Date:   Sat, 8 May 2021 12:26:40 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org
Cc:     jroedel@...e.de, stable-commits@...r.kernel.org
Subject: Re: Patch "x86/boot/compressed/64: Check SEV encryption in the
 32-bit boot-path" has been added to the 5.12-stable tree

On Fri, May 07, 2021 at 11:22:23PM -0400, Sasha Levin wrote:
> This is a note to let you know that I've just added the patch titled
> 
>     x86/boot/compressed/64: Check SEV encryption in the 32-bit boot-path
> 
> to the 5.12-stable tree which can be found at:
>     http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
> 
> The filename of the patch is:
>      x86-boot-compressed-64-check-sev-encryption-in-the-3.patch
> and it can be found in the queue-5.12 subdirectory.
> 
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@...r.kernel.org> know about it.
> 
> 
> 
> commit 2c622aeb46b16fd945fc681fec16b989940b826d
> Author: Joerg Roedel <jroedel@...e.de>
> Date:   Fri Mar 12 13:38:23 2021 +0100
> 
>     x86/boot/compressed/64: Check SEV encryption in the 32-bit boot-path
>     
>     [ Upstream commit fef81c86262879d4b1176ef51a834c15b805ebb9 ]
>     
>     Check whether the hypervisor reported the correct C-bit when running
>     as an SEV guest. Using a wrong C-bit position could be used to leak
>     sensitive data from the guest to the hypervisor.
>     
>     Signed-off-by: Joerg Roedel <jroedel@...e.de>
>     Signed-off-by: Borislav Petkov <bp@...e.de>
>     Link: https://lkml.kernel.org/r/20210312123824.306-8-joro@8bytes.org
>     Signed-off-by: Sasha Levin <sashal@...nel.org>

This breaks the build (link time) for 5.12, 5.11, and 5.10 trees, so
I'll go drop it for now.

if it needs to come back, can someone submit a working version?

thanks,

greg k-h

Powered by blists - more mailing lists