acrn-hypervisor

mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-05-06 15:36:59 +00:00

History

Li Fei1 01b54241c6 hv: ept: only treak execution right for large pages To mitigate the page size change MCE vulnerability (CVE-2018-12207), ACRN would clear the execution permission in the EPT paging-structure entries for large pages and then intercept an EPT execution-permission violation caused by an attempt to execution an instruction in the guest. However, the current code would clear the execution permission in the EPT paging- structure entries for small pages too when we clearing the the execution permission for large pages. This would trigger extra EPT violation VM exits. This patch fix this issue. Signed-off-by: Li Fei1 <fei1.li@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com> Tracked-On: #5788	2021-03-03 13:46:49 +08:00
..
x86	hv: ept: only treak execution right for large pages	2021-03-03 13:46:49 +08:00

Li Fei1 01b54241c6 hv: ept: only treak execution right for large pages

To mitigate the page size change MCE vulnerability (CVE-2018-12207), ACRN would
clear the execution permission in the EPT paging-structure entries for large pages
and then intercept an EPT execution-permission violation caused by an attempt to
execution an instruction in the guest.

However, the current code would clear the execution permission in the EPT paging-
structure entries for small pages too when we clearing the the execution permission
for large pages. This would trigger extra EPT violation VM exits.

This patch fix this issue.

Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Tracked-On: #5788

2021-03-03 13:46:49 +08:00

x86

hv: ept: only treak execution right for large pages

2021-03-03 13:46:49 +08:00