• Tom Lendacky's avatar
    x86/speculation: Identify processors vulnerable to SMT RSB predictions · be8de49b
    Tom Lendacky authored
    Certain AMD processors are vulnerable to a cross-thread return address
    predictions bug. When running in SMT mode and one of the sibling threads
    transitions out of C0 state, the other sibling thread could use return
    target predictions from the sibling thread that transitioned out of C0.
    
    The Spectre v2 mitigations cover the Linux kernel, as it fills the RSB
    when context switching to the idle thread. However, KVM allows a VMM to
    prevent exiting guest mode when transitioning out of C0. A guest could
    act maliciously in this situation, so create a new x86 BUG that can be
    used to detect if the processor is vulnerable.
    Reviewed-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
    Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Message-Id: <91cec885656ca1fcd4f0185ce403a53dd9edecb7.1675956146.git.thomas.lendacky@amd.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    be8de49b
common.c 62.2 KB