Re: [PATCH v2 02/13] KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks

On Thu, Dec 12, 2019 at 9:47 AM Christian Borntraeger borntraeger@de.ibm.com wrote:

On 12.12.19 18:44, Jim Mattson wrote:

...

On Thu, Dec 12, 2019 at 9:31 AM Christian Borntraeger borntraeger@de.ibm.com wrote:

...

On 11.12.19 21:47, Marios Pomonis wrote:

...

This fixes Spectre-v1/L1TF vulnerabilities in kvm_hv_msr_get_crash_data() and kvm_hv_msr_set_crash_data(). These functions contain index computations that use the (attacker-controlled) MSR number.

Fixes: commit e7d9513b60e8 ("kvm/x86: added hyper-v crash msrs into kvm hyperv context")

Signed-off-by: Nick Finco nifi@google.com Signed-off-by: Marios Pomonis pomonis@google.com Reviewed-by: Andrew Honig ahonig@google.com Cc: stable@vger.kernel.org

Reviewed-by: Jim Mattson jmattson@google.com