From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@suse.de>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Paolo Bonzini <pbonzini@redhat.com>,
David Woodhouse <dwmw@amazon.co.uk>
Subject: [PATCH 4.9 71/87] KVM: SVM: Move spec control call after restore of GS
Date: Mon, 21 May 2018 23:11:47 +0200 [thread overview]
Message-ID: <20180521210426.247329442@linuxfoundation.org> (raw)
In-Reply-To: <20180521210420.222671977@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Thomas Gleixner <tglx@linutronix.de>
commit 15e6c22fd8e5a42c5ed6d487b7c9fe44c2517765 upstream
svm_vcpu_run() invokes x86_spec_ctrl_restore_host() after VMEXIT, but
before the host GS is restored. x86_spec_ctrl_restore_host() uses 'current'
to determine the host SSBD state of the thread. 'current' is GS based, but
host GS is not yet restored and the access causes a triple fault.
Move the call after the host GS restore.
Fixes: 885f82bfbc6f x86/process: Allow runtime control of Speculative Store Bypass
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/x86/kvm/svm.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -5011,6 +5011,18 @@ static void svm_vcpu_run(struct kvm_vcpu
#endif
);
+ /* Eliminate branch target predictions from guest mode */
+ vmexit_fill_RSB();
+
+#ifdef CONFIG_X86_64
+ wrmsrl(MSR_GS_BASE, svm->host.gs_base);
+#else
+ loadsegment(fs, svm->host.fs);
+#ifndef CONFIG_X86_32_LAZY_GS
+ loadsegment(gs, svm->host.gs);
+#endif
+#endif
+
/*
* We do not use IBRS in the kernel. If this vCPU has used the
* SPEC_CTRL MSR it may have left it on; save the value and
@@ -5031,18 +5043,6 @@ static void svm_vcpu_run(struct kvm_vcpu
x86_spec_ctrl_restore_host(svm->spec_ctrl);
- /* Eliminate branch target predictions from guest mode */
- vmexit_fill_RSB();
-
-#ifdef CONFIG_X86_64
- wrmsrl(MSR_GS_BASE, svm->host.gs_base);
-#else
- loadsegment(fs, svm->host.fs);
-#ifndef CONFIG_X86_32_LAZY_GS
- loadsegment(gs, svm->host.gs);
-#endif
-#endif
-
reload_tss(vcpu);
local_irq_disable();
next prev parent reply other threads:[~2018-05-21 21:11 UTC|newest]
Thread overview: 92+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-21 21:10 [PATCH 4.9 00/87] 4.9.102-stable review Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 01/87] usbip: usbip_host: refine probe and disconnect debug msgs to be useful Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 02/87] usbip: usbip_host: delete device from busid_table after rebind Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 03/87] usbip: usbip_host: run rebind from exit when module is removed Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 04/87] usbip: usbip_host: fix NULL-ptr deref and use-after-free errors Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 05/87] usbip: usbip_host: fix bad unlock balance during stub_probe() Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 06/87] ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 07/87] ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 08/87] ALSA: control: fix a redundant-copy issue Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 09/87] spi: pxa2xx: Allow 64-bit DMA Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 10/87] spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 11/87] spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 12/87] KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 13/87] powerpc: Dont preempt_disable() in show_cpuinfo() Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 14/87] signals: avoid unnecessary taking of sighand->siglock Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 15/87] tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 16/87] netfilter: nf_tables: cant fail after linking rule into active rule list Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 17/87] i2c: designware: fix poll-after-enable regression Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 18/87] powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 19/87] mm: dont allow deferred pages with NEED_PER_CPU_KM Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 20/87] s390/qdio: fix access to uninitialized qdio_q fields Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 21/87] s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 22/87] s390/qdio: dont release memory in qdio_setup_irq() Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.9 23/87] s390: remove indirect branch from do_softirq_own_stack Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 24/87] x86/pkeys: Override pkey when moving away from PROT_EXEC Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 25/87] x86/pkeys: Do not special case protection key 0 Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 26/87] efi: Avoid potential crashes, fix the struct efi_pci_io_protocol_32 definition for mixed mode Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 27/87] ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 28/87] tick/broadcast: Use for_each_cpu() specially on UP kernels Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 29/87] ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 30/87] ARM: 8770/1: kprobes: Prohibit probing on optimized_callback Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 31/87] ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 32/87] Btrfs: fix xattr loss after power failure Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 33/87] btrfs: fix crash when trying to resume balance without the resume flag Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 34/87] x86/amd: dont set X86_BUG_SYSRET_SS_ATTRS when running under Xen Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 35/87] btrfs: fix reading stale metadata blocks after degraded raid1 mounts Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 36/87] x86/nospec: Simplify alternative_msr_write() Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 37/87] x86/bugs: Concentrate bug detection into a separate function Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 38/87] x86/bugs: Concentrate bug reporting " Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 39/87] x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 40/87] x86/bugs, KVM: Support the combination of guest and host IBRS Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 41/87] x86/bugs: Expose /sys/../spec_store_bypass Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 42/87] x86/cpufeatures: Add X86_FEATURE_RDS Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 43/87] x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 44/87] x86/bugs/intel: Set proper CPU features and setup RDS Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 45/87] x86/bugs: Whitelist allowed SPEC_CTRL MSR values Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 46/87] x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 47/87] x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 48/87] x86/speculation: Create spec-ctrl.h to avoid include hell Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 49/87] prctl: Add speculation control prctls Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 50/87] x86/process: Optimize TIF checks in __switch_to_xtra() Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 51/87] x86/process: Correct and optimize TIF_BLOCKSTEP switch Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 52/87] x86/process: Optimize TIF_NOTSC switch Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 53/87] x86/process: Allow runtime control of Speculative Store Bypass Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 54/87] x86/speculation: Add prctl for Speculative Store Bypass mitigation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 55/87] nospec: Allow getting/setting on non-current task Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 56/87] proc: Provide details on speculation flaw mitigations Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 57/87] seccomp: Enable " Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 58/87] x86/bugs: Make boot modes __ro_after_init Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 59/87] prctl: Add force disable speculation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 60/87] seccomp: Use PR_SPEC_FORCE_DISABLE Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 61/87] seccomp: Add filter flag to opt-out of SSB mitigation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 62/87] seccomp: Move speculation migitation control to arch code Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 63/87] x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 64/87] x86/bugs: Rename _RDS to _SSBD Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 65/87] proc: Use underscores for SSBD in status Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 66/87] Documentation/spec_ctrl: Do some minor cleanups Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 67/87] x86/bugs: Fix __ssb_select_mitigation() return type Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 68/87] x86/bugs: Make cpu_show_common() static Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 69/87] x86/bugs: Fix the parameters alignment and missing void Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 70/87] x86/cpu: Make alternative_msr_write work for 32-bit code Greg Kroah-Hartman
2018-05-21 21:11 ` Greg Kroah-Hartman [this message]
2018-05-21 21:11 ` [PATCH 4.9 72/87] x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 73/87] x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 74/87] x86/cpufeatures: Disentangle SSBD enumeration Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 75/87] x86/cpu/AMD: Fix erratum 1076 (CPB bit) Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 76/87] x86/cpufeatures: Add FEATURE_ZEN Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 77/87] x86/speculation: Handle HT correctly on AMD Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 78/87] x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 79/87] x86/speculation: Add virtualized speculative store bypass disable support Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 80/87] x86/speculation: Rework speculative_store_bypass_update() Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 81/87] x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 82/87] x86/bugs: Expose x86_spec_ctrl_base directly Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.9 83/87] x86/bugs: Remove x86_spec_ctrl_set() Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.9 84/87] x86/bugs: Rework spec_ctrl base and mask logic Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.9 85/87] x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.9 86/87] KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.9 87/87] x86/bugs: Rename SSBD_NO to SSB_NO Greg Kroah-Hartman
2018-05-22 4:46 ` [PATCH 4.9 00/87] 4.9.102-stable review kernelci.org bot
2018-05-22 11:08 ` Naresh Kamboju
2018-05-22 13:28 ` Guenter Roeck
2018-05-22 20:41 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180521210426.247329442@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=bp@suse.de \
--cc=dwmw@amazon.co.uk \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).