Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp21839563ybl; Mon, 6 Jan 2020 12:20:22 -0800 (PST) X-Google-Smtp-Source: APXvYqzYSod55GlZzpf6BWVl9NPHFrI2Henqv2MrCzJx9Rq4k25auBSYhSHcRCJmv/ZU5fM8PDYI X-Received: by 2002:a05:6830:1141:: with SMTP id x1mr44028624otq.120.1578342022009; Mon, 06 Jan 2020 12:20:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578342022; cv=none; d=google.com; s=arc-20160816; b=MRyQsI3TQF79aXnTT/yYjxYwYz5nxTLFgRUU7G7GcPymbYd3HkRSb4KP2WFJDqXfAG 2HmKBbwhYIueNwwE2kIczMnoCWZVXqlmwWlZ97zSA1XEjNMbhhM/V0Dl6nBX6+wCErro ouzShIWJ0qG9Ux89JWZZPQrXY6ziENdcwIRwC4RdxUfWEi45SpXCldGre7ScBJXEa1VK m/m2MyzNd2FSLj3ORm9fvP8TtmLqBy4iE1VMyYlwh6eMKbyfS3BaV+gb7ApojO5Uo6PI axhqPtlOGCsubh5yN1bMq55jDE5IY2MS2cPRG79I1PNTVVYexY616vl3hQqltccVEY6O pUHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=4Rcg5ibwjG8y5aZAcf4B6F5Z9gExCdMlFDQO0Lciu24=; b=KXukAgpzkBJBtmX+q8+UknlN/9nF3KAjSdk6/qjXqx5uMg+X7+dbDIjr6p4V5rjSYc mfG8sJh0w4SGhSFQmOPAfe48rcUT9KtvSX7ZzVcjJ1nZh3usTmhKUYDZlnPxkP8+Fpo0 HaCMS8GclnXfSi9qFpqMevSP1gVFF2WdacI+ym2BayHvXBrMiy/8yFY+EQB5k4GSO1Df rr18hd7Etq/NCCOD8W6c4HGacjZsw08kq1Zp1N6f/KxqyUzQ5l2xnfIO+f/X0/WD9o61 MXX9KGFjknPBA7pHv4MgOtN0qcccEk8o31TIemSYhIwCQxSPpvfqkBvq5LmdrHHKQym0 i7wg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=lqiq0v9H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v18si37444804otn.202.2020.01.06.12.20.10; Mon, 06 Jan 2020 12:20:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=lqiq0v9H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726723AbgAFUSX (ORCPT + 99 others); Mon, 6 Jan 2020 15:18:23 -0500 Received: from mail-io1-f65.google.com ([209.85.166.65]:34824 "EHLO mail-io1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726778AbgAFUSX (ORCPT ); Mon, 6 Jan 2020 15:18:23 -0500 Received: by mail-io1-f65.google.com with SMTP id h8so2908671iob.2 for ; Mon, 06 Jan 2020 12:18:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4Rcg5ibwjG8y5aZAcf4B6F5Z9gExCdMlFDQO0Lciu24=; b=lqiq0v9HxFYQSzvoTItL5VboCgvXcPwJrDfjRt4tRzrNP91NfyDXsOiJ0/fojLIeK3 cZDHOPcKfYWr1Imrjm4ukSv9jgmuqIUFul4cWpToTfFisGt9agV5pyTQYUhw/d56TCA1 TED+wvKRPwaaajR6wEOAcNtQqO4eOcvinx1dX2jdTd2Kemd8PzCsuPJGravprw31HYd/ /Q4rQfBCmTNo24mSI3jiIJdTm1ysoZI5RejQGz1yQd0FjM+dJ3zBPY7kWWX0BAepujEy B0rIjdFhlP24gElV5/X3YMNSxkww59fgjkVGTad5O92J+/njh17oPYTfbM5B7a3NrsxH MpTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4Rcg5ibwjG8y5aZAcf4B6F5Z9gExCdMlFDQO0Lciu24=; b=aPw+rrlILj0HqI+msV6bistyInhqEz5DAiFqAesjjUdr4zEFna/kszUR9N7OSlKoYN pKlC93m1p+xfMsyhBnQnk6z4OJGzQ9JnO164ITe6mGr0/Z2Gnf4GFHyzagT14dgQ3gis xQEaJARqwA3sMyTPRzL5z2+884WTr40XK+Zal+/QfR/n09i7CWpvECcjYBowyvKU2kc9 n11URoGECkFuQt7KqruPwTFRQq4eL2pHOltxWXgW9JSHD4sBUhXR0YC3Bn0Pj44wx4A0 H+wAX15MkUqBQKGLHBI1HtJ1Rj8Rfte+D8kazqs+fRoE7BYH++iwy11n1ZV2lEEp3fZE u+jg== X-Gm-Message-State: APjAAAXq9gqlynAtSIq0Fj6pv8ke2Gx08gs+4gFF8/dxSvyqqyyjR8+I OCRrFY3z8VfuZwZxXo0J7HdkoJHq2c9Iwq4gvO2y/A== X-Received: by 2002:a02:c906:: with SMTP id t6mr73461739jao.75.1578341902473; Mon, 06 Jan 2020 12:18:22 -0800 (PST) MIME-Version: 1.0 References: <20191211204753.242298-1-pomonis@google.com> <20191211204753.242298-8-pomonis@google.com> In-Reply-To: <20191211204753.242298-8-pomonis@google.com> From: Jim Mattson Date: Mon, 6 Jan 2020 12:18:11 -0800 Message-ID: Subject: Re: [PATCH v2 07/13] KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks To: Marios Pomonis Cc: Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , "the arch/x86 maintainers" , kvm list , LKML , Nick Finco , Andrew Honig , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Dec 11, 2019 at 12:48 PM Marios Pomonis wrote: > > This fixes a Spectre-v1/L1TF vulnerability in fixed_msr_to_seg_unit(). > This function contains index computations based on the > (attacker-controlled) MSR number. > > Fixes: commit de9aef5e1ad6 ("KVM: MTRR: introduce fixed_mtrr_segment table") > > Signed-off-by: Nick Finco > Signed-off-by: Marios Pomonis > Reviewed-by: Andrew Honig > Cc: stable@vger.kernel.org Reviewed-by: Jim Mattson