iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b043138246
linux/arch/x86
History
Boris Ostrovsky b043138246 x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed 
There is a potential race in record_steal_time() between setting
host-local vcpu->arch.st.steal.preempted to zero (i.e. clearing
KVM_VCPU_PREEMPTED) and propagating this value to the guest with
kvm_write_guest_cached(). Between those two events the guest may
still see KVM_VCPU_PREEMPTED in its copy of kvm_steal_time, set
KVM_VCPU_FLUSH_TLB and assume that hypervisor will do the right
thing. Which it won't.

Instad of copying, we should map kvm_steal_time and that will
guarantee atomicity of accesses to @preempted.

This is part of CVE-2019-3016.

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Joao Martins <joao.m.martins@oracle.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-01-30 18:45:55 +01:00
..
boot x86/boot: kbuild: allow readelf executable to be specified 2019-12-14 15:53:04 +09:00
configs x86: Remove the calgary IOMMU driver 2019-11-15 10:36:59 +01:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-12-02 17:23:21 -08:00
entry Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-12-01 19:05:07 -08:00
events perf/x86/intel: Fix PT PMI handling 2019-12-17 13:32:46 +01:00
hyperv - Support for new VMBus protocols (Andrea Parri). 2019-11-30 14:50:51 -08:00
ia32 syscalls/x86: Use COMPAT_SYSCALL_DEFINE0 for IA32 (rt_)sigreturn 2019-10-11 12:49:18 +02:00
include x86/kvm: Cache gfn to pfn translation 2020-01-30 18:45:55 +01:00
kernel Merge branch 'ras-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-12-21 06:04:12 -08:00
kvm x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed 2020-01-30 18:45:55 +01:00
lib perf/core improvements and fixes: 2019-11-29 06:56:05 +01:00
math-emu Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 10:42:40 -08:00
mm mm/memory_hotplug: shrink zones when offlining memory 2020-01-04 13:55:08 -08:00
net bpf: Simplify __bpf_arch_text_poke poke type handling 2019-11-24 17:12:11 -08:00
oprofile x86: Use pr_warn instead of pr_warning 2019-10-18 15:00:18 +02:00
pci pci-v5.5-changes 2019-12-03 13:58:22 -08:00
platform x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage 2019-12-04 11:15:30 +01:00
power x86/asm/32: Change all ENTRY+ENDPROC to SYM_FUNC_* 2019-10-18 12:03:43 +02:00
purgatory Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 10:42:40 -08:00
ras RAS/CEC: Add CONFIG_RAS_CEC_DEBUG and move CEC debug features there 2019-06-08 17:39:24 +02:00
realmode Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 10:42:40 -08:00
tools x86/insn: Fix awk regexp warnings 2019-10-01 12:13:16 +02:00
um y2038: syscall implementation cleanups 2019-12-01 14:00:59 -08:00
video
xen Merge branch 'x86-iopl-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 11:12:02 -08:00
.gitignore
Kbuild treewide: Add SPDX license identifier - Kbuild 2019-05-30 11:32:33 -07:00
Kconfig x86/kasan: support KASAN_VMALLOC 2019-12-01 12:59:06 -08:00
Kconfig.cpu x86/math-emu: Limit MATH_EMULATION to 486SX compatibles 2019-10-03 10:51:17 +02:00
Kconfig.debug x86/traps: Disentangle the 32-bit and 64-bit doublefault code 2019-11-26 21:53:34 +01:00
Makefile x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning 2019-08-28 17:31:31 +02:00
Makefile_32.cpu x86/math-emu: Limit MATH_EMULATION to 486SX compatibles 2019-10-03 10:51:17 +02:00
Makefile.um