KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS

On eIBRS systems, the returns in the vmexit return path from __vmx_vcpu_run() to vmx_vcpu_run() are exposed to RSB poisoning attacks. Fix that by moving the post-vmexit spec_ctrl handling to immediately after the vmexit. Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Borislav Petkov <bp@suse.de>
author: Josh Poimboeuf <jpoimboe@kernel.org> 2022-06-14 23:16:13 +0200
committer: Borislav Petkov <bp@suse.de> 2022-06-27 10:34:00 +0200
commit: fc02735b14fff8c6678b521d324ade27b1a3d4cf (patch)
tree: 9be32b1a805858cab02c043a740b2bab8f45a15c /arch/x86/kvm/vmx/vmx.h
parent: bb06650634d3552c0f8557e9d16aa1a408040e28 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index 1b1982448aa4..da654af12ccb 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -405,6 +405,7 @@ void vmx_set_virtual_apic_mode(struct kvm_vcpu *vcpu);
 struct vmx_uret_msr *vmx_find_uret_msr(struct vcpu_vmx *vmx, u32 msr);
 void pt_update_intercept_for_msr(struct kvm_vcpu *vcpu);
 void vmx_update_host_rsp(struct vcpu_vmx *vmx, unsigned long host_rsp);
+void vmx_spec_ctrl_restore_host(struct vcpu_vmx *vmx, unsigned int flags);
 unsigned int __vmx_vcpu_run_flags(struct vcpu_vmx *vmx);
 bool __vmx_vcpu_run(struct vcpu_vmx *vmx, unsigned long *regs,
 		    unsigned int flags);
author	Josh Poimboeuf <jpoimboe@kernel.org>	2022-06-14 23:16:13 +0200
committer	Borislav Petkov <bp@suse.de>	2022-06-27 10:34:00 +0200
commit	fc02735b14fff8c6678b521d324ade27b1a3d4cf (patch)
tree	9be32b1a805858cab02c043a740b2bab8f45a15c /arch/x86/kvm/vmx/vmx.h
parent	bb06650634d3552c0f8557e9d16aa1a408040e28 (diff)