HV: flush L1 cache when switching to normal world

yonghuah · lijinxia · commit fb68468cfd27 · 2018-11-01T11:21:15.000+08:00
-to avoid information leaking from secure world to normal world on platform affected by L1TF. Tracked-On: #1672 Signed-off-by: Yonghua Huang <yonghua.huang@intel.com> Reviewed-by: Kevin Tian <kevin.tian@intel.com>
diff --git a/hypervisor/arch/x86/trusty.c b/hypervisor/arch/x86/trusty.c
@@ -306,11 +306,15 @@ void switch_world(struct vcpu *vcpu, int next_world)
 	copy_smc_param(&arch_vcpu->contexts[!next_world].run_ctx,
 			&arch_vcpu->contexts[next_world].run_ctx);
 
-	/* load EPTP for next world */
 	if (next_world == NORMAL_WORLD) {
+		/* load EPTP for next world */
 		exec_vmwrite64(VMX_EPT_POINTER_FULL,
 			hva2hpa(vcpu->vm->arch_vm.nworld_eptp) |
 			(3UL << 3U) | 0x6UL);
+
+#ifndef CONFIG_L1D_FLUSH_VMENTRY_ENABLED
+		cpu_l1d_flush();
+#endif
 	} else {
 		exec_vmwrite64(VMX_EPT_POINTER_FULL,
 			hva2hpa(vcpu->vm->arch_vm.sworld_eptp) |
