lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1582570596-45387-1-git-send-email-pbonzini@redhat.com>
Date:   Mon, 24 Feb 2020 19:56:33 +0100
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Cc:     oupton@...gle.com
Subject: [FYI PATCH 0/3] CVE-2020-2732

vmx_check_intercept is not yet fully implemented by KVM on Intel processors,
causing e.g. the I/O or MSR interception bitmaps not to be checked.
In general we can just disallow instruction emulation on behalf of L1,
but this series also implements I/O port checks.

Paolo

Oliver Upton (2):
  KVM: nVMX: Refactor IO bitmap checks into helper function
  KVM: nVMX: Check IO instruction VM-exit conditions

Paolo Bonzini (1):
  KVM: nVMX: Don't emulate instructions in guest mode

 arch/x86/kvm/vmx/nested.c | 39 ++++++++++++++++++++-----------
 arch/x86/kvm/vmx/nested.h |  2 ++
 arch/x86/kvm/vmx/vmx.c    | 59 +++++++++++++++++++++++++++++++++++++++++------
 3 files changed, 79 insertions(+), 21 deletions(-)

-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ