From fb68468cfd27526cc45d5fd261a6b2521bd1af0c Mon Sep 17 00:00:00 2001
From: Yonghua Huang <yonghua.huang@intel.com>
Date: Wed, 12 Sep 2018 00:58:45 +0800
Subject: [PATCH] HV: flush L1 cache when switching to normal world

 -to avoid information leaking from secure world to
  normal world on platform affected by L1TF.

Tracked-On: #1672
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
---
 hypervisor/arch/x86/trusty.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/hypervisor/arch/x86/trusty.c b/hypervisor/arch/x86/trusty.c
index 33fdcc3c6..9e214b871 100644
--- a/hypervisor/arch/x86/trusty.c
+++ b/hypervisor/arch/x86/trusty.c
@@ -306,11 +306,15 @@ void switch_world(struct vcpu *vcpu, int next_world)
 	copy_smc_param(&arch_vcpu->contexts[!next_world].run_ctx,
 			&arch_vcpu->contexts[next_world].run_ctx);
 
-	/* load EPTP for next world */
 	if (next_world == NORMAL_WORLD) {
+		/* load EPTP for next world */
 		exec_vmwrite64(VMX_EPT_POINTER_FULL,
 			hva2hpa(vcpu->vm->arch_vm.nworld_eptp) |
 			(3UL << 3U) | 0x6UL);
+
+#ifndef CONFIG_L1D_FLUSH_VMENTRY_ENABLED
+		cpu_l1d_flush();
+#endif
 	} else {
 		exec_vmwrite64(VMX_EPT_POINTER_FULL,
 			hva2hpa(vcpu->vm->arch_vm.sworld_eptp) |