Commit 0661b923 authored by Nicolai Stange's avatar Nicolai Stange Committed by Stefan Bader

x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()

vmx_l1d_flush() gets invoked only if l1tf_flush_l1d is true. There's no
point in setting l1tf_flush_l1d to true from there again.
Signed-off-by: default avatarNicolai Stange <nstange@suse.de>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>

CVE-2018-3620
CVE-2018-3646
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
parent 9541fd1b
......@@ -8394,15 +8394,15 @@ static void vmx_l1d_flush(struct kvm_vcpu *vcpu)
/*
* This code is only executed when the the flush mode is 'cond' or
* 'always'
*
* If 'flush always', keep the flush bit set, otherwise clear
* it. The flush bit gets set again either from vcpu_run() or from
* one of the unsafe VMEXIT handlers.
*/
if (static_branch_unlikely(&vmx_l1d_flush_always))
vcpu->arch.l1tf_flush_l1d = true;
else
if (!static_branch_unlikely(&vmx_l1d_flush_always)) {
/*
* Clear the flush bit, it gets set again either from
* vcpu_run() or from one of the unsafe VMEXIT
* handlers.
*/
vcpu->arch.l1tf_flush_l1d = false;
}
vcpu->stat.l1d_flush++;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment