]> CyberLeo.Net >> Repos - FreeBSD/stable/10.git/commit
projects / FreeBSD / stable / 10.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7191f09) | patch
MFC r328011,329162
authortychon <tychon@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Sat, 10 Mar 2018 00:44:33 +0000 (00:44 +0000)
committertychon <tychon@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Sat, 10 Mar 2018 00:44:33 +0000 (00:44 +0000)
commita62e917e556c54dea0dcc80ff9f436ff9cc13006
tree6df347b33103516d08ea701c90210e4b398d93e1tree | snapshot
parent7191f09b6903495f43c7a87f2e3af6121738c078commit | diff
MFC r328011,329162

r328011:

Provide some mitigation against CVE-2017-5715 by clearing registers
upon returning from the guest which aren't immediately clobbered by
the host.  This eradicates any remaining guest contents limiting their
usefulness in an exploit gadget.

r329162:

Provide further mitigation against CVE-2017-5715 by flushing the
return stack buffer (RSB) upon returning from the guest.

git-svn-id: svn://svn.freebsd.org/base/stable/10@330713 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
sys/amd64/vmm/amd/svm_support.S diff | blob | history
sys/amd64/vmm/intel/vmcs.c diff | blob | history
sys/amd64/vmm/intel/vmx.h diff | blob | history
sys/amd64/vmm/intel/vmx_support.S diff | blob | history
10-STABLE