diff options
| author | Sean Christopherson <sean.j.christopherson@intel.com> | 2019-01-25 07:40:50 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-04-29 16:31:17 +0200 |
| commit | b4be98039a9224ec0cfc2b706e8e881b9ba53850 (patch) | |
| tree | 87cd33ac1284ff5d926d33b5bc9805d509c9e5d6 /virt | |
| parent | ed523cbd4a6594edf123dc03ec9d70ea4f793671 (diff) | |
KVM: VMX: Zero out *all* general purpose registers after VM-Exit
commit 0e0ab73c9a0243736bcd779b30b717e23ba9a56d upstream.
...except RSP, which is restored by hardware as part of VM-Exit.
Paolo theorized that restoring registers from the stack after a VM-Exit
in lieu of zeroing them could lead to speculative execution with the
guest's values, e.g. if the stack accesses miss the L1 cache[1].
Zeroing XORs are dirt cheap, so just be ultra-paranoid.
Note that the scratch register (currently RCX) used to save/restore the
guest state is also zeroed as its host-defined value is loaded via the
stack, just with a MOV instead of a POP.
[1] https://patchwork.kernel.org/patch/10771539/#22441255
Fixes: 0cb5b30698fd ("kvm: vmx: Scrub hardware GPRs at VM-exit")
Cc: Jim Mattson <jmattson@google.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[bwh: Backported to 4.19: adjust filename, context]
Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'virt')
0 files changed, 0 insertions, 0 deletions