Cmnt: [SRU][J][PATCH 0/3] CVE-2024-53114

Wed Oct 15 13:07:44 UTC 2025

On Tue, 14 Oct 2025 20:02:50 +0200
Massimiliano Pellizzer <massimiliano.pellizzer at canonical.com> wrote:

> On Tue, 14 Oct 2025 at 10:20, Juerg Haefliger
> <juerg.haefliger at canonical.com> wrote:
> >
> > https://ubuntu.com/security/CVE-2024-53114
> >
> >
> > [ Impact ]
> >
> > Random AMD Zen4 host reboots wen using virtualized VMLOAD/VMSAVE.
> >
> >
> > [ Test Case ]
> >
> > Compile-tested only.
> >
> >
> > [ Where Problems Could Occur ]
> >
> > CPU handling code, specific to AMD ZEN. Could result in problems
> > when booting AMD systems.
> >
> >
> > [ Notes ]
> >
> > Older series are not affected. Newer series are already fixed.
> >
> >
> >
> > Borislav Petkov (AMD) (1):
> >   x86/CPU/AMD: Add ZenX generations flags
> >
> > Mario Limonciello (1):
> >   x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
> >
> > Wyes Karny (1):
> >   x86: Fix comment for X86_FEATURE_ZEN
> >
> >  arch/x86/include/asm/cpufeatures.h |  5 +-
> >  arch/x86/kernel/cpu/amd.c          | 80 +++++++++++++++++++++++++++++-
> >  2 files changed, 82 insertions(+), 3 deletions(-)
> >
> > --
> > 2.48.1
> >
> >
> > --
> > kernel-team mailing list
> > kernel-team at lists.ubuntu.com
> > https://lists.ubuntu.com/mailman/listinfo/kernel-team  
> 
> The second patch 30fa92832f40 (x86/CPU/AMD: Add ZenX generations
> flags) might have two follow ups:
> - 232afb557835d x86/CPU/AMD: Add X86_FEATURE_ZEN1

Ah yes, thanks. I always forget to check follow-on fixes :-(

> - 15d6daad8f8ad tools headers x86 cpufeatures: Sync with the kernel
> sources to pick TDX, Zen, APIC MSR fence changes
> 
> The second one in particular seems to solve some compile time warnings in perf.
> Do you think they are needed?

Well, there are already *lots* of perf compile warnings [1] without this
patchset so it's nothing new. Ugh. I hate that we don't have Wall or Werror
or whatever the switch is called turned on and keep introducing compile
warnings with backports :-/

I'll send a v2 but it will be quite a few patches and it won't address these
compile warnings, just not introduce more divergence between the headers.
There's a lot of reshuffling, renaming and other non-functional changes in
that area. Having all of them will make future AMD CPU fixes easier to
backport.

...Juerg

[1]
Warning: Kernel ABI header at 'tools/include/uapi/linux/const.h' differs from latest version at 'include/uapi/linux/const.h'
diff -u tools/include/uapi/linux/const.h include/uapi/linux/const.h
Warning: Kernel ABI header at 'tools/include/uapi/linux/fscrypt.h' differs from latest version at 'include/uapi/linux/fscrypt.h'
diff -u tools/include/uapi/linux/fscrypt.h include/uapi/linux/fscrypt.h
Warning: Kernel ABI header at 'tools/include/uapi/linux/kvm.h' differs from latest version at 'include/uapi/linux/kvm.h'
diff -u tools/include/uapi/linux/kvm.h include/uapi/linux/kvm.h
Warning: Kernel ABI header at 'tools/include/uapi/linux/in.h' differs from latest version at 'include/uapi/linux/in.h'
diff -u tools/include/uapi/linux/in.h include/uapi/linux/in.h
Warning: Kernel ABI header at 'tools/arch/x86/include/asm/disabled-features.h' differs from latest version at 'arch/x86/include/asm/disabled-features.h'
diff -u tools/arch/x86/include/asm/disabled-features.h arch/x86/include/asm/disabled-features.h
Warning: Kernel ABI header at 'tools/arch/x86/include/asm/required-features.h' differs from latest version at 'arch/x86/include/asm/required-features.h'
diff -u tools/arch/x86/include/asm/required-features.h arch/x86/include/asm/required-features.h
Warning: Kernel ABI header at 'tools/arch/x86/include/asm/cpufeatures.h' differs from latest version at 'arch/x86/include/asm/cpufeatures.h'
diff -u tools/arch/x86/include/asm/cpufeatures.h arch/x86/include/asm/cpufeatures.h
Warning: Kernel ABI header at 'tools/arch/x86/include/asm/msr-index.h' differs from latest version at 'arch/x86/include/asm/msr-index.h'
diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h
Warning: Kernel ABI header at 'tools/arch/x86/include/uapi/asm/prctl.h' differs from latest version at 'arch/x86/include/uapi/asm/prctl.h'
diff -u tools/arch/x86/include/uapi/asm/prctl.h arch/x86/include/uapi/asm/prctl.h
Warning: Kernel ABI header at 'tools/arch/arm64/include/uapi/asm/kvm.h' differs from latest version at 'arch/arm64/include/uapi/asm/kvm.h'
diff -u tools/arch/arm64/include/uapi/asm/kvm.h arch/arm64/include/uapi/asm/kvm.h
Warning: Kernel ABI header at 'tools/include/uapi/asm-generic/unistd.h' differs from latest version at 'include/uapi/asm-generic/unistd.h'
diff -u tools/include/uapi/asm-generic/unistd.h include/uapi/asm-generic/unistd.h
Warning: Kernel ABI header at 'tools/perf/arch/powerpc/entry/syscalls/syscall.tbl' differs from latest version at 'arch/powerpc/kernel/syscalls/syscall.tbl'
diff -u tools/perf/arch/powerpc/entry/syscalls/syscall.tbl arch/powerpc/kernel/syscalls/syscall.tbl
Warning: Kernel ABI header at 'tools/perf/arch/s390/entry/syscalls/syscall.tbl' differs from latest version at 'arch/s390/kernel/syscalls/syscall.tbl'
diff -u tools/perf/arch/s390/entry/syscalls/syscall.tbl arch/s390/kernel/syscalls/syscall.tbl
Warning: Kernel ABI header at 'tools/perf/trace/beauty/include/linux/socket.h' differs from latest version at 'include/linux/socket.h'
diff -u tools/perf/trace/beauty/include/linux/socket.h include/linux/socket.h

> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20251015/729c6207/attachment.sig>