mirror of
https://git.proxmox.com/git/mirror_ubuntu-kernels.git
synced 2026-01-06 07:50:18 +00:00
af2e8c68b9
On some systems that are vulnerable to Spectre v2, it is up to software to flush the link stack (return address stack), in order to protect against Spectre-RSB. When exiting from a guest we do some house keeping and then potentially exit to C code which is several stack frames deep in the host kernel. We will then execute a series of returns without preceeding calls, opening up the possiblity that the guest could have poisoned the link stack, and direct speculative execution of the host to a gadget of some sort. To prevent this we add a flush of the link stack on exit from a guest. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> |
||
|---|---|---|
| .. | ||
| boot | ||
| configs | ||
| crypto | ||
| include | ||
| kernel | ||
| kvm | ||
| lib | ||
| math-emu | ||
| mm | ||
| net | ||
| oprofile | ||
| perf | ||
| platforms | ||
| purgatory | ||
| sysdev | ||
| tools | ||
| xmon | ||
| Kbuild | ||
| Kconfig | ||
| Kconfig.debug | ||
| Makefile | ||
| Makefile.postlink | ||