Commit 750beb6c authored by Tom Lendacky's avatar Tom Lendacky Committed by Marcelo Henrique Cerri

KVM: SVM: Do not intercept new speculative control MSRs

CVE-2017-5753
CVE-2017-5715

Allow guest access to the speculative control MSRs without being
intercepted.
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: default avatarAndy Whitcroft <apw@canonical.com>
(cherry picked from commit 68c2587c0680813d57af0a4073fa22a95a15e980)
Signed-off-by: default avatarAndy Whitcroft <apw@canonical.com>
parent 88b00371
...@@ -181,6 +181,8 @@ static const struct svm_direct_access_msrs { ...@@ -181,6 +181,8 @@ static const struct svm_direct_access_msrs {
{ .index = MSR_CSTAR, .always = true }, { .index = MSR_CSTAR, .always = true },
{ .index = MSR_SYSCALL_MASK, .always = true }, { .index = MSR_SYSCALL_MASK, .always = true },
#endif #endif
{ .index = MSR_IA32_SPEC_CTRL, .always = true },
{ .index = MSR_IA32_PRED_CMD, .always = true },
{ .index = MSR_IA32_LASTBRANCHFROMIP, .always = false }, { .index = MSR_IA32_LASTBRANCHFROMIP, .always = false },
{ .index = MSR_IA32_LASTBRANCHTOIP, .always = false }, { .index = MSR_IA32_LASTBRANCHTOIP, .always = false },
{ .index = MSR_IA32_LASTINTFROMIP, .always = false }, { .index = MSR_IA32_LASTINTFROMIP, .always = false },
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment