Git Repo - linux.git/commit

author	David Woodhouse <[email protected]>
	Fri, 12 Jan 2018 11:11:27 +0000 (11:11 +0000)
committer	Thomas Gleixner <[email protected]>
	Fri, 12 Jan 2018 11:33:37 +0000 (12:33 +0100)
commit	117cc7a908c83697b0b737d15ae1eb5943afe35b
tree	3e1228c2d5e40a6de96ec00d74d8be22cacd79f4	tree \| snapshot
parent	7614e913db1f40fff819b36216484dc3808995d4	commit \| diff

x86/retpoline: Fill return stack buffer on vmexit

In accordance with the Intel and AMD documentation, we need to overwrite
all entries in the RSB on exiting a guest, to prevent malicious branch
target predictions from affecting the host kernel. This is needed both
for retpoline and for IBRS.

[ak: numbers again for the RSB stuffing labels]

Signed-off-by: David Woodhouse <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Tested-by: Peter Zijlstra (Intel) <[email protected]>
Cc: [email protected]
Cc: Rik van Riel <[email protected]>
Cc: Andi Kleen <[email protected]>
Cc: Josh Poimboeuf <[email protected]>
Cc: [email protected]
Cc: Linus Torvalds <[email protected]>
Cc: Jiri Kosina <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Tim Chen <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Paul Turner <[email protected]>
Link: https://lkml.kernel.org/r/[email protected]

arch/x86/include/asm/nospec-branch.h		diff \| blob \| blame \| history
arch/x86/kvm/svm.c		diff \| blob \| blame \| history
arch/x86/kvm/vmx.c		diff \| blob \| blame \| history