summaryrefslogtreecommitdiffstats
path: root/arch/x86/mm/pf_in.c
diff options
context:
space:
mode:
authorSean Christopherson <sean.j.christopherson@intel.com>2020-07-03 06:04:21 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2020-07-03 18:16:28 +0200
commit7c83d096aed055a7763a03384f92115363448b71 (patch)
treecbef83178dccda56bce36c2387959803ed8275d4 /arch/x86/mm/pf_in.c
parentKVM: x86: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode (diff)
downloadlinux-7c83d096aed055a7763a03384f92115363448b71.tar.xz
linux-7c83d096aed055a7763a03384f92115363448b71.zip
KVM: x86: Mark CR4.TSD as being possibly owned by the guest
Mark CR4.TSD as being possibly owned by the guest as that is indeed the case on VMX. Without TSD being tagged as possibly owned by the guest, a targeted read of CR4 to get TSD could observe a stale value. This bug is benign in the current code base as the sole consumer of TSD is the emulator (for RDTSC) and the emulator always "reads" the entirety of CR4 when grabbing bits. Add a build-time assertion in to ensure VMX doesn't hand over more CR4 bits without also updating x86. Fixes: 52ce3c21aec3 ("x86,kvm,vmx: Don't trap writes to CR4.TSD") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Message-Id: <20200703040422.31536-2-sean.j.christopherson@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'arch/x86/mm/pf_in.c')
0 files changed, 0 insertions, 0 deletions