RHEL-14980: SEV-ES local priv escalation (!3294) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Wander Lairson Costa requested to merge walac/centos-stream-9:j14980-sev into main Oct 30, 2023

JIRA: https://issues.redhat.com/browse/RHEL-14980

CVE: CVE-2023-46813

Signed-off-by: Wander Lairson Costa wander@redhat.com

f2e592b3 (Wander Lairson Costa) x86/sev: Check for user-space IOIO pointing to kernel space

7789f048 (Wander Lairson Costa) x86/sev: Check IOBM for IOIO exceptions from user-space

bd0fe47d (Wander Lairson Costa) x86/sev: Disable MMIO emulation from user mode

arch/x86/boot/compressed/sev.c | 10 ++++++++ arch/x86/kernel/sev-shared.c | 53 +++++++++++++++++++++++++++++++++++------- arch/x86/kernel/sev.c | 30 ++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 9 deletions(-)

RHEL-14980: SEV-ES local priv escalation

Merge request reports