Commit 4fef74f2 authored by Konrad Rzeszutek Wilk's avatar Konrad Rzeszutek Wilk Committed by Juerg Haefliger

UBUNTU: SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest

CVE-2018-3639 (x86)

Expose the CPUID.7.EDX[31] bit to the guest, and also guard against various
combinations of SPEC_CTRL MSR values.

The handling of the MSR (to take into account the host value of SPEC_CTRL
Bit(2)) is taken care of in patch:

  KVM/SVM/VMX/x86/spectre_v2: Support the combination of guest and host IBRS
Signed-off-by: default avatarKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Reviewed-by: default avatarIngo Molnar <mingo@kernel.org>
Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
[juergh: Context adjustments.]
Signed-off-by: default avatarJuerg Haefliger <juergh@canonical.com>
parent a2866f10
...@@ -359,7 +359,7 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function, ...@@ -359,7 +359,7 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
/* cpuid 7.0.edx */ /* cpuid 7.0.edx */
const u32 kvm_supported_7_0_edx_x86_features = const u32 kvm_supported_7_0_edx_x86_features =
F(SPEC_CTRL); F(SPEC_CTRL) | F(RDS);
/* cpuid 0xD.1.eax */ /* cpuid 0xD.1.eax */
const u32 kvm_supported_word10_x86_features = const u32 kvm_supported_word10_x86_features =
......
...@@ -2936,7 +2936,11 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) ...@@ -2936,7 +2936,11 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
kvm_write_tsc(vcpu, msr_info); kvm_write_tsc(vcpu, msr_info);
break; break;
case MSR_IA32_SPEC_CTRL: case MSR_IA32_SPEC_CTRL:
vcpu->arch.spec_ctrl = msr_info->data; /* The STIBP bit doesn't fault even if it's not advertised */
if (data & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_RDS))
return 1;
vcpu->arch.spec_ctrl = data;
break; break;
case MSR_IA32_CR_PAT: case MSR_IA32_CR_PAT:
if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) { if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment