korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-20 12:54:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
982,775 Commits 115 Branches 5,367 Tags 4.6 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
2732be9023
Go to file
Sean Christopherson 2732be9023 KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs 
Don't clear the SME C-bit when reading a guest PDPTR, as the GPA (CR3) is
in the guest domain.

Barring a bizarre paravirtual use case, this is likely a benign bug.  SME
is not emulated by KVM, loading SEV guest PDPTRs is doomed as KVM can't
use the correct key to read guest memory, and setting guest MAXPHYADDR
higher than the host, i.e. overlapping the C-bit, would cause faults in
the guest.

Note, for SEV guests, stripping the C-bit is technically aligned with CPU
behavior, but for KVM it's the greater of two evils.  Because KVM doesn't
have access to the guest's encryption key, ignoring the C-bit would at
best result in KVM reading garbage.  By keeping the C-bit, KVM will
fail its read (unless userspace creates a memslot with the C-bit set).
The guest will still undoubtedly die, as KVM will use '0' for the PDPTR
value, but that's preferable to interpreting encrypted data as a PDPTR.

Fixes: d0ec49d4de ("kvm/x86/svm: Support Secure Memory Encryption within KVM")
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20210204000117.3303214-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-02-04 09:27:27 -05:00
arch KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs 2021-02-04 09:27:27 -05:00
block block-5.11-2021-01-10 2021-01-10 12:53:08 -08:00
certs .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
crypto Char/Misc driver fixes for 5.11-rc3 2021-01-10 12:24:33 -08:00
Documentation KVM: Add documentation for Xen hypercall and shared_info updates 2021-02-04 14:19:39 +00:00
drivers KVM/SVM: add support for SEV attestation command 2021-02-04 05:27:20 -05:00
fs block-5.11-2021-01-10 2021-01-10 12:53:08 -08:00
include KVM: x86: declare Xen HVM shared info capability and add test case 2021-02-04 14:19:39 +00:00
init Revert "init/console: Use ttynull as a fallback when there is no console" 2021-01-08 11:02:18 -08:00
ipc Merge branch 'akpm' (patches from Andrew) 2020-12-15 12:53:37 -08:00
kernel sched: Add cond_resched_rwlock 2021-02-04 05:27:43 -05:00
lib Kbuild fixes for v5.11 2021-01-10 13:24:55 -08:00
LICENSES LICENSES: Add the CC-BY-4.0 license 2020-12-08 10:33:27 -07:00
mm mm: make wait_on_page_writeback() wait for multiple pending writebacks 2021-01-05 11:33:00 -08:00
net nexthop: Bounce NHA_GATEWAY in FDB nexthop groups 2021-01-07 18:47:18 -08:00
samples ARM: SoC drivers for v5.11 2020-12-16 16:38:41 -08:00
scripts Kbuild fixes for v5.11 2021-01-10 13:24:55 -08:00
security Provide a fix for the incorrect handling of privilege 2020-12-24 14:08:43 -08:00
sound sound fixes for 5.11-rc3 2021-01-05 13:25:49 -08:00
tools KVM: x86: declare Xen HVM shared info capability and add test case 2021-02-04 14:19:39 +00:00
usr Merge branch 'work.fdpic' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2020-08-07 13:29:39 -07:00
virt KVM: x86/mmu: Use an rwlock for the x86 MMU 2021-02-04 05:27:43 -05:00
.clang-format RDMA 5.10 pull request 2020-10-17 11:18:18 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: docs: ignore sphinx_*/ directories 2020-09-10 10:44:31 -06:00
.mailmap RDMA 5.11 pull request 2020-12-16 13:42:26 -08:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-12-11 22:29:38 -08:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Kbuild fixes for v5.11 2021-01-10 13:24:55 -08:00
Makefile Linux 5.11-rc3 2021-01-10 14:34:50 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.