From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from out3-smtp.messagingengine.com ([66.111.4.27]:60857 "EHLO
        out3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S932310AbeAJMRa (ORCPT
        <rfc822;stable@vger.kernel.org>); Wed, 10 Jan 2018 07:17:30 -0500
Date: Wed, 10 Jan 2018 13:17:20 +0100
From: Greg KH <greg@kroah.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: stable@vger.kernel.org
Subject: Re: [PATCH] kvm: vmx: Scrub hardware GPRs at VM-exit
Message-ID: <20180110121720.GD12483@kroah.com>
References: <20180109084620.24712-1-pbonzini@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180109084620.24712-1-pbonzini@redhat.com>
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

On Tue, Jan 09, 2018 at 09:46:20AM +0100, Paolo Bonzini wrote:
> From: Jim Mattson <jmattson@google.com>
> 
> [ upstream commit 0cb5b30698fdc8f6b4646012e3acb4ddce430788 ]
> 
> Guest GPR values are live in the hardware GPRs at VM-exit.  Do not
> leave any guest values in hardware GPRs after the guest GPR values are
> saved to the vcpu_vmx structure.
> 
> This is a partial mitigation for CVE 2017-5715 and CVE 2017-5753.
> Specifically, it defeats the Project Zero PoC for CVE 2017-5715.
> 
> Suggested-by: Eric Northup <digitaleric@google.com>
> Signed-off-by: Jim Mattson <jmattson@google.com>
> Reviewed-by: Eric Northup <digitaleric@google.com>
> Reviewed-by: Benjamin Serebrin <serebrin@google.com>
> Reviewed-by: Andrew Honig <ahonig@google.com>
> [Paolo: Add AMD bits, Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>]
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Now applied, thanks.

greg k-h