On 08/21/2018 11:37 AM, Juergen Gross wrote:

While the hypervisor emulates plain writes to PTEs happily, this is much slower than issuing a hypercall for PTE modifcations. And writing a PTE via two 32-bit write instructions (especially when clearing the PTE) will result in an intermediate L1TF vulnerable PTE.

Writes to PAE PTEs should always be done with 64-bit writes or via hypercalls.

Juergen Gross (2): x86/xen: don't write ptes directly in 32-bit PV guests x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear

arch/x86/include/asm/pgtable-3level.h | 7 +++---- arch/x86/xen/mmu_pv.c | 7 +++---- 2 files changed, 6 insertions(+), 8 deletions(-)

Applied to for-linus-19b.

(+stable.)

-boris