Speculative store buffer bypass mitigation (CVE-2018-3639)

[Qemu-devel] [PULL 0/3] Speculative store buffer bypass mitigation (CVE-2018-3639)

Eduardo Habkost posted 3 patches 5 years, 11 months ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20180521220133.17445-1-ehabkost@redhat.com

Test checkpatch passed

Test docker-mingw@fedora passed

Test docker-quick@centos7 passed

Test s390x passed

target/i386/cpu.h     |  3 +++
target/i386/cpu.c     |  4 ++--
target/i386/kvm.c     | 16 ++++++++++++++--
target/i386/machine.c | 20 ++++++++++++++++++++
4 files changed, 39 insertions(+), 4 deletions(-)

Expand all Fold all

[Qemu-devel] [PULL 0/3] Speculative store buffer bypass mitigation (CVE-2018-3639)

Posted by Eduardo Habkost 5 years, 11 months ago

This provides the QEMU part of the mitigations for the speculative
store buffer bypass vulnerabilities on the x86 platform[1], and is
the companion of the kernel patches merged in:

  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b78ce4a34b761c7fe13520de822984019ff1a8f

[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
    https://access.redhat.com/security/vulnerabilities/ssbd

The following changes since commit 9802316ed6c19fd45b4c498523df02ca370d0586:

  Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-fetch' into staging (2018-05-21 10:50:32 +0100)

are available in the Git repository at:

  git://github.com/ehabkost/qemu.git tags/x86-next-pull-request

for you to fetch changes up to 403503b162ffc33fb64cfefdf7b880acf41772cd:

  i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639) (2018-05-21 18:59:08 -0300)

----------------------------------------------------------------
Speculative store buffer bypass mitigation (CVE-2018-3639)

----------------------------------------------------------------

Daniel P. Berrangé (1):
  i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)

Konrad Rzeszutek Wilk (2):
  i386: Define the Virt SSBD MSR and handling of it (CVE-2018-3639)
  i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639)

 target/i386/cpu.h     |  3 +++
 target/i386/cpu.c     |  4 ++--
 target/i386/kvm.c     | 16 ++++++++++++++--
 target/i386/machine.c | 20 ++++++++++++++++++++
 4 files changed, 39 insertions(+), 4 deletions(-)

-- 
2.14.3

Re: [Qemu-devel] [PULL 0/3] Speculative store buffer bypass mitigation (CVE-2018-3639)

Posted by Peter Maydell 5 years, 11 months ago

On 21 May 2018 at 23:01, Eduardo Habkost <ehabkost@redhat.com> wrote:
> This provides the QEMU part of the mitigations for the speculative
> store buffer bypass vulnerabilities on the x86 platform[1], and is
> the companion of the kernel patches merged in:
>
>   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b78ce4a34b761c7fe13520de822984019ff1a8f
>
> [1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
>     https://access.redhat.com/security/vulnerabilities/ssbd
>
> The following changes since commit 9802316ed6c19fd45b4c498523df02ca370d0586:
>
>   Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-fetch' into staging (2018-05-21 10:50:32 +0100)
>
> are available in the Git repository at:
>
>   git://github.com/ehabkost/qemu.git tags/x86-next-pull-request
>
> for you to fetch changes up to 403503b162ffc33fb64cfefdf7b880acf41772cd:
>
>   i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639) (2018-05-21 18:59:08 -0300)
>
> ----------------------------------------------------------------
> Speculative store buffer bypass mitigation (CVE-2018-3639)
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM