Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'x86_urgent_for_v6.7_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Borislav Petkov:
- Add a forgotten CPU vendor check in the AMD microcode post-loading
callback so that the callback runs only on AMD
- Make sure SEV-ES protocol negotiation happens only once and on the
BSP
* tag 'x86_urgent_for_v6.7_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/CPU/AMD: Check vendor in the AMD microcode callback
x86/sev: Fix kernel crash due to late update to read-only ghcb_version
+10
-4
+3
arch/x86/kernel/cpu/amd.c
+3
arch/x86/kernel/cpu/amd.c
+7
-4
arch/x86/kernel/sev.c
+7
-4
arch/x86/kernel/sev.c
···
1234
1234
if (!cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT))
1235
1235
return;
1236
1236
1237
-
/* First make sure the hypervisor talks a supported protocol. */
1238
-
if (!sev_es_negotiate_protocol())
1239
-
sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ);
1240
-
1241
1237
/*
1242
1238
* Check whether the runtime #VC exception handler is active. It uses
1243
1239
* the per-CPU GHCB page which is set up by sev_es_init_vc_handling().
···
1249
1253
1250
1254
return;
1251
1255
}
1256
+
1257
+
/*
1258
+
* Make sure the hypervisor talks a supported protocol.
1259
+
* This gets called only in the BSP boot phase.
1260
+
*/
1261
+
if (!sev_es_negotiate_protocol())
1262
+
sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SEV_ES_GEN_REQ);
1252
1263
1253
1264
/*
1254
1265
* Clear the boot_ghcb. The first exception comes in before the bss