KVM: VMX: Prevent RSB underflow before vmenter

On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. Balanced returns (matched by a preceding call) are usually ok, but it's at least theoretically possible an NMI with a deep call stack could empty the RSB before one of the returns. For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write and the vmenter. [ bp: Fix 32-bit build. ] Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Borislav Petkov <bp@suse.de>
author: Josh Poimboeuf <jpoimboe@kernel.org> 2022-06-15 00:16:16 +0300
committer: Borislav Petkov <bp@suse.de> 2022-06-27 11:34:00 +0300
commit: 07853adc29a058c5fd143c14e5ac528448a72ed9 (patch)
tree: 6336e1982537e7d9db862efcaa66157bf400b1ce /arch/x86/kvm/vmx/capabilities.h
parent: 9756bba28470722dacb79ffce554336dd1f6a6cd (diff)
download: linux-07853adc29a058c5fd143c14e5ac528448a72ed9.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilities.h
index 3f430e218375..c0e24826a86f 100644
--- a/arch/x86/kvm/vmx/capabilities.h
+++ b/arch/x86/kvm/vmx/capabilities.h
@@ -4,8 +4,8 @@
 
 #include <asm/vmx.h>
 
-#include "lapic.h"
-#include "x86.h"
+#include "../lapic.h"
+#include "../x86.h"
 
 extern bool __read_mostly enable_vpid;
 extern bool __read_mostly flexpriority_enabled;
author	Josh Poimboeuf <jpoimboe@kernel.org>	2022-06-15 00:16:16 +0300
committer	Borislav Petkov <bp@suse.de>	2022-06-27 11:34:00 +0300
commit	07853adc29a058c5fd143c14e5ac528448a72ed9 (patch)
tree	6336e1982537e7d9db862efcaa66157bf400b1ce /arch/x86/kvm/vmx/capabilities.h
parent	9756bba28470722dacb79ffce554336dd1f6a6cd (diff)
download	linux-07853adc29a058c5fd143c14e5ac528448a72ed9.tar.xz