review.tizen.org Git - platform/kernel/linux-rpi.git/commit

x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit

commit 8c6de56a42e0c657955e12b882a81ef07d1d073e upstream.

kvm_steal_time_set_preempted() may accidentally clear KVM_VCPU_FLUSH_TLB
bit if it is called more than once while VCPU is preempted.

This is part of CVE-2019-3016.

(This bug was also independently discovered by Jim Mattson
<jmattson@google.com>)

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Joao Martins <joao.m.martins@oracle.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

author	Boris Ostrovsky <boris.ostrovsky@oracle.com>
	Wed, 30 Oct 2019 19:01:31 +0000 (19:01 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 11 Feb 2020 12:34:11 +0000 (04:34 -0800)
commit	25a7898937f4a9f32ca2d1e9b7f5f07176af8037
tree	47256d94ebdae77226b1fec1bb1b966118deb774	tree \| snapshot
parent	18eccafaa8b02370862f81e3be24dada581ab72f	commit \| diff