]> xenbits.xensource.com Git - xen.git/commit
projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b03a57c) | patch
x86/spec-ctrl: Introduce an option to control L1TF mitigation for PV guests
authorAndrew Cooper <andrew.cooper3@citrix.com>
Mon, 23 Jul 2018 13:46:10 +0000 (13:46 +0000)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 14 Aug 2018 15:56:47 +0000 (16:56 +0100)
commit66a4e986819a86ba66ca2fe9d925e62a4fd30114
tree28586a0660bda5e9a29a1bff21084e9a167bb153tree
parentb03a57c9383b32181e60add6b6de12b473652aa4commit | diff
x86/spec-ctrl: Introduce an option to control L1TF mitigation for PV guests

Shadowing a PV guest is only available when shadow paging is compiled in.
When shadow paging isn't available, guests can be crashed instead as
mitigation from Xen's point of view.

Ideally, dom0 would also be potentially-shadowed-by-default, but dom0 has
never been shadowed before, and there are some stability issues under
investigation.

This is part of XSA-273 / CVE-2018-3620.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
docs/misc/xen-command-line.markdown diff | blob | blame | history
xen/arch/x86/Kconfig diff | blob | blame | history
xen/arch/x86/spec_ctrl.c diff | blob | blame | history
xen/include/asm-x86/spec_ctrl.h diff | blob | blame | history
Xen (staging and unstable) mirror