fix CVE-2023-46813
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it.
Borislav Petkov (AMD) (1): [Backport] x86/sev: Disable MMIO emulation from user mode
Joerg Roedel (2): [Backport] x86/sev: Check IOBM for IOIO exceptions from user-space [Backport] x86/sev: Check for user-space IOIO pointing to kernel space
arch/x86/boot/compressed/sev-es.c | 10 ++++++ arch/x86/kernel/sev-es-shared.c | 53 +++++++++++++++++++++++++------ arch/x86/kernel/sev-es.c | 30 +++++++++++++++++ 3 files changed, 84 insertions(+), 9 deletions(-)