]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 948e433) | patch
x86/srso: Add IBPB on VMEXIT
authorBorislav Petkov (AMD) <bp@alien8.de>
Fri, 7 Jul 2023 11:53:41 +0000 (13:53 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 8 Aug 2023 18:04:52 +0000 (20:04 +0200)
commitb31eb84b6756825ce935ce0390025b2b09b4ecb4
tree00b7efff4abf3adbe39ea0f5c7e563539d139e26tree | snapshot
parent948e43310c208641a2094a41f83f4dc543de8040commit | diff
x86/srso: Add IBPB on VMEXIT

Upstream commit: d893832d0e1ef41c72cdae444268c1d64a2be8ad

Add the option to flush IBPB only on VMEXIT in order to protect from
malicious guests but one otherwise trusts the software that runs on the
hypervisor.

Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/include/asm/cpufeatures.h diff | blob | blame | history
arch/x86/kernel/cpu/bugs.c diff | blob | blame | history
arch/x86/kvm/svm/svm.c diff | blob | blame | history
arch/x86/kvm/svm/vmenter.S diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git