Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp21839421ybl; Mon, 6 Jan 2020 12:20:12 -0800 (PST) X-Google-Smtp-Source: APXvYqyrVAKHTbQSqQOY3yqzf5tj3fNHvbcUIToejiFedWL8K5jiG68IKBXpEkXauU23DTm2ik34 X-Received: by 2002:a05:6830:605:: with SMTP id w5mr119023197oti.79.1578342012429; Mon, 06 Jan 2020 12:20:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578342012; cv=none; d=google.com; s=arc-20160816; b=H5sUHrJ9LAjStsmIs6UVRG2HIr/cQH1XhWu5YfpG+yCT5s3oQSHMQtrcbaf1uuUiEZ 5mEYF2Ueh4V/BRp18cZmjolzgD0KZXU9tdYiq99cUjdUHJXvWr/qi+COrftV9eVkh/zE HSTsbcpRhLtsSdbahJTCtZB4MscftnJ+Wmg8BUL5kgzZ/GRcnXJLJQNseAIfvnslyb4F ntG51CCS7JqMow+NmI1bMzbZmq6LCIgSiyQbghr8nCuzXoCT+MtPN7sTXBJWWP+yNa1K wGPBmje/Nh6tfwJasvRF4lDvWJfhLVCfGAdXzGmZQkDU3Vca0Pzd7wAgDTpkHci1DCut yBug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=HntsUTCq9EJcXqpEDDbtnISyYD528YUbA0G+2iMAdkg=; b=iQHJMtPr1OIMftim2fb0EN5UypAvlQ5sgJ8vCkZpLubei6w3eJdNoVSx5NiSqqkyHL oKBw+qbdrG7BrPwA184KsY1LNe4c8phYlKm92LGkfHnbqBeMHq3tHbPqY4gvnUiuHOTJ nVxmN+vXHkhR630DVPEgusBjpuw6nUn5qmfVqnXeiTSdhtdfJ2UcSlOLZdeQnZ/ZzytF iOueWxy+/mbN8ZwimGZyZ8rAT64a8AwWFoVxjqeizGBegYUyfMyMrR2XpRvaBt8lPLaF K/upW2iHLUcGSsnuVXXU0lflMBGNrEnt74kSSgU44Y5/gFqYwUL8Rh/Sr1co4pHlay7C VrAA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=IgURydL7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 12si30144033oiz.131.2020.01.06.12.19.59; Mon, 06 Jan 2020 12:20:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=IgURydL7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727001AbgAFUSH (ORCPT + 99 others); Mon, 6 Jan 2020 15:18:07 -0500 Received: from mail-io1-f65.google.com ([209.85.166.65]:41934 "EHLO mail-io1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726713AbgAFUSG (ORCPT ); Mon, 6 Jan 2020 15:18:06 -0500 Received: by mail-io1-f65.google.com with SMTP id c16so46387119ioo.8 for ; Mon, 06 Jan 2020 12:18:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HntsUTCq9EJcXqpEDDbtnISyYD528YUbA0G+2iMAdkg=; b=IgURydL7ZmFcZ617oC7Fzty/+XRo10VzsVQOERs0Cjc68xMclG93vGJdGKjPZ0ONzK nUW4Q1M5ML236KuMtdi9T6w6jc6mD8e8rnVpjVU/44csfaitVnF38N48GI/K83aswm8l t6lf1NzaEU3EyM3ZotPzTbogCuTL9Snt4I+2p5ebBfsrOS87g96DM9PiD4oCSxjm7wrC aA/1Mi41ualxuvZxsf804wyTaXZxwP6ki6w3Kl234GS89AjNjyzgtd0gYcVQ1ZOd8atg cdJ3ufjp22V6jMod2PKF01h8YZU98kpXg38ZA/l1DbdP5sV9BqjGlla0o2v5lrf5t25q 6+iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HntsUTCq9EJcXqpEDDbtnISyYD528YUbA0G+2iMAdkg=; b=FM8qxgNwj1nB1jLBTGlOOj+0QVLr3GAGa7+74x+SUrVHRvXGZNNcsNLeyIqq3jly6W mmvOYaja6EnzBDTU9P5+B13XNt/H6S0jdhdFy0UM+YGNGHTTCXUiZXP+OqPDizr9f0TY Wn38wKlg+Z4WiqbohRg+TRMq+2Mnk8lQObO5ux0SDIH0wcSW9B5tq8XX0T0HxEUntCio MxF0no6Huw7kayk/xVCq4gLk7GGtgvwoavq6fbixtCz/yLFmVnVQjidMc4Ym7aFNdlt1 TXRgoreddtybnhAG2ImBZ9SfGyHGFNrcBeflIsD8Kgv5R4Lh+57uO9WzGMrlPekS6EMY ggag== X-Gm-Message-State: APjAAAWxQkAwxbWTfKyFqyj0+VBDRv4dQB6rPFuKbSYcl/9N7oCAmtmr rAgqh41NF1jGsYqU6i3MRoW7af7mg5TiivInwvz61Q== X-Received: by 2002:a6b:740c:: with SMTP id s12mr30497900iog.108.1578341885911; Mon, 06 Jan 2020 12:18:05 -0800 (PST) MIME-Version: 1.0 References: <20191211204753.242298-1-pomonis@google.com> <20191211204753.242298-7-pomonis@google.com> In-Reply-To: <20191211204753.242298-7-pomonis@google.com> From: Jim Mattson Date: Mon, 6 Jan 2020 12:17:55 -0800 Message-ID: Subject: Re: [PATCH v2 06/13] KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks To: Marios Pomonis Cc: Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , "the arch/x86 maintainers" , kvm list , LKML , Nick Finco , Andrew Honig , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Dec 11, 2019 at 12:48 PM Marios Pomonis wrote: > > This fixes a Spectre-v1/L1TF vulnerability in kvm_lapic_reg_write(). > This function contains index computations based on the > (attacker-controlled) MSR number. > > Fixes: commit 0105d1a52640 ("KVM: x2apic interface to lapic") > > Signed-off-by: Nick Finco > Signed-off-by: Marios Pomonis > Reviewed-by: Andrew Honig > Cc: stable@vger.kernel.org Reviewed-by: Jim Mattson