Commit 37d1c23e authored by Marios Pomonis's avatar Marios Pomonis Committed by Ben Hutchings
Browse files

KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c 



commit 6ec4c5ee upstream.

This fixes a Spectre-v1/L1TF vulnerability in set_msr_mce() and
get_msr_mce().
Both functions contain index computations based on the
(attacker-controlled) MSR number.

Fixes: 890ca9ae ("KVM: Add MCE support")

Signed-off-by: default avatarNick Finco <nifi@google.com>
Signed-off-by: default avatarMarios Pomonis <pomonis@google.com>
Reviewed-by: default avatarAndrew Honig <ahonig@google.com>
Reviewed-by: default avatarJim Mattson <jmattson@google.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
[bwh: Backported to 3.16: Add #include <linux/nospec.h>]
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
parent 528bb394
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment