lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 19 Mar 2023 13:35:28 +0100
From:   Borislav Petkov <bp@...en8.de>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     x86-ml <x86@...nel.org>, lkml <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] x86/urgent for v6.3-rc3

Hi Linus,

please pull the urgent x86 lineup for 6.3. There's a little bit more
"movement" in there for my taste but it needs to happen and should make
the code better after it.

Thx.

---

The following changes since commit eeac8ede17557680855031c6f305ece2378af326:

  Linux 6.3-rc2 (2023-03-12 16:36:44 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_urgent_for_v6.3_rc3

for you to fetch changes up to cbebd68f59f03633469f3ecf9bea99cd6cce3854:

  x86/mm: Fix use of uninitialized buffer in sme_enable() (2023-03-16 12:22:25 +0100)

----------------------------------------------------------------
- Check cmdline_find_option()'s return value before further processing

- Clear temporary storage in the resctrl code to prevent access to an
  unexistent MSR

- Add a simple throttling mechanism to protect the hypervisor from potentially
  malicious SEV guests issuing requests in rapid succession.

  In order to not jeopardize the sanity of everyone involved in
  maintaining this code, the request issuing side has received
  a cleanup, split in more or less trivial, small and digestible pieces.
  Otherwise, the code was threatening to become an unmaintainable mess.

  Therefore, that cleanup is marked indirectly also for stable so that
  there's no differences between the upstream code and the stable
  variant when it comes down to backporting more there.

----------------------------------------------------------------
Borislav Petkov (AMD) (6):
      virt/coco/sev-guest: Check SEV_SNP attribute at probe time
      virt/coco/sev-guest: Simplify extended guest request handling
      virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request()
      virt/coco/sev-guest: Carve out the request issuing logic into a helper
      virt/coco/sev-guest: Do some code style cleanups
      virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case

Dionna Glaze (1):
      virt/coco/sev-guest: Add throttling awareness

Nikita Zhandarovich (1):
      x86/mm: Fix use of uninitialized buffer in sme_enable()

Shawn Wang (1):
      x86/resctrl: Clear staged_config[] before and after it is used

 arch/x86/include/asm/sev-common.h         |   3 +-
 arch/x86/kernel/cpu/resctrl/ctrlmondata.c |   7 +-
 arch/x86/kernel/cpu/resctrl/internal.h    |   1 +
 arch/x86/kernel/cpu/resctrl/rdtgroup.c    |  25 +++++-
 arch/x86/kernel/sev.c                     |  26 +++---
 arch/x86/mm/mem_encrypt_identity.c        |   3 +-
 drivers/virt/coco/sev-guest/sev-guest.c   | 128 ++++++++++++++++++------------
 7 files changed, 123 insertions(+), 70 deletions(-)

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ