]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b661fce) | patch
KVM: svm: unconditionally intercept #DB
authorPaolo Bonzini <pbonzini@redhat.com>
Tue, 10 Nov 2015 08:14:39 +0000 (09:14 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sun, 31 Jan 2016 19:25:43 +0000 (11:25 -0800)
commitf43767aa051fbb303d22fb9c17872de084b189d4
treeca8082edcb3c6d81013685d3b303416d24a69402tree
parentb661fce93fc4494f49f81b38e3415ba60e05d920commit | diff
KVM: svm: unconditionally intercept #DB

commit cbdb967af3d54993f5814f1cee0ed311a055377d upstream.

This is needed to avoid the possibility that the guest triggers
an infinite stream of #DB exceptions (CVE-2015-8104).

VMX is not affected: because it does not save DR6 in the VMCS,
it already intercepts #DB unconditionally.

Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/kvm/svm.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git