projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6ec4c5e) | patch
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
authorMarios Pomonis <pomonis@google.com>
Wed, 11 Dec 2019 20:47:50 +0000 (12:47 -0800)
committerPaolo Bonzini <pbonzini@redhat.com>
Mon, 27 Jan 2020 18:59:42 +0000 (19:59 +0100)
commit125ffc5e0a56a3eded608dc51e09d5ebf72cf652
tree3f6dafa71f5d0e850d598e7bb2471876d2f89469tree | snapshot
parent6ec4c5eee1750d5d17951c4e1960d953376a0ddacommit | diff
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks

This fixes Spectre-v1/L1TF vulnerabilities in
vmx_read_guest_seg_selector(), vmx_read_guest_seg_base(),
vmx_read_guest_seg_limit() and vmx_read_guest_seg_ar().  When
invoked from emulation, these functions contain index computations
based on the (attacker-influenced) segment value.  Using constants
prevents the attack.

Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/emulate.c diff | blob | history
MicroBlaze GIT Repository