[SRU][F/J][PATCH 0/3] CVE-2024-25744

[Yuxuan Luo]

[Impact]
In x86 environment, untrusted virtual machines are able to send
interrupt that will be mistakenly interpretted by host as INT80
interrupt sent from host userspace programs, posessing threat to
the host's confidentiality.

[Backport]
For Jammy, a prerequisite, 1da5c9bc119d (“x86: Introduce
ia32_enabled()”), for the patch set is needed as denoted in the fix
commit message. And a follow-up fix, 32f5f73b79ff (“x86/fred: Fix INT80
emulation for FRED”), can be ignored because it is FRED specific and
FRED is yet to be introduced by 14619d912b65 (“x86/fred: FRED entry/exit
and dispatch code”).

For Focal, the most important fix, be5341eb0d43 (“x86/entry: Convert INT
0x80 emulation to IDTENTRY”), cannot be backported since IDTENTRY is not
well supported, and it is hard to backport IDTENTRY due to the
complexity of the entire patch set
(https://lore.kernel.org/all/20200505134903.949227617@linutronix.de/T/#mcb16c66e338e669bb663742a526346c9d12605b4).
Therefore, as suggested by the maintainer Kirill A. Shutemov, we simply
disable IA32 emulation for SEV to mitigate the issue (TDX is not
introduced yet).

[Test]
Compile and boot tested in a VM.

[Where things could go wrong]
It affects users running x32 operating system VMs on confidential
computing VMMs.

Kirill A. Shutemov (1):
  x86/coco: Disable 32-bit emulation by default on TDX and SEV

Kuppuswamy Sathyanarayanan (1):
  x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c

Nikolay Borisov (1):
  x86: Introduce ia32_enabled()

 arch/x86/entry/common.c                       |  5 ++++
 arch/x86/include/asm/ia32.h                   | 23 ++++++++++++++++++-
 arch/x86/mm/Makefile                          |  8 +++----
 .../mm/{mem_encrypt.c => mem_encrypt_amd.c}   | 11 +++++++++
 4 files changed, 42 insertions(+), 5 deletions(-)
 rename arch/x86/mm/{mem_encrypt.c => mem_encrypt_amd.c} (97%)

-- 
2.34.1