github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-05-05 23:16:59 +00:00
Code Issues Projects Releases Wiki Activity
01b54241c6
acrn-hypervisor/hypervisor/arch/x86
History
Li Fei1 01b54241c6 hv: ept: only treak execution right for large pages 
To mitigate the page size change MCE vulnerability (CVE-2018-12207), ACRN would
clear the execution permission in the EPT paging-structure entries for large pages
and then intercept an EPT execution-permission violation caused by an attempt to
execution an instruction in the guest.

However, the current code would clear the execution permission in the EPT paging-
structure entries for small pages too when we clearing the the execution permission
for large pages. This would trigger extra EPT violation VM exits.

This patch fix this issue.

Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Tracked-On: #5788
2021-03-03 13:46:49 +08:00
..
boot hv: modularization: remove global variable efiloader_sig. 2021-01-27 15:59:47 +08:00
configs HV: deny HV owned PCI bar access from SOS 2021-02-03 14:01:23 +08:00
guest hv: page: use dynamic page allocation for pagetable mapping 2021-03-01 13:10:04 +08:00
lib HV: rewrite memcpy_s to be iso c11 compliant 2020-06-08 13:30:04 +08:00
seed hv: modularization: change of multiboot API. 2021-01-27 15:59:47 +08:00
cpu_caps.c hv: page: use dynamic page allocation for pagetable mapping 2021-03-01 13:10:04 +08:00
cpu_state_tbl.c HV: add board specific cpu state table to support Px Cx 2019-07-29 20:25:16 +08:00
cpu.c hv: page: use dynamic page allocation for pagetable mapping 2021-03-01 13:10:04 +08:00
e820.c HV: panic on 0 address when do e820_alloc_memory 2021-02-26 16:38:32 +08:00
gdt.c hv:cleanup header files for arch folder 2019-02-22 13:14:36 +08:00
idt.S HV: Install a NMI handler in acrn IDT 2019-12-13 10:13:09 +08:00
init.c hv: modularization: remove global variable efiloader_sig. 2021-01-27 15:59:47 +08:00
ioapic.c hv: mmu: rename hv_access_memory_region_update to ppt_clear_user_bit 2020-11-02 10:29:43 +08:00
irq.c hv: coding style clean-up related to Boolean 2020-11-28 14:51:32 +08:00
Kconfig kv: kconfig: remove some unused ram size kconfig 2021-03-01 13:10:04 +08:00
lapic.c hv:cpu-caps:refine processor family and model info 2020-08-14 10:08:50 +08:00
mmu.c hv: page: use dynamic page allocation for pagetable mapping 2021-03-01 13:10:04 +08:00
notify.c hv: maintain a per-pCPU array of vCPUs and handle posted interrupt IRQs 2020-04-15 13:47:22 +08:00
page.c hv: page: add free_page 2021-03-01 13:10:04 +08:00
pagetable.c hv: ept: only treak execution right for large pages 2021-03-03 13:46:49 +08:00
platform_caps.c hv: add function to check if using posted interrupt is possible for vm 2020-04-15 13:47:22 +08:00
pm.c pm: S5: update the system shutdown logical in ACRN 2019-12-23 15:15:09 +08:00
rdt.c hv: coding style clean-up related to Boolean 2020-11-28 14:51:32 +08:00
rtcm.c hv: hypercall: prevent sos can touch hv/pre-launched VM resource 2021-02-02 16:55:40 +08:00
sched.S hv: sched: rename schedule related structs and vars 2019-10-16 10:25:53 +08:00
security.c hv: keylocker: Support Key Locker feature for guest VM 2021-02-03 13:54:45 +08:00
sgx.c hv: sgx: add basic support to init sgx resource for vm 2019-05-29 11:24:13 +08:00
timer.c hv: list: rename list_entry to container_of 2020-03-31 10:57:47 +08:00
trampoline.c hv: modularization: avoid dependency of multiboot on zeropage.h. 2021-01-27 15:59:47 +08:00
vmx.c hv:fix "no prototype for non-static function" 2019-07-09 10:36:03 +08:00
vtd.c hv: mmu: rename hv_access_memory_region_update to ppt_clear_user_bit 2020-11-02 10:29:43 +08:00
wakeup.S hv: pm: correct the function name 2019-09-11 17:30:24 +08:00