summaryrefslogtreecommitdiff
path: root/virt
diff options
context:
space:
mode:
authorJim Mattson <jmattson@google.com>2017-09-12 13:02:54 -0700
committerPaolo Bonzini <pbonzini@redhat.com>2017-09-15 14:05:46 +0200
commit51aa68e7d57e3217192d88ce90fd5b8ef29ec94f (patch)
tree96b602951ac8eb47d92e93180f98cd470e2b7877 /virt
parent488e32f1981e506976d666b3772d6ccc8b726fee (diff)
kvm: nVMX: Don't allow L2 to access the hardware CR8
If L1 does not specify the "use TPR shadow" VM-execution control in vmcs12, then L0 must specify the "CR8-load exiting" and "CR8-store exiting" VM-execution controls in vmcs02. Failure to do so will give the L2 VM unrestricted read/write access to the hardware CR8. This fixes CVE-2017-12154. Signed-off-by: Jim Mattson <jmattson@google.com> Reviewed-by: David Hildenbrand <david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'virt')
0 files changed, 0 insertions, 0 deletions