review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Josh Poimboeuf <jpoimboe@kernel.org>
	Tue, 14 Jun 2022 21:16:13 +0000 (23:16 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 23 Jul 2022 10:54:08 +0000 (12:54 +0200)
commit	0cbd5905c8f3b5da498c21c4deee347622b3420b
tree	acba3b23f3a41aeac63ee17ea6c5fa2d81e4ff9f	tree \| snapshot
parent	5fde25284dfe9d3f12afdceec410cddb8d4b889a	commit \| diff

KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS

commit fc02735b14fff8c6678b521d324ade27b1a3d4cf upstream.

On eIBRS systems, the returns in the vmexit return path from
__vmx_vcpu_run() to vmx_vcpu_run() are exposed to RSB poisoning attacks.

Fix that by moving the post-vmexit spec_ctrl handling to immediately
after the vmexit.

Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

arch/x86/include/asm/nospec-branch.h		diff \| blob \| history
arch/x86/kernel/cpu/bugs.c		diff \| blob \| history
arch/x86/kvm/vmx/run_flags.h		diff \| blob \| history
arch/x86/kvm/vmx/vmenter.S		diff \| blob \| history
arch/x86/kvm/vmx/vmx.c		diff \| blob \| history
arch/x86/kvm/vmx/vmx.h		diff \| blob \| history