ACK/Cmnt: [SRU][F/J][PATCH 0/3] CVE-2024-25744

Kevin Becker kevin.becker at canonical.com
Thu Jul 18 12:36:46 UTC 2024 

On Tue, Jun 11, 2024 at 4:12 PM Yuxuan Luo <yuxuan.luo at canonical.com> wrote:
>
> [Impact]
> In x86 environment, untrusted virtual machines are able to send
> interrupt that will be mistakenly interpretted by host as INT80
> interrupt sent from host userspace programs, posessing threat to
> the host's confidentiality.
>
> [Backport]
> For Jammy, a prerequisite, 1da5c9bc119d (“x86: Introduce
> ia32_enabled()”), for the patch set is needed as denoted in the fix
> commit message. And a follow-up fix, 32f5f73b79ff (“x86/fred: Fix INT80
> emulation for FRED”), can be ignored because it is FRED specific and
> FRED is yet to be introduced by 14619d912b65 (“x86/fred: FRED entry/exit
> and dispatch code”).
>
> For Focal, the most important fix, be5341eb0d43 (“x86/entry: Convert INT
> 0x80 emulation to IDTENTRY”), cannot be backported since IDTENTRY is not
> well supported, and it is hard to backport IDTENTRY due to the
> complexity of the entire patch set
> (https://lore.kernel.org/all/20200505134903.949227617@linutronix.de/T/#mcb16c66e338e669bb663742a526346c9d12605b4).
> Therefore, as suggested by the maintainer Kirill A. Shutemov, we simply
> disable IA32 emulation for SEV to mitigate the issue (TDX is not
> introduced yet).
>
> [Test]
> Compile and boot tested in a VM.
>
> [Where things could go wrong]
> It affects users running x32 operating system VMs on confidential
> computing VMMs.
>
> Kirill A. Shutemov (1):
>   x86/coco: Disable 32-bit emulation by default on TDX and SEV
>
> Kuppuswamy Sathyanarayanan (1):
>   x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c
>
> Nikolay Borisov (1):
>   x86: Introduce ia32_enabled()
>
>  arch/x86/entry/common.c                       |  5 ++++
>  arch/x86/include/asm/ia32.h                   | 23 ++++++++++++++++++-
>  arch/x86/mm/Makefile                          |  8 +++----
>  .../mm/{mem_encrypt.c => mem_encrypt_amd.c}   | 11 +++++++++
>  4 files changed, 42 insertions(+), 5 deletions(-)
>  rename arch/x86/mm/{mem_encrypt.c => mem_encrypt_amd.c} (97%)
>
> --

ACK only for focal due to Manuel's NACK.

Acked-by: Kevin Becker <kevin.becker at canonical.com>

More information about the kernel-team mailing list