diff options
| author |  Brijesh Singh <brijesh.singh@amd.com>
| 2022-02-09 12:10:14 -0600 |
|---|---|---|
| committer |  Borislav Petkov <bp@suse.de>
| 2022-04-06 13:23:09 +0200 |
| commit | 9704c07bf9f7682a83aec4e66f2d9154dbd8577f (patch) | |
| tree | 774131a240a7f2b71eaced250cc67a58ecfc7611 /arch/x86/include | |
| parent | x86/kernel: Mark the .bss..decrypted section as shared in the RMP table (diff) | |
| download | linux-9704c07bf9f7.tar.gz linux-9704c07bf9f7.tar.bz2 linux-9704c07bf9f7.zip | |
x86/kernel: Validate ROM memory before accessing when SEV-SNP is active
probe_roms() accesses the memory range (0xc0000 - 0x10000) to probe
various ROMs. The memory range is not part of the E820 system RAM range.
The memory range is mapped as private (i.e encrypted) in the page table.
When SEV-SNP is active, all the private memory must be validated before
accessing. The ROM range was not part of E820 map, so the guest BIOS
did not validate it. An access to invalidated memory will cause a
exception yet, so validate the ROM memory regions before it is accessed.
[ bp: Massage commit message. ]
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220307213356.2797205-21-brijesh.singh@amd.com
Diffstat (limited to 'arch/x86/include')
0 files changed, 0 insertions, 0 deletions