]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3b8594d) | patch
x86/kernel: Validate ROM memory before accessing when SEV-SNP is active
authorBrijesh Singh <brijesh.singh@amd.com>
Wed, 9 Feb 2022 18:10:14 +0000 (12:10 -0600)
committerBorislav Petkov <bp@suse.de>
Wed, 6 Apr 2022 11:23:09 +0000 (13:23 +0200)
commit0fc661d3aac2c05d254d05f96ff72573ae5718b1
tree774131a240a7f2b71eaced250cc67a58ecfc7611tree | snapshot
parent3b8594d9e0ad90f0a2c85f58daeaf181b2d432e7commit | diff
x86/kernel: Validate ROM memory before accessing when SEV-SNP is active

probe_roms() accesses the memory range (0xc0000 - 0x10000) to probe
various ROMs. The memory range is not part of the E820 system RAM range.
The memory range is mapped as private (i.e encrypted) in the page table.

When SEV-SNP is active, all the private memory must be validated before
accessing. The ROM range was not part of E820 map, so the guest BIOS
did not validate it. An access to invalidated memory will cause a
exception yet, so validate the ROM memory regions before it is accessed.

  [ bp: Massage commit message. ]

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220307213356.2797205-21-brijesh.singh@amd.com
arch/x86/kernel/probe_roms.c diff | blob | history
Linux Kernel Source Tree.