KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks (3c9053a2) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit 3c9053a2 authored Dec 11, 2019 by

Marios Pomonis Committed by Paolo Bonzini Jan 27, 2020

KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks

This fixes a Spectre-v1/L1TF vulnerability in x86_decode_insn().
kvm_emulate_instruction() (an ancestor of x86_decode_insn()) is an exported
symbol, so KVM should treat it conservatively from a security perspective.

Fixes: 045a282c

 ("KVM: emulator: implement fninit, fnstsw, fnstcw")

Signed-off-by: Nick Finco <nifi@google.com>
Signed-off-by: Marios Pomonis <pomonis@google.com>
Reviewed-by: Andrew Honig <ahonig@google.com>
Cc: stable@vger.kernel.org
Reviewed-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

parent a47970ed

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 46155377
· Feb 12, 2020

mentioned in commit 46155377

mentioned in commit 46155377884b637eae646895e51bed322fd2cb8a

Toggle commit list
mirror @mirror
mentioned in commit 703ae423
· Feb 16, 2020

mentioned in commit 703ae423

mentioned in commit 703ae42319295fb9089f2ddb61fb135e0f0e8d20

Toggle commit list
mirror @mirror
mentioned in commit d216f65c
· Feb 16, 2020

mentioned in commit d216f65c

mentioned in commit d216f65c74ddf8ae6547f8a9325f9ad15f688c97

Toggle commit list
mirror @mirror
mentioned in commit 11385779
· Feb 16, 2020

mentioned in commit 11385779

mentioned in commit 113857794697b60391ffc4de71c50ac67233928c

Toggle commit list
mirror @mirror
mentioned in commit db929cc5
· May 24, 2020

mentioned in commit db929cc5

mentioned in commit db929cc57463b056ff9aaaca6ed309464c029e01

Toggle commit list

Please register or to comment