On 14/10/2024 10:37 pm, Marek Marczykowski-Górecki wrote: > On Mon, Oct 14, 2024 at 09:05:58PM +0100, Andrew Cooper wrote: >> On 14/10/2024 7:26 pm, Marek Marczykowski-Górecki wrote: >>> Technically, it's a PV ABI violation, and it does break few things >>> (definitely PV domU with passthrough are affected - Xen considers them >>> L1TF vulnerable then; PV live migration is most likely broken too). >> Do you have more information on this? The PAT bits shouldn't form any >> part of L1TF considerations. > https://github.com/QubesOS/qubes-issues/issues/8593 >
0x8010000018200066 That's a very L1TF-unsafe PTE, but it's also got nothing to do with PAT. It's: NX | Avail(bit 52) | addr (0x18200000) | D | A | U | W and importantly not present. PAT == 0 == WB in both the Xen and Linux worlds. But, it likely does highlight a codepath which is opencoding PTE updates. We really ought to have an option to do as f61c54967f4a did with _PAGE_GNTTAB, and to inject #GP into the guest to get a backtrace out of Linux. In the case that we're going to crash the domain anyway, #GP is still more useful, although I would quite like the #GP option instead of shadowing too. Maybe hanging off pv-l1tf=fault as an option? ~Andrew
