Comment 4 for bug 445456

After git-bisect, the winner is:

7088c3756a151abaadea5b1d4810c86e2651292e is the first bad commit
commit 7088c3756a151abaadea5b1d4810c86e2651292e
Author: Avi Kivity <email address hidden>
Date: Mon Mar 23 22:13:44 2009 +0200

    KVM: VMX: Don't allow uninhibited access to EFER on i386

    CVE-2009-1242

    commit 16175a796d061833aacfbd9672235f2d2725df65 upstream

    vmx_set_msr() does not allow i386 guests to touch EFER, but they can still
    do so through the default: label in the switch. If they set EFER_LME, they
    can oops the host.

    Fix by having EFER access through the normal channel (which will check for
    EFER_LME) even on i386.

    Reported-and-tested-by: Benjamin Gilbert <email address hidden>
    Cc: <email address hidden>
    Signed-off-by: Avi Kivity <email address hidden>
    Signed-off-by: Stefan Bader <email address hidden>

:040000 040000 067e338cc1db74e085e06c1bf598e10231cb7cba c57336b2f6e4e86d2e85096aaaad5f62a9c62f51 M arch