[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1573593697-25061-1-git-send-email-pbonzini@redhat.com>
Date: Tue, 12 Nov 2019 22:21:30 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Subject: [FYI PATCH 0/7] Mitigation for CVE-2018-12207
CVE-2018-12207 is a microarchitectural implementation issue
that could allow an unprivileged local attacker to cause system wide
denial-of-service condition.
Privileged software may change the page size (ex. 4KB, 2MB, 1GB) in the
paging structures, without following such paging structure changes with
invalidation of the TLB entries corresponding to the changed pages. In
this case, the attacker could invoke instruction fetch, which will result
in the processor hitting multiple TLB entries, reporting a machine check
error exception, and ultimately hanging the system.
The attached patches mitigate the vulnerability by making huge pages
non-executable. The processor will not be able to execute an instruction
residing in a large page (ie. 2MB, 1GB, etc.) without causing a trap into
the host kernel/hypervisor; KVM will then break the large page into 4KB
pages and gives executable permission to 4KB pages.
Thanks to everyone that was involved in the development of these patches,
especially Junaid Shahid, who provided the first version of the code,
and Thomas Gleixner.
Paolo
Gomez Iglesias, Antonio (1):
Documentation: Add ITLB_MULTIHIT documentation
Junaid Shahid (2):
kvm: Add helper function for creating VM worker threads
kvm: x86: mmu: Recovery of shattered NX large pages
Paolo Bonzini (1):
kvm: mmu: ITLB_MULTIHIT mitigation
Pawan Gupta (1):
x86/cpu: Add Tremont to the cpu vulnerability whitelist
Tyler Hicks (1):
cpu/speculation: Uninline and export CPU mitigations helpers
Vineela Tummalapalli (1):
x86/bugs: Add ITLB_MULTIHIT bug infrastructure
Documentation/ABI/testing/sysfs-devices-system-cpu | 1 +
Documentation/admin-guide/hw-vuln/index.rst | 1 +
Documentation/admin-guide/hw-vuln/multihit.rst | 163 +++++++++++++
Documentation/admin-guide/kernel-parameters.txt | 25 ++
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/kvm_host.h | 6 +
arch/x86/include/asm/msr-index.h | 7 +
arch/x86/kernel/cpu/bugs.c | 24 ++
arch/x86/kernel/cpu/common.c | 67 ++---
arch/x86/kvm/mmu.c | 270 ++++++++++++++++++++-
arch/x86/kvm/mmu.h | 4 +
arch/x86/kvm/paging_tmpl.h | 29 ++-
arch/x86/kvm/x86.c | 20 ++
drivers/base/cpu.c | 8 +
include/linux/cpu.h | 27 +--
include/linux/kvm_host.h | 6 +
kernel/cpu.c | 27 ++-
virt/kvm/kvm_main.c | 112 +++++++++
18 files changed, 732 insertions(+), 66 deletions(-)
create mode 100644 Documentation/admin-guide/hw-vuln/multihit.rst
--
1.8.3.1
Powered by blists - more mailing lists