Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoerg Roedel <jroedel@suse.de>2018-05-15 13:41:49 +0200
committerJoerg Roedel <jroedel@suse.de>2018-05-15 13:41:49 +0200
commit1a9dacc8b494c117209d8c08bb649a45879d9c96 (patch)
treee04d1e6a8751b61739a68d7eff24aa2b947a2ad7
parent25fd23dc2fd1ae38ac0da126f13f6ee12920ab90 (diff)
KVM: SVM: Move spec control call after restore of GS
(bsc#1087082 CVE-2018-3639). suse-commit: 65e82a47acd03ba01970a3c9dc90fefbfdee5b31
-rw-r--r--arch/x86/kvm/svm.c24
1 files changed, 12 insertions, 12 deletions
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index d455d728646f..be99e5a6039f 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -5449,6 +5449,18 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
#endif
);
+ /* Eliminate branch target predictions from guest mode */
+ vmexit_fill_RSB();
+
+#ifdef CONFIG_X86_64
+ wrmsrl(MSR_GS_BASE, svm->host.gs_base);
+#else
+ loadsegment(fs, svm->host.fs);
+#ifndef CONFIG_X86_32_LAZY_GS
+ loadsegment(gs, svm->host.gs);
+#endif
+#endif
+
/*
* We do not use IBRS in the kernel. If this vCPU has used the
* SPEC_CTRL MSR it may have left it on; save the value and
@@ -5469,18 +5481,6 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
x86_spec_ctrl_restore_host(svm->spec_ctrl);
- /* Eliminate branch target predictions from guest mode */
- vmexit_fill_RSB();
-
-#ifdef CONFIG_X86_64
- wrmsrl(MSR_GS_BASE, svm->host.gs_base);
-#else
- loadsegment(fs, svm->host.fs);
-#ifndef CONFIG_X86_32_LAZY_GS
- loadsegment(gs, svm->host.gs);
-#endif
-#endif
-
reload_tss(vcpu);
local_irq_disable();