ANDROID: pkvm: x86: Audit ptdev did
Did is used as pasid/fl-paging/sl-paging cache tag. If ptdevs belong to different VMs are using the same did, they may hit the same cache which will result in security issue. To guarantee passthrough devices attached to different VMs are using different did, audit the did first before setting it to the pasid entry. The rule of auditing is to make sure only the ptdevs attached to the same VM can use the same did. Bug: 395299836 Test: Boot, verify cpus are de-privileged and run a minimal protected vm. Change-Id: If078f02168d57429544765e79c4279231282df24 Signed-off-by:Chuanxiao Dong <chuanxiao.dong@intel.com> Reviewed-by:
Jason Chen CJ <jason.cj.chen@intel.com> Signed-off-by:
Vineeth Pillai <vineethrp@google.com>
Loading
Please sign in to comment