On Sun, Feb 09, 2020 at 01:33:07PM +0100, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
The patch below does not apply to the 5.5-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable@xxxxxxxxxxxxxxx>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From c926f2f7230b1a29e31914b51db680f8cbf3103f Mon Sep 17 00:00:00 2001
From: Marios Pomonis <pomonis@xxxxxxxxxx>
Date: Wed, 11 Dec 2019 12:47:51 -0800
Subject: [PATCH] KVM: x86: Protect exit_reason from being used in
Spectre-v1/L1TF attacks
This fixes a Spectre-v1/L1TF vulnerability in vmx_handle_exit().
While exit_reason is set by the hardware and therefore should not be
attacker-influenced, an unknown exit_reason could potentially be used to
perform such an attack.
Fixes: 55d2375e58a6 ("KVM: nVMX: Move nested code to dedicated files")
Signed-off-by: Marios Pomonis <pomonis@xxxxxxxxxx>
Signed-off-by: Nick Finco <nifi@xxxxxxxxxx>
Suggested-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
Reviewed-by: Andrew Honig <ahonig@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
The conflict in 5.5 was because we didn't have 1e9e2622a149 ("KVM: VMX:
FIXED+PHYSICAL mode single target IPI fastpath"), I've fixed it and
queued it up.
Backports for older kernels are still missing.
--
Thanks,
Sasha
