KVM: VMX: Zero out *all* general purpose registers after VM-Exit (b4be9803) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit b4be9803 authored Jan 25, 2019 by

Sean Christopherson Committed by Greg Kroah-Hartman Apr 29, 2020

KVM: VMX: Zero out all general purpose registers after VM-Exit

commit 0e0ab73c upstream.

...except RSP, which is restored by hardware as part of VM-Exit.

Paolo theorized that restoring registers from the stack after a VM-Exit
in lieu of zeroing them could lead to speculative execution with the
guest's values, e.g. if the stack accesses miss the L1 cache[1].
Zeroing XORs are dirt cheap, so just be ultra-paranoid.

Note that the scratch register (currently RCX) used to save/restore the
guest state is also zeroed as its host-defined value is loaded via the
stack, just with a MOV instead of a POP.

[1] https://patchwork.kernel.org/patch/10771539/#22441255

Fixes: 0cb5b306

 ("kvm: vmx: Scrub hardware GPRs at VM-exit")
Cc: Jim Mattson <jmattson@google.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[bwh: Backported to 4.19: adjust filename, context]
Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent ed523cbd

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 52d5afed
· May 15, 2020

mentioned in commit 52d5afed

mentioned in commit 52d5afedf3b2de252d758abdba111d0bb65e36bc

Toggle commit list

Please register or to comment