APPLIED [OEM-5.14, OEM-5.17, OEM-6.0] Re: [UBUNTU Focal, Jammy, Kinetic, Lunar, OEM-5.14, OEM-5.17, OEM-6.0 0/1] CVE-2022-2196
Timo Aaltonen
tjaalton at ubuntu.com
Mon Mar 13 12:37:46 UTC 2023
Thadeu Lima de Souza Cascardo kirjoitti 10.2.2023 klo 20.21:
> [Impact]
> An L2 guest could do an spectre-v2 attack on an L1 guest if that guest assumes
> IBRS or eIBRS can be used to isolate between them, while it cannot. L0 needs to
> issue an IBPB in these cases.
>
> [Potential impact]
> Systems using nested guests might have a performance impact.
>
> Jim Mattson (1):
> KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
>
> arch/x86/kvm/vmx/nested.c | 11 +++++++++++
> arch/x86/kvm/vmx/vmx.c | 6 ++++--
> 2 files changed, 15 insertions(+), 2 deletions(-)
>
applied to oem kernels, thanks
--
t
More information about the kernel-team
mailing list