|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PATCH] x86/svm: Always flush TLB using TLB_CTRL_FLUSH_ALL
Xen currently uses an ASID scheme where:
- ASIDs are cycled where a "TLB flush" is performed
- When ASIDs wrap around, perform a full TLB flush
- In exceptional cases, stop using ASIDs
However, the TLB control mode used only flushes the current active ASID of
the logical processor. Which mean that will supply "stale" ASIDs (not flushed),
because it hasn't been actually flushed (TLB_CTRL_FLUSH_ASID only performs a
TLB flush of the ASID set in VMCB).
This affects CPUs where flush-by-asid is available (Fam15h (2011) and later).
To fix this, always flush all ASIDs even when flush-by-asid is available.
Fixes: 64b1da5a2fcf ("x86/svm: Use flush-by-asid when available")
Signed-off-by: Teddy Astie <teddy.astie@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
This patch has been sent first at the security mailing list
(security@xxxxxxxxxxxxxx)
which asked me to publish it publicly due to it being actually safe in practice.
xen/arch/x86/hvm/svm/asid.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/xen/arch/x86/hvm/svm/asid.c b/xen/arch/x86/hvm/svm/asid.c
index 7977a8e86b..b2ca639539 100644
--- a/xen/arch/x86/hvm/svm/asid.c
+++ b/xen/arch/x86/hvm/svm/asid.c
@@ -46,9 +46,8 @@ void svm_asid_handle_vmrun(void)
if ( vmcb_get_asid(vmcb) != p_asid->asid )
vmcb_set_asid(vmcb, p_asid->asid);
- vmcb->tlb_control =
- !need_flush ? TLB_CTRL_NO_FLUSH :
- cpu_has_svm_flushbyasid ? TLB_CTRL_FLUSH_ASID : TLB_CTRL_FLUSH_ALL;
+ /* We can't rely on TLB_CTRL_FLUSH_ASID as all ASIDs are stale here. */
+ vmcb->tlb_control = need_flush ? TLB_CTRL_FLUSH_ALL : TLB_CTRL_NO_FLUSH;
}
/*
--
2.50.1
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |