Re: [RFC PATCH v4 00/19] Core scheduling v4
From: Tim Chen
Date: Tue Mar 17 2020 - 17:58:32 EST
On 3/17/20 2:17 PM, Thomas Gleixner wrote:
>> The interrupt handler will be run with PTE inverted. So I don't think
>> there's a leak via L1TF in this scenario.
>
> How so?
>
> Host memory is attackable, when one of the sibling SMT threads runs in
> host OS (hypervisor) context and the other in guest context.
>
> HT1 is in guest mode and attacking (has control over PTEs). HT2 is
> running in host mode and executes an interrupt handler. The host PTE
> inversion does not matter in this scenario at all.
>
> So HT1 can very well see data which is brought into the shared L1 by
> HT2.
>
> The only way to mitigate that aside of disabling HT is disabling EPT.
>
I had a brain lapse. Yes, PTE inversion is for mitigating against malicious
user space code, not for malicious guest.
Thanks for the correction.
Tim