stuartl/linux-stable
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-09-13 11:07:46 +10:00
Code Issues Releases Wiki Activity
1,164,223 Commits 99 Branches 5,402 Tags 8.3 GiB
304d1fb275
Go to file
Pawan Gupta 304d1fb275 x86/vmscape: Enumerate VMSCAPE bug 
Commit a508cec6e5 upstream.

The VMSCAPE vulnerability may allow a guest to cause Branch Target
Injection (BTI) in userspace hypervisors.

Kernels (both host and guest) have existing defenses against direct BTI
attacks from guests. There are also inter-process BTI mitigations which
prevent processes from attacking each other. However, the threat in this
case is to a userspace hypervisor within the same process as the attacker.

Userspace hypervisors have access to their own sensitive data like disk
encryption keys and also typically have access to all guest data. This
means guest userspace may use the hypervisor as a confused deputy to attack
sensitive guest kernel data. There are no existing mitigations for these
attacks.

Introduce X86_BUG_VMSCAPE for this vulnerability and set it on affected
Intel and AMD CPUs.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-09-11 17:19:15 +02:00
arch x86/vmscape: Enumerate VMSCAPE bug 2025-09-11 17:19:15 +02:00
block block: reject invalid operation in submit_bio_noacct 2025-08-28 16:26:10 +02:00
certs
crypto
Documentation Documentation/hw-vuln: Add VMSCAPE documentation 2025-09-11 17:19:15 +02:00
drivers cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() 2025-09-09 18:54:25 +02:00
fs fs: relax assertions on failure to encode file handles 2025-09-09 18:54:21 +02:00
include PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads 2025-09-09 18:54:18 +02:00
init
io_uring
ipc
kernel cpufreq/sched: Explicitly synchronize limits_changed flag handling 2025-09-09 18:54:18 +02:00
lib
LICENSES
mm mm: slub: avoid wake up kswapd in set_track_prepare 2025-09-09 18:54:24 +02:00
net net: dsa: microchip: linearize skb for tail-tagging switches 2025-09-09 18:54:20 +02:00
rust
samples samples: mei: Fix building on musl libc 2025-08-15 12:04:55 +02:00
scripts kconfig: lxdialog: fix 'space' to (de)select options 2025-08-28 16:26:02 +02:00
security apparmor: use the condition in AA_BUG_FMT even with debug disabled 2025-08-28 16:26:01 +02:00
sound ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY 2025-09-09 18:54:21 +02:00
tools tools: gpio: remove the include directory on make clean 2025-09-09 18:54:24 +02:00
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
.rustfmt.toml
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile Linux 6.1.151 2025-09-09 18:54:25 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.