Lines Matching +full:multi +full:- +full:processors

1 .. SPDX-License-Identifier: GPL-2.0
10 guest-userspace may be able to attack the guest-kernel using the hypervisor as
13 Affected processors
14 -------------------
18 **Intel processors:**
19   - Skylake generation (Parts without Enhanced-IBRS)
20   - Cascade Lake generation - (Parts affected by ITS guest/host separation)
21   - Alder Lake and newer (Parts affected by BHI)
26 **AMD processors:**
27   - Zen series (families 0x17, 0x19, 0x1a)
29 ** Hygon processors:**
30  - Family 0x18
33 ----------
36 ----------------
39 IBPB before the first exit to userspace after VM-exit. If userspace did not run
40 between VM-exit and the next VM-entry, no IBPB is issued.
42 Note that the existing userspace mitigation against Spectre-v2 is effective in
44 from a malicious guest. This is because Spectre-v2 mitigations are applied at
45 context switch time, while the userspace VMM can run after a VM-exit without a
53 ------------------
55 When Simultaneous Multi-Threading (SMT) is enabled, hypervisors can be
56 vulnerable to cross-thread attacks. For complete protection against VMSCAPE
62 - SMT is disabled
63 - STIBP is enabled system-wide
64 - Intel eIBRS is enabled (which implies STIBP protection)
67 ------------------------------
87    exit to userspace after VM-exit.
91    IBPB is issued on every VM-exit. This occurs when other mitigations like
92    RETBLEED or SRSO are already issuing IBPB on VM-exit.
95 ----------------------------------------------
109    Force vulnerability detection and mitigation even on processors that are