Hello stable list: This was just posted to 4.15-rc7 since it "defeats the Project Zero PoC for CVE 2017-5715." Should it be marked stable? It cherry-picks cleanly into 4.14.12, not sure about other branches. Full text below. -- Eric Wheeler kvm: vmx: Scrub hardware GPRs at VM-exit Guest GPR values are live in the hardware GPRs at VM-exit. Do not leave any guest values in hardware GPRs after the guest GPR values are saved to the vcpu_vmx structure. This is a partial mitigation for CVE 2017-5715 and CVE 2017-5753. Specifically, it defeats the Project Zero PoC for CVE 2017-5715. Suggested-by: Eric Northup <digitaleric@xxxxxxxxxx> Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx> Reviewed-by: Eric Northup <digitaleric@xxxxxxxxxx> Reviewed-by: Benjamin Serebrin <serebrin@xxxxxxxxxx> Reviewed-by: Andrew Honig <ahonig@xxxxxxxxxx> [Paolo: Add AMD bits, Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>