CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2018/09/19 05:46:57
Modified files:
sys/arch/amd64/amd64: Tag: OPENBSD_6_3 vmm_support.S
Log message:
vmm(4): Reset host LDTR on exit for SVM
For SVM machines, the LDT content remains set to that of the guest VM on
exit (as compared to Intel/VMX which resets the LDTR to 0). This fix
ensures the LDT is reset to 0 on SVM exits.
Leaving the LDT set to the guest's choice could allow a malicious process
to escalate its privileges with the help of a malicious VM that they
also are able to run on the machine.
This was reported by Maxime Villard; thanks!
OpenBSD 6.3 errata 019
