Diffusion FreeBSD src repository - subversion rS330704

MFC r328011,329162
rS330704
Actions

Description

MFC r328011,329162

r328011:

Provide some mitigation against CVE-2017-5715 by clearing registers
upon returning from the guest which aren't immediately clobbered by
the host. This eradicates any remaining guest contents limiting their
usefulness in an exploit gadget.

r329162:

Provide further mitigation against CVE-2017-5715 by flushing the
return stack buffer (RSB) upon returning from the guest.

Details

Provenance

tychon

Authored on

Parents

rS330703: lualoader: Cache kernel list

Branches

Unknown

Tags

Unknown

Event Timeline

tychon committed rS330704: MFC r328011,329162.Mar 9 2018, 7:39 PM

Changes (5)

Path

Size

stable/

11/

sys/

amd64/

vmm/

amd/

intel/

rS330704

View Options

stable/11/

View Options

stable/11/sys/amd64/vmm/amd/svm_support.S

View Options

stable/11/sys/amd64/vmm/intel/vmcs.c

View Options

stable/11/sys/amd64/vmm/intel/vmx.h

View Options

stable/11/sys/amd64/vmm/intel/vmx_support.S

MFC r328011,329162rS330704Actions

Description

Details

Event Timeline

Changes (5)

rS330704

stable/11/

stable/11/sys/amd64/vmm/amd/svm_support.S

stable/11/sys/amd64/vmm/intel/vmcs.c

stable/11/sys/amd64/vmm/intel/vmx.h

stable/11/sys/amd64/vmm/intel/vmx_support.S

MFC r328011,329162
rS330704
Actions