ACK/Cmnt: [SRU][F/J][PATCH 0/3] CVE-2024-25744

Stefan Bader stefan.bader at canonical.com
Fri Jul 19 08:15:58 UTC 2024 

On 18.07.24 14:36, Kevin Becker wrote:
> On Tue, Jun 11, 2024 at 4:12 PM Yuxuan Luo <yuxuan.luo at canonical.com> wrote:
>>
>> [Impact]
>> In x86 environment, untrusted virtual machines are able to send
>> interrupt that will be mistakenly interpretted by host as INT80
>> interrupt sent from host userspace programs, posessing threat to
>> the host's confidentiality.
>>
>> [Backport]
>> For Jammy, a prerequisite, 1da5c9bc119d (“x86: Introduce
>> ia32_enabled()”), for the patch set is needed as denoted in the fix
>> commit message. And a follow-up fix, 32f5f73b79ff (“x86/fred: Fix INT80
>> emulation for FRED”), can be ignored because it is FRED specific and
>> FRED is yet to be introduced by 14619d912b65 (“x86/fred: FRED entry/exit
>> and dispatch code”).
>>
>> For Focal, the most important fix, be5341eb0d43 (“x86/entry: Convert INT
>> 0x80 emulation to IDTENTRY”), cannot be backported since IDTENTRY is not
>> well supported, and it is hard to backport IDTENTRY due to the
>> complexity of the entire patch set
>> (https://lore.kernel.org/all/20200505134903.949227617@linutronix.de/T/#mcb16c66e338e669bb663742a526346c9d12605b4).
>> Therefore, as suggested by the maintainer Kirill A. Shutemov, we simply
>> disable IA32 emulation for SEV to mitigate the issue (TDX is not
>> introduced yet).
>>
>> [Test]
>> Compile and boot tested in a VM.
>>
>> [Where things could go wrong]
>> It affects users running x32 operating system VMs on confidential
>> computing VMMs.
>>
>> Kirill A. Shutemov (1):
>>    x86/coco: Disable 32-bit emulation by default on TDX and SEV
>>
>> Kuppuswamy Sathyanarayanan (1):
>>    x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c
>>
>> Nikolay Borisov (1):
>>    x86: Introduce ia32_enabled()
>>
>>   arch/x86/entry/common.c                       |  5 ++++
>>   arch/x86/include/asm/ia32.h                   | 23 ++++++++++++++++++-
>>   arch/x86/mm/Makefile                          |  8 +++----
>>   .../mm/{mem_encrypt.c => mem_encrypt_amd.c}   | 11 +++++++++
>>   4 files changed, 42 insertions(+), 5 deletions(-)
>>   rename arch/x86/mm/{mem_encrypt.c => mem_encrypt_amd.c} (97%)
>>
>> --
> 
> ACK only for focal due to Manuel's NACK.
> 
> Acked-by: Kevin Becker <kevin.becker at canonical.com>
> 

Please do a Focal only v2. Once I see any NACK on submissions it goes 
into the KTML bin.

-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240719/dfe37cd8/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240719/dfe37cd8/attachment-0001.sig>

More information about the kernel-team mailing list