kvm: vmx: Scrub hardware GPRs at VM-exit - bcachefs.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Jim Mattson <jmattson@google.com>	2018-01-03 14:31:38 -0800
committer	Ben Hutchings <ben@decadent.org.uk>	2018-03-19 18:59:02 +0000
commit	a070adf5031b218fa8fa45914c388886e61d7214 (patch)
tree	81f0fcf9f2d80403ef99bfda11b50ca9e02b14b2 /Documentation/kernel-parameters.txt
parent	3e50cd97ed730bb0abfcdbc8c1a18871c2750c33 (diff)

kvm: vmx: Scrub hardware GPRs at VM-exit

commit 0cb5b30698fdc8f6b4646012e3acb4ddce430788 upstream. Guest GPR values are live in the hardware GPRs at VM-exit. Do not leave any guest values in hardware GPRs after the guest GPR values are saved to the vcpu_vmx structure. This is a partial mitigation for CVE 2017-5715 and CVE 2017-5753. Specifically, it defeats the Project Zero PoC for CVE 2017-5715. Suggested-by: Eric Northup <digitaleric@google.com> Signed-off-by: Jim Mattson <jmattson@google.com> Reviewed-by: Eric Northup <digitaleric@google.com> Reviewed-by: Benjamin Serebrin <serebrin@google.com> Reviewed-by: Andrew Honig <ahonig@google.com> [Paolo: Add AMD bits, Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

Diffstat (limited to 'Documentation/kernel-parameters.txt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: