[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux 6.0.8 generates L1TF-vulnerable PTE if Xen's PAT is modified

To: Xen developer discussion <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 9 Dec 2022 13:40:53 -0500
Cc: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>
Delivery-date: Fri, 09 Dec 2022 18:41:16 +0000
Feedback-id: iac594737:Fastmail
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

If Xen is patched to use the same PAT Linux does, it appears to break
L1TF mitigations in PV Linux 6.0.8.  Linux 5.15.81 works fine.  The
symptom is that Linux fails to boot, with Xen complaining about an
L1TF-vulnerable PTE with shadow paging disabled.

Details are at https://github.com/QubesOS/qubes-issues/issues/7935.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: Linux 6.0.8 generates L1TF-vulnerable PTE if Xen's PAT is modified
  - From: Marek Marczykowski-Górecki

Prev by Date: Re: [PATCH] xen/arm: efi-boot misra rule 4.1 fix
Next by Date: Re: [PATCH v2] xen/arm: p2m: Populate pages for GICv2 mapping in arch_domain_create()
Previous by thread: Re: [PATCH v2] xen/arm: Do not route NS phys timer IRQ to Xen
Next by thread: Re: Linux 6.0.8 generates L1TF-vulnerable PTE if Xen's PAT is modified
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.