UBUNTU: SAUCE: kvm/cpuid: Fix CPUID_7_0.EDX handling

Initially all the SPEC_CTRL related bits were added to the scattered feature word and that was used to sync between host and guest. But now upstream has extended the feature words and moved all related bits there. Because of that we have to change the handler code as well. CVE-2018-3639 (x86) [smb: tracked in private lp 1772146] Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

UBUNTU: SAUCE: kvm/cpuid: Fix CPUID_7_0.EDX handling
Initially all the SPEC_CTRL related bits were added to the scattered feature word and that was used to sync between host and guest. But now upstream has extended the feature words and moved all related bits there. Because of that we have to change the handler code as well. CVE-2018-3639 (x86) [smb: tracked in private lp 1772146] Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
a334c78c · Stefan Bader · 6256713c · a334c78c
Commit a334c78c authored May 19, 2018 by Stefan Bader
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

arch/x86/kvm/cpuid.c arch/x86/kvm/cpuid.c +1 -1

No files found.
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -447,7 +447,7 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
 			// TSC_ADJUST is emulated
 			entry->ebx |= F(TSC_ADJUST);
 			entry->edx &= kvm_supported_7_0_edx_x86_features;
-			entry->edx &= get_scattered_cpuid_leaf(7, 0, 2);
+			cpuid_mask(&entry->edx, 16);
 		} else {
 			entry->ebx = 0;
 			entry->edx = 0;