diff options
author | Marios Pomonis <pomonis@google.com> | 2019-12-11 12:47:41 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-02-14 16:31:04 -0500 |
commit | 113857794697b60391ffc4de71c50ac67233928c (patch) | |
tree | 841e5c4944c039e45330247ed850bc5a3f5a25e9 /arch/x86/kvm/Makefile | |
parent | 1c2107a666e063943224b15b8839863e7f2f5176 (diff) |
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
commit 3c9053a2cae7ba2ba73766a34cea41baa70f57f7 upstream.
This fixes a Spectre-v1/L1TF vulnerability in x86_decode_insn().
kvm_emulate_instruction() (an ancestor of x86_decode_insn()) is an exported
symbol, so KVM should treat it conservatively from a security perspective.
Fixes: 045a282ca415 ("KVM: emulator: implement fninit, fnstsw, fnstcw")
Signed-off-by: Nick Finco <nifi@google.com>
Signed-off-by: Marios Pomonis <pomonis@google.com>
Reviewed-by: Andrew Honig <ahonig@google.com>
Cc: stable@vger.kernel.org
Reviewed-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'arch/x86/kvm/Makefile')
0 files changed, 0 insertions, 0 deletions