APPLIED [OEM-6.1] Re: [SRU Focal,Jammy,OEM-6.1,Lunar 0/3] CVE-2023-20588

[Timo Aaltonen]

Thadeu Lima de Souza Cascardo kirjoitti 30.8.2023 klo 17.38:
> [Impact]
>   A division-by-zero error on some AMD processors can potentially return
>   speculative data resulting in loss of confidentiality.
> 
> [Backport]
> There were some minimal conflicts resulting in this being backported before
> the SRSO mitigation.
> 
> But for 5.4 kernels, the entry code has been changed. And instead of
> adopting those changes and introducing new code here, I opted to not touch
> that divide error entry code since the added function call added in the
> second patch is removed in the third patch. Then, the places where it is
> called have moved and I had to manually place them in their equivalent
> spots.
> 
> [Test case]
> The test case here was looking at dmesg for the following line in one
> affected part:
> 
> "AMD Zen1 DIV0 bug detected. Disable SMT for full protection."
> 
> I also tested that an integer division by zero in userspace doesn't cause
> any crashes or hiccups in the kernel.
> 
> [Potential regression]
> Booting on affected parts may be affected. Kernel exit and SVM may be
> affected too. Also CPU vulnerability reporting may be affected.
> 
> Borislav Petkov (AMD) (3):
>    x86/bugs: Increase the x86 bugs vector size to two u32s
>    x86/CPU/AMD: Do not leak quotient data after a division by 0
>    x86/CPU/AMD: Fix the DIV(0) initial fix attempt
> 
>   arch/x86/entry/common.c                  |  1 +
>   arch/x86/include/asm/cpufeatures.h       |  4 +++-
>   arch/x86/include/asm/processor.h         |  2 ++
>   arch/x86/kernel/cpu/amd.c                | 20 ++++++++++++++++++++
>   arch/x86/kvm/svm.c                       |  2 ++
>   tools/arch/x86/include/asm/cpufeatures.h |  2 +-
>   6 files changed, 29 insertions(+), 2 deletions(-)
> 

applied to oem-6.1, thanks

-- 
t