]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/commit
projects / mirror_ubuntu-hirsute-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 72bb10a) | patch
x86/sev-es: Check regs->sp is trusted before adjusting #VC IST stack
authorJoerg Roedel <jroedel@suse.de>
Wed, 3 Mar 2021 14:17:13 +0000 (15:17 +0100)
committerSeth Forshee <seth.forshee@canonical.com>
Wed, 17 Mar 2021 18:49:04 +0000 (13:49 -0500)
commit7ec657d8c972d0db1febf662e0f0ff86b5257e28
treea84b09da8f23c7318997f786d455e2145eaf06betree
parent72bb10a88c6483f3e3ad39e4b09ff4a4b0968a3ecommit | diff
x86/sev-es: Check regs->sp is trusted before adjusting #VC IST stack

BugLink: https://bugs.launchpad.net/bugs/1919492
commit 545ac14c16b5dbd909d5a90ddf5b5a629a40fa94 upstream.

The code in the NMI handler to adjust the #VC handler IST stack is
needed in case an NMI hits when the #VC handler is still using its IST
stack.

But the check for this condition also needs to look if the regs->sp
value is trusted, meaning it was not set by user-space. Extend the check
to not use regs->sp when the NMI interrupted user-space code or the
SYSCALL gap.

Fixes: 315562c9af3d5 ("x86/sev-es: Adjust #VC IST Stack on entering NMI handler")
Reported-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org # 5.10+
Link: https://lkml.kernel.org/r/20210303141716.29223-3-joro@8bytes.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
arch/x86/kernel/sev-es.c diff | blob | blame | history
Ubuntu Hirsute Linux kernel mirror