KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (6ec4c5ee) · Commits · Mirrors / git.yoctoproject.org / linux-yocto

Commit 6ec4c5ee authored Dec 11, 2019 by

Marios Pomonis Committed by Paolo Bonzini Jan 27, 2020

KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c

This fixes a Spectre-v1/L1TF vulnerability in set_msr_mce() and
get_msr_mce().
Both functions contain index computations based on the
(attacker-controlled) MSR number.

Fixes: 890ca9ae

 ("KVM: Add MCE support")

Signed-off-by: Nick Finco <nifi@google.com>
Signed-off-by: Marios Pomonis <pomonis@google.com>
Reviewed-by: Andrew Honig <ahonig@google.com>
Cc: stable@vger.kernel.org
Reviewed-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

parent 13c5183a

Hide whitespace changes

Inline Side-by-side

Please register or to comment