| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8d1f42be-9e9d-2fb8-cc82-f4ebdbb6147c@redhat.com>
Date: Wed, 31 Mar 2021 11:37:44 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org,
Brijesh Singh <brijesh.singh@....com>,
Tom Lendacky <thomas.lendacky@....com>
Subject: Re: [PATCH 0/3] KVM: SVM: SEV{-ES} bug fixes
On 31/03/21 05:19, Sean Christopherson wrote:
> Misc bug fixes in SEV/SEV-ES to protect against a malicious userspace.
> All found by inspection, I didn't actually crash the host to to prove that
> userspace could hose the kernel in any of these cases. Boot tested an SEV
> guest, though the SEV-ES side of patch 2 is essentially untested as I
> don't have an SEV-ES setup at this time.
>
> Sean Christopherson (3):
> KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs
> KVM: SVM: Do not set sev->es_active until KVM_SEV_ES_INIT completes
> KVM: SVM: Do not allow SEV/SEV-ES initialization after vCPUs are
> created
>
> arch/x86/kvm/svm/sev.c | 37 ++++++++++++++++++-------------------
> 1 file changed, 18 insertions(+), 19 deletions(-)
>
Queued, thanks.
Paolo
Powered by blists - more mailing lists