github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-06-13 09:24:57 +00:00
Code Issues Projects Releases Wiki Activity

HV: flush L1 cache when switching to normal world

Browse Source 
-to avoid information leaking from secure world to
  normal world on platform affected by L1TF.

Tracked-On: #1672
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
This commit is contained in:
Yonghua Huang 2018-09-12 00:58:45 +08:00 committed by lijinxia
parent 34a6336525
commit fb68468cfd
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
hypervisor/arch/x86/trusty.c
View File

@ -306,11 +306,15 @@ void switch_world(struct vcpu *vcpu, int next_world)
copy_smc_param(&arch_vcpu->contexts[!next_world].run_ctx, copy_smc_param(&arch_vcpu->contexts[!next_world].run_ctx,
&arch_vcpu->contexts[next_world].run_ctx); &arch_vcpu->contexts[next_world].run_ctx);
/* load EPTP for next world */
if (next_world == NORMAL_WORLD) { if (next_world == NORMAL_WORLD) {
/* load EPTP for next world */
exec_vmwrite64(VMX_EPT_POINTER_FULL, exec_vmwrite64(VMX_EPT_POINTER_FULL,
hva2hpa(vcpu->vm->arch_vm.nworld_eptp) | hva2hpa(vcpu->vm->arch_vm.nworld_eptp) |
(3UL << 3U) | 0x6UL); (3UL << 3U) | 0x6UL);
#ifndef CONFIG_L1D_FLUSH_VMENTRY_ENABLED
cpu_l1d_flush();
#endif
} else { } else {
exec_vmwrite64(VMX_EPT_POINTER_FULL, exec_vmwrite64(VMX_EPT_POINTER_FULL,
hva2hpa(vcpu->vm->arch_vm.sworld_eptp) | hva2hpa(vcpu->vm->arch_vm.sworld_eptp) |