]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit - arch/x86/kvm/cpuid.c
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 480a308) | patch
x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
authorAndi Kleen <ak@linux.intel.com>
Sat, 19 Jan 2019 00:50:23 +0000 (16:50 -0800)
committerStefan Bader <stefan.bader@canonical.com>
Mon, 6 May 2019 16:58:12 +0000 (18:58 +0200)
commit138de5e33d35c3b9d6b0315064cdee1506d64211
tree420616292f8551de2c121885c963eee006b48448tree
parent480a3088eb4be71d63dd8df9b3a087b703a42c36commit | diff
x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests

X86_FEATURE_MD_CLEAR is a new CPUID bit which is set when microcode
provides the mechanism to invoke a flush of various exploitable CPU buffers
by invoking the VERW instruction.

Hand it through to guests so they can adjust their mitigations.

This also requires corresponding qemu changes, which are available
separately.

[ tglx: Massaged changelog ]

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130

(cherry picked from commit 1789c4f11b6cefc067e405233084a6b9f072f579)
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
arch/x86/kvm/cpuid.c diff | blob | blame | history
ubuntu-bionic-kernel mirror