Date: Tue, 14 Aug 2018 17:14:34 +0000 (UTC) From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r337774 - head/sys/amd64/amd64 Message-ID: <201808141714.w7EHEY2j010746@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kib Date: Tue Aug 14 17:14:33 2018 New Revision: 337774 URL: https://svnweb.freebsd.org/changeset/base/337774 Log: Reserve page at the physical address zero on amd64. We always zero the invalidated PTE/PDE for superpage, which means that L1TF CPU vulnerability (CVE-2018-3620) can be only used for reading from the page at zero. Note that both i386 and amd64 exclude the page from phys_avail[] array, so this change is redundant, but I think that phys_avail[] on UEFI-boot does not need to do that. Eventually the blacklisting should be made conditional on CPUs which report that they are not vulnerable to L1TF. Reviewed by: emaste. jhb Sponsored by: The FreeBSD Foundation Modified: head/sys/amd64/amd64/pmap.c Modified: head/sys/amd64/amd64/pmap.c ============================================================================== --- head/sys/amd64/amd64/pmap.c Tue Aug 14 16:37:14 2018 (r337773) +++ head/sys/amd64/amd64/pmap.c Tue Aug 14 17:14:33 2018 (r337774) @@ -1307,6 +1307,9 @@ pmap_init(void) vm_size_t s; int error, i, pv_npg, ret, skz63; + /* L1TF, reserve page @0 unconditionally */ + vm_page_blacklist_add(0, bootverbose); + /* Detect bare-metal Skylake Server and Skylake-X. */ if (vm_guest == VM_GUEST_NO && cpu_vendor_id == CPU_VENDOR_INTEL && CPUID_TO_FAMILY(cpu_id) == 0x6 && CPUID_TO_MODEL(cpu_id) == 0x55) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808141714.w7EHEY2j010746>