diff options
| author | Linus Torvalds | 2022-08-09 09:29:07 -0700 |
|---|---|---|
| committer | Linus Torvalds | 2022-08-09 09:29:07 -0700 |
| commit | 5318b987fe9f3430adb0f5d81d07052fd996835b (patch) | |
| tree | 35b0c7287c7ca98d3a5302aa72e948e3fbec2000 /arch/x86/kvm | |
| parent | eb555cb5b794f4e12a9897f3d46d5a72104cd4a7 (diff) | |
| parent | ba6e31af2be96c4d0536f2152ed6f7b6c11bca47 (diff) | |
Merge tag 'x86_bugs_pbrsb' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 eIBRS fixes from Borislav Petkov:
"More from the CPU vulnerability nightmares front:
Intel eIBRS machines do not sufficiently mitigate against RET
mispredictions when doing a VM Exit therefore an additional RSB,
one-entry stuffing is needed"
* tag 'x86_bugs_pbrsb' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/speculation: Add LFENCE to RSB fill sequence
x86/speculation: Add RSB VM Exit protections
Diffstat (limited to 'arch/x86/kvm')
| -rw-r--r-- | arch/x86/kvm/vmx/vmenter.S | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/arch/x86/kvm/vmx/vmenter.S b/arch/x86/kvm/vmx/vmenter.S index 4182c7ffc909..6de96b943804 100644 --- a/arch/x86/kvm/vmx/vmenter.S +++ b/arch/x86/kvm/vmx/vmenter.S @@ -227,11 +227,13 @@ SYM_INNER_LABEL(vmx_vmexit, SYM_L_GLOBAL) * entries and (in some cases) RSB underflow. * * eIBRS has its own protection against poisoned RSB, so it doesn't - * need the RSB filling sequence. But it does need to be enabled - * before the first unbalanced RET. + * need the RSB filling sequence. But it does need to be enabled, and a + * single call to retire, before the first unbalanced RET. */ - FILL_RETURN_BUFFER %_ASM_CX, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_VMEXIT + FILL_RETURN_BUFFER %_ASM_CX, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_VMEXIT,\ + X86_FEATURE_RSB_VMEXIT_LITE + pop %_ASM_ARG2 /* @flags */ pop %_ASM_ARG1 /* @vmx */ |