (TLB).
|
||||||
For an unmapped address this will not provide a physical address, so the
|
For an unmapped address this will not provide a physical address, so the
|
||||||
processor performs a table walk of a hierarchical paging structure in
|
processor performs a table walk of a hierarchical paging structure in
|
||||||
memory that provides translations from linear to physical addresses. A page
|
memory that provides translations from linear to physical addresses. A page
|
||||||
fault is signaled if this table walk fails.
|
fault is signaled if this table walk fails.
|
||||||
|
|
||||||
During the process of a terminal fault, the processor speculatively computes
|
During the process of a terminal fault, the processor speculatively computes
|
||||||
a physical address from the paging structure entry and the address of the
|
a physical address from the paging structure entry and the address of the
|
||||||
fault. This physical address is composed of the address of the page frame
|
fault. This physical address is composed of the address of the page frame
|
||||||
and low order bits from the linear address. If data with this physical
|
and low order bits from the linear address. If data with this physical
|
||||||
address is present in the L1D, that data may be loaded and forwarded to
|
address is present in the L1D, that data may be loaded and forwarded to
|
||||||
dependent instructions. These dependent instructions may create a side
|
dependent instructions. These dependent instructions may create a side
|
||||||
channel.
|
channel.
|
||||||
|
|
||||||
Because the resulting probed physical address is not a true translation of
|
Because the resulting probed physical address is not a true translation of
|
||||||
the virtual address, the resulting address is not constrained by various
|
the virtual address, the resulting address is not constrained by various
|
||||||
memory range checks or nested translations. Specifically:
|
memory range checks or nested translations. Specifically:
|
||||||
|
|
||||||
* Intel SGX protected memory checks are not applied.
|
* Intel SGX protected memory checks are not applied.
|
||||||
* Extended Page Table (EPT) guest physical to host physical address
|
* Extended Page Table (EPT) guest physical to host physical address
|
||||||
translation is not applied.
|
translation is not applied.
|
||||||
* SMM protected memory checks are not applied.
|
* SMM protected memory checks are not applied.
|
||||||
|
|
||||||
The following CVE entries are related to the L1TF:
|
The following CVE entries are related to the L1TF:
|
||||||
|
|
||||||
============= ================= ==============================
|
============= ================= ==============================
|
||||||
CVE-2018-3615 L1 Terminal Fault SGX related aspects
|
CVE-2018-3615 L1 Terminal Fault SGX related aspects
|
||||||
CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
|
CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
|
||||||
CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
|
CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
|
||||||
============= ================= ==============================
|
============= ================= ==============================
|
||||||
|
|
||||||
Please refer to `Intel Analysis of L1TF`_ and `Linux L1TF document`_ for
|
Please refer to `Intel Analysis of L1TF`_ and `Linux L1TF document`_ for
|
||||||
more details.
|
more details.
|
||||||
|
|
||||||
.. _Intel Analysis of L1TF:
|
.. _Intel Analysis of L1TF:
|
||||||
https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-l1-terminal-fault
|
https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-l1-terminal-fault
|
||||||
|
|
||||||
.. _Linux L1TF document:
|
.. _Linux L1TF document:
|
||||||
https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/l1tf.rst
|
https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/l1tf.rst
|
||||||
|
|
||||||
L1TF Problem in ACRN
|
L1TF Problem in ACRN
|
||||||
####################
|
####################
|
||||||
|
|
||||||
There are mainly three attack scenarios considered in ACRN:
|
There are mainly three attack scenarios considered in ACRN:
|
||||||
|
|
||||||
- Guest->hypervisor attack
|
- Guest->hypervisor attack
|
||||||
- Guest->guest attack
|
- Guest->guest attack
|
||||||
- Normal_world->secure_world attack (Android specific)
|
- Normal_world->secure_world attack (Android specific)
|
||||||
|
|
||||||
Malicious user space is not a concern to ACRN hypervisor, because
|
Malicious user space is not a concern to ACRN hypervisor, because
|
||||||
every guest runs in VMX non-root. It is reponsibility of guest kernel
|
every guest runs in VMX non-root. It is reponsibility of guest kernel
|
||||||
to protect itself from malicious user space attack.
|
to protect itself from malicious user space attack.
|
||||||
|
|
||||||
SGX/SMM related attacks are mitigated by using latest ucode. There is
|
SGX/SMM related attacks are mitigated by using latest ucode. There is
|
||||||
no additional action in ACRN hypervisor.
|
no additional action in ACRN hypervisor.
|
||||||
|
|
||||||
Guest->hypervisor Attack
|
Guest->hypervisor Attack
|
||||||
******************************
|
******************************
|
||||||
|
|
||||||
ACRN always enables EPT for all guests (SOS and UOS), thus a malicious
|
ACRN always enables EPT for all guests (SOS and UOS), thus a malicious
|
||||||
guest can directly control guest PTEs to construct L1TF-based attack
|
guest can directly control guest PTEs to construct L1TF-based attack
|
||||||
to hypervisor. Alternatively if ACRN EPT are not sanitized with some
|
to hypervisor. Alternatively if ACRN EPT are not sanitized with some
|
||||||
PTEs (with present bit cleared, or reserved bit set) pointing to valid
|
PTEs (with present bit cleared, or reserved bit set) pointing to valid
|
||||||
host PFNs, a malicious guest may use those EPT PTEs to construct attack.
|
host PFNs, a malicious guest may use those EPT PTEs to construct attack.
|
||||||
|
|
||||||
A special aspect of L1TF in the context of virtualization is symmetric
|
A special aspect of L1TF in the context of virtualization is symmetric
|
||||||
multi threading (SMT), e.g. Intel(R) Hyper-Threading Technology.
|
multi threading (SMT), e.g. Intel(R) Hyper-Threading Technology.
|
||||||
Logical processors on the affected physical cores share the L1 Data Cache
|
Logical processors on the affected physical cores share the L1 Data Cache
|
||||||
(L1D). This fact could make more variants of L1TF-based attack, e.g.
|
(L1D). This fact could make more variants of L1TF-based attack, e.g.
|
||||||
a malicious guest running on one logical processor can attack the data which
|
a malicious guest running on one logical processor can attack the data which
|
||||||
is brought into L1D by the context which runs on the sibling thread of
|
is brought into L1D by the context which runs on the sibling thread of
|
||||||
the same physical core. This context can be any code in hypervisor.
|
the same physical core. This context can be any code in hypervisor.
|
||||||
|
|
||||||
--secure data in ACRN hypervisor--
|
--secure data in ACRN hypervisor--
|
||||||
|
|
||||||
It is hard to decide which data in ACRN hypervisor is secret or valuable
|
It is hard to decide which data in ACRN hypervisor is secret or valuable
|
||||||
data. The amount of valuable data from ACRN contexts cannot be declared as
|
data. The amount of valuable data from ACRN contexts cannot be declared as
|
||||||
non-interesting for an attacker without deep inspection of the code.
|
non-interesting for an attacker without deep inspection of the code.
|
||||||
|
|
||||||
But obviously, the most import secret data in ACRN is the physical platform
|
But obviously, the most import secret data in ACRN is the physical platform
|
||||||
seed generated from CSME and virtual seeds which are derived from that
|
seed generated from CSME and virtual seeds which are derived from that
|
||||||
platform seed. They are critical secrets to serve for guest keystore or
|
platform seed. They are critical secrets to serve for guest keystore or
|
||||||
other security usage, e.g. disk encryption, secure storage.
|
other security usage, e.g. disk encryption, secure storage.
|
||||||
|
|
||||||
Guest->guest Attack
|
Guest->guest Attack
|
||||||
******************************
|
******************************
|
||||||
|
|
||||||
A malicious guest may use the same side channel as introduced in
|
A malicious guest may use the same side channel as introduced in
|
||||||
last section to attack other guests. The possibility of guest->guest
|
last section to attack other guests. The possibility of guest->guest
|
||||||
attack varies on specific configuration, e.g. whether CPU partitioning
|
attack varies on specific configuration, e.g. whether CPU partitioning
|
||||||
is used, whether Hyper-Threading is on, etc.
|
is used, whether Hyper-Threading is on, etc.
|
||||||
|
|
||||||
If CPU partitioning is enabled (default policy in ACRN), there is
|
If CPU partitioning is enabled (default policy in ACRN), there is
|
||||||
1:1 mapping between vCPUs and pCPUs i.e. no sharing on pCPU. Then
|
1:1 mapping between vCPUs and pCPUs i.e. no sharing on pCPU. Then
|
||||||
the only attack possibility is when Hyper-Threading is on, where
|
the only attack possibility is when Hyper-Threading is on, where
|
||||||
logical processors of same physical core may be allocated to two
|
logical processors of same physical core may be allocated to two
|
||||||
different guests. Then one guest may be able to attack the other guest
|
different guests. Then one guest may be able to attack the other guest
|
||||||
on sibling thread due to shared L1D.
|
on sibling thread due to shared L1D.
|
||||||
|
|
||||||
If CPU sharing is enabled (not supported now), two VMs may share
|
If CPU sharing is enabled (not supported now), two VMs may share
|
||||||
same pCPU thus next VM may steal information in L1D which comes
|
same pCPU thus next VM may steal information in L1D which comes
|
||||||
from activity of previous VM on the same pCPU.
|
from activity of previous VM on the same pCPU.
|
||||||
|
|
||||||
Normal_world->Secure_world Attack
|
Normal_world->Secure_world Attack
|
||||||
*********************************
|
*********************************
|
||||||
|
|
||||||
ACRN supports Android guest, which requires two running worlds
|
ACRN supports Android guest, which requires two running worlds
|
||||||
(normal world vs. secure world). Two worlds run on the same CPU,
|
(normal world vs. secure world). Two worlds run on the same CPU,
|
||||||
and world switch is conducted on demand. Then it is possible for
|
and world switch is conducted on demand. Then it is possible for
|
||||||
normal world to construct L1TF-based stack to secure world, thus
|
normal world to construct L1TF-based stack to secure world, thus
|
||||||
break the security model as expected by Android guest.
|
break the security model as expected by Android guest.
|
||||||
|
|
||||||
Affected Processors
|
Affected Processors
|
||||||
******************************
|
******************************
|
||||||
|
|
||||||
L1TF affects a range of Intel processors, but Intel ATOM processors
|
L1TF affects a range of Intel processors, but Intel ATOM processors
|
||||||
(including Apollo Lake) are immune to it. Currently ACRN hypervisor
|
(including Apollo Lake) are immune to it. Currently ACRN hypervisor
|
||||||
supports only Apollo Lake, but other core-based platforms may be also
|
supports only Apollo Lake, but other core-based platforms may be also
|
||||||
supported in the future so we still need a mitigation plan in ACRN.
|
supported in the future so we still need a mitigation plan in ACRN.
|
||||||
|
|
||||||
Processors that have the RDCL_NO bit set to one (1) in the
|
Processors that have the RDCL_NO bit set to one (1) in the
|
||||||
IA32_ARCH_CAPABILITIES MSR are not susceptible to the L1TF
|
IA32_ARCH_CAPABILITIES MSR are not susceptible to the L1TF
|
||||||
speculative exectuion side channel.
|
speculative exectuion side channel.
|
||||||
|
|
||||||
Please refer to `Intel Analysis of L1TF`_ for more details.
|
Please refer to `Intel Analysis of L1TF`_ for more details.
|
||||||
|
|
||||||
L1TF Mitigation in ACRN
|
L1TF Mitigation in ACRN
|
||||||
#######################
|
#######################
|
||||||
|
|
||||||
The basic assumption is to use latest ucode, which mitigates SMM
|
The basic assumption is to use latest ucode, which mitigates SMM
|
||||||
and SGX cases while also providing necessary capability for VMM
|
and SGX cases while also providing necessary capability for VMM
|
||||||
to use for further mitigation.
|
to use for further mitigation.
|
||||||
|
|
||||||
ACRN will check the platform capability based on `CPUID enumeration
|
ACRN will check the platform capability based on `CPUID enumeration
|
||||||
and architectural MSR`_. For L1TF affected platform (CPUID.07H.EDX.29
|
and architectural MSR`_. For L1TF affected platform (CPUID.07H.EDX.29
|
||||||
with MSR_IA32_ARCH_CAPABILITIES), L1D_FLUSH capability(CPUID.07H.EDX.28)
|
with MSR_IA32_ARCH_CAPABILITIES), L1D_FLUSH capability(CPUID.07H.EDX.28)
|
||||||
must be supported.
|
must be supported.
|
||||||
|
|
||||||
.. _CPUID enumeration and architectural MSR:
|
.. _CPUID enumeration and architectural MSR:
|
||||||
https://software.intel.com/security-software-guidance/insights/deep-dive-cpuid-enumeration-and-architectural-msrs
|
https://software.intel.com/security-software-guidance/insights/deep-dive-cpuid-enumeration-and-architectural-msrs
|
||||||
|
|
||||||
Not all of below mitigations will be implemented. Even for
|
Not all of below mitigations will be implemented. Even for
|
||||||
implemented mitigations not all of them apply in a given ACRN
|
implemented mitigations not all of them apply in a given ACRN
|
||||||
deployment. Please always check *status* section and
|
deployment. Please always check *status* section and
|
||||||
*recommendation* section for detail guidance.
|
*recommendation* section for detail guidance.
|
||||||
|
|
||||||
EPT Sanitization
|
EPT Sanitization
|
||||||
****************
|
****************
|
||||||
|
|
||||||
EPT is sanitized to avoid pointing to valid host memory in PTEs
|
EPT is sanitized to avoid pointing to valid host memory in PTEs
|
||||||
which has present bit cleared or reserved bits set.
|
which has present bit cleared or reserved bits set.
|
||||||
|
|
||||||
For non-present PTEs, ACRN currently set pfn bits to ZERO, which
|
For non-present PTEs, ACRN currently set pfn bits to ZERO, which
|
||||||
means page ZERO might fall into risk if containing security info.
|
means page ZERO might fall into risk if containing security info.
|
||||||
ACRN reserves page ZERO (0~4K) from page allocator thus page ZERO
|
ACRN reserves page ZERO (0~4K) from page allocator thus page ZERO
|
||||||
won't be used by anybody for valid usage. This sanitization logic
|
won't be used by anybody for valid usage. This sanitization logic
|
||||||
is always enabled on all platforms.
|
is always enabled on all platforms.
|
||||||
|
|
||||||
ACRN hypervisor doesn't set reserved bits in any EPT entry.
|
ACRN hypervisor doesn't set reserved bits in any EPT entry.
|
||||||
|
|
||||||
L1D flush on VMENTRY
|
L1D flush on VMENTRY
|
||||||
**************************
|
**************************
|
||||||
|
|
||||||
ACRN may optionally flush L1D at VMENTRY, which ensures no
|
ACRN may optionally flush L1D at VMENTRY, which ensures no
|
||||||
sensitive information from hypervisor or previous VM revealed
|
sensitive information from hypervisor or previous VM revealed
|
||||||
to current VM (in case of CPU sharing).
|
to current VM (in case of CPU sharing).
|
||||||
|
|
||||||
Flushing the L1D evicts not only the data which should not be
|
Flushing the L1D evicts not only the data which should not be
|
||||||
accessed by a potentially malicious guest, it also flushes the
|
accessed by a potentially malicious guest, it also flushes the
|
||||||
guest data. Flushing the L1D has a performance impact as the
|
guest data. Flushing the L1D has a performance impact as the
|
||||||
processor has to bring the flushed guest data back into the L1D,
|
processor has to bring the flushed guest data back into the L1D,
|
||||||
and actual overhead is proportional to the frequency of vmentry.
|
and actual overhead is proportional to the frequency of vmentry.
|
||||||
|
|
||||||
Due to such performance reason, ACRN provides a config option
|
Due to such performance reason, ACRN provides a config option
|
||||||
(L1D_FLUSH_VMENTRY) to enable/disable L1D flush during
|
(L1D_FLUSH_VMENTRY) to enable/disable L1D flush during
|
||||||
VMENTRY. By default this option is disabled.
|
VMENTRY. By default this option is disabled.
|
||||||
|
|
||||||
Put Secret Data into Uncached Memory
|
Put Secret Data into Uncached Memory
|
||||||
************************************
|
************************************
|
||||||
|
|
||||||
If the critical secret data in ACRN is identified, then such
|
If the critical secret data in ACRN is identified, then such
|
||||||
data can be put into un-cached memory. As the content will
|
data can be put into un-cached memory. As the content will
|
||||||
never go to L1D, it is immune to L1TF attack
|
never go to L1D, it is immune to L1TF attack
|
||||||
|
|
||||||
For example, after getting the physical seed from CSME, before any guest
|
For example, after getting the physical seed from CSME, before any guest
|
||||||
starts, ACRN can pre-derive all the virtual seeds for all the
|
starts, ACRN can pre-derive all the virtual seeds for all the
|
||||||
guests and then put these virtual seeds into uncached memory,
|
guests and then put these virtual seeds into uncached memory,
|
||||||
at the same time flush & erase physical seed.
|
at the same time flush & erase physical seed.
|
||||||
|
|
||||||
If all security data are identified and put in uncached
|
If all security data are identified and put in uncached
|
||||||
meomry in a specific deployment, then it is not necessary to
|
meomry in a specific deployment, then it is not necessary to
|
||||||
prevent guest->hypervisor attack, since there is nothing
|
prevent guest->hypervisor attack, since there is nothing
|
||||||
useful to be attacked.
|
useful to be attacked.
|
||||||
|
|
||||||
However if such 100% identification is not possible, user should
|
However if such 100% identification is not possible, user should
|
||||||
consider other mitigation options to protect hypervisor.
|
consider other mitigation options to protect hypervisor.
|
||||||
|
|
||||||
L1D flush on World Switch
|
L1D flush on World Switch
|
||||||
**************************
|
**************************
|
||||||
|
|
||||||
For L1D-affected platforms, ACRN writes to aforementioned MSR
|
For L1D-affected platforms, ACRN writes to aforementioned MSR
|
||||||
to flush L1D when switching from secure world to normal world.
|
to flush L1D when switching from secure world to normal world.
|
||||||
Doing so guarantees no sensitive information from secure world
|
Doing so guarantees no sensitive information from secure world
|
||||||
leaked in L1D. Performance impact is expected to small since world
|
leaked in L1D. Performance impact is expected to small since world
|
||||||
switch frequency is not expected high.
|
switch frequency is not expected high.
|
||||||
|
|
||||||
It's not necessary to flush L1D in the other direction, since
|
It's not necessary to flush L1D in the other direction, since
|
||||||
normal world is less privileged entity to secure world.
|
normal world is less privileged entity to secure world.
|
||||||
|
|
||||||
This mitigation is always enabled.
|
This mitigation is always enabled.
|
||||||
|
|
||||||
Core-based scheduling
|
Core-based scheduling
|
||||||
***********************
|
***********************
|
||||||
|
|
||||||
If Hyper-Threading is enabled, there is no easy method to mitigate
|
If Hyper-Threading is enabled, there is no easy method to mitigate
|
||||||
L1TF attack from a sibling processor on the same physical core.
|
L1TF attack from a sibling processor on the same physical core.
|
||||||
|
|
||||||
A basic idea is to avoid running sensitive context (if containing
|
A basic idea is to avoid running sensitive context (if containing
|
||||||
security data which a given VM has no premission to access) on
|
security data which a given VM has no premission to access) on
|
||||||
the same physical core that runs said VM. It requires scheduler
|
the same physical core that runs said VM. It requires scheduler
|
||||||
enhancement to enable core-based scheduling policy, so all threads
|
enhancement to enable core-based scheduling policy, so all threads
|
||||||
on the same core are always scheduled to the same VM. Also there
|
on the same core are always scheduled to the same VM. Also there
|
||||||
are some further actions required to protect hypervisor and
|
are some further actions required to protect hypervisor and
|
||||||
secure world from sibling attacks in core-based scheduler.
|
secure world from sibling attacks in core-based scheduler.
|
||||||
|
|
||||||
Please note there is no commitment of implementation it so far.
|
Please note there is no commitment of implementation it so far.
|
||||||
ACRN community will keep evaluating this part based on usage
|
ACRN community will keep evaluating this part based on usage
|
||||||
requirements and hardware platform status.
|
requirements and hardware platform status.
|
||||||
|
|
||||||
Mitigation Recommendations
|
Mitigation Recommendations
|
||||||
##########################
|
##########################
|
||||||
|
|
||||||
There is no mitigation required on Apollo Lake based platforms.
|
There is no mitigation required on Apollo Lake based platforms.
|
||||||
|
|
||||||
For other affected platforms:
|
For other affected platforms:
|
||||||
|
|
||||||
The majority use case for ACRN is in pre-configured environment,
|
The majority use case for ACRN is in pre-configured environment,
|
||||||
where the whole software stack (from ACRN hypervisor to guest
|
where the whole software stack (from ACRN hypervisor to guest
|
||||||
kernel to SOS root) is tightly controlled by solution provider
|
kernel to SOS root) is tightly controlled by solution provider
|
||||||
and not allowed for run-time change after sale (guest kernel is
|
and not allowed for run-time change after sale (guest kernel is
|
||||||
sort of trusted). In that case solution provider will make sure
|
sort of trusted). In that case solution provider will make sure
|
||||||
that guest kernel is up-to-date including necessary page table
|
that guest kernel is up-to-date including necessary page table
|
||||||
sanitization, thus there is no attack interface exposed within
|
sanitization, thus there is no attack interface exposed within
|
||||||
guest. Then a minimal mitigation configuration is sufficient
|
guest. Then a minimal mitigation configuration is sufficient
|
||||||
with negligible performance impact, as explained below:
|
with negligible performance impact, as explained below:
|
||||||
|
|
||||||
1) Use latest ucode
|
1) Use latest ucode
|
||||||
2) Guest kernel is up-to-date with page table sanitization
|
2) Guest kernel is up-to-date with page table sanitization
|
||||||
3) EPT sanitization (always enabled)
|
3) EPT sanitization (always enabled)
|
||||||
4) Flush L1D at world switch (Android specific, always enabled)
|
4) Flush L1D at world switch (Android specific, always enabled)
|
||||||
|
|
||||||
In case that someone wants to deploy ACRN into an open environment
|
In case that someone wants to deploy ACRN into an open environment
|
||||||
where guest kernel is considered untrusted. There are more
|
where guest kernel is considered untrusted. There are more
|
||||||
mitigation options required according to the specific usage
|
mitigation options required according to the specific usage
|
||||||
requirements:
|
requirements:
|
||||||
|
|
||||||
5) Put hypervisor security data in UC memory if possible
|
5) Put hypervisor security data in UC memory if possible
|
||||||
6) Enable L1D_FLUSH_VMENTRY option, if
|
6) Enable L1D_FLUSH_VMENTRY option, if
|
||||||
- Doing 5) is not feasible, or
|
- Doing 5) is not feasible, or
|
||||||
- CPU sharing is enabled (in the future)
|
- CPU sharing is enabled (in the future)
|
||||||
|
|
||||||
If Hyper-Threading is enabled, there is no available option
|
If Hyper-Threading is enabled, there is no available option
|
||||||
before core scheduling is planned. User should understand
|
before core scheduling is planned. User should understand
|
||||||
the security implication and only turn on Hyper-Threading
|
the security implication and only turn on Hyper-Threading
|
||||||
when the potential risk is acceptable to their usage.
|
when the potential risk is acceptable to their usage.
|
||||||
|
|
||||||
Status
|
Status
|
||||||
######
|
######
|
||||||
|
|
||||||
EPT sanitization: supported
|
EPT sanitization: supported
|
||||||
L1D flush on VMENTRY: supported
|
L1D flush on VMENTRY: supported
|
||||||
L1D flush on world switch: supported
|
L1D flush on world switch: supported
|
||||||
Uncached security data: n/a
|
Uncached security data: n/a
|
||||||
Core scheduling: n/a
|
Core scheduling: n/a
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user