linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-06 10:58:48 +09:00

Go to file

Pawan Gupta 813cb83143 x86/vmscape: Enumerate VMSCAPE bug

Commit a508cec6e5215a3fbc7e73ae86a5c5602187934d upstream.

The VMSCAPE vulnerability may allow a guest to cause Branch Target
Injection (BTI) in userspace hypervisors.

Kernels (both host and guest) have existing defenses against direct BTI
attacks from guests. There are also inter-process BTI mitigations which
prevent processes from attacking each other. However, the threat in this
case is to a userspace hypervisor within the same process as the attacker.

Userspace hypervisors have access to their own sensitive data like disk
encryption keys and also typically have access to all guest data. This
means guest userspace may use the hypervisor as a confused deputy to attack
sensitive guest kernel data. There are no existing mitigations for these
attacks.

Introduce X86_BUG_VMSCAPE for this vulnerability and set it on affected
Intel and AMD CPUs.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2025-09-11 17:20:27 +02:00

arch

x86/vmscape: Enumerate VMSCAPE bug

2025-09-11 17:20:27 +02:00

block

block: reject invalid operation in submit_bio_noacct

2025-08-28 16:28:40 +02:00

certs

sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3

2025-04-25 10:45:58 +02:00

crypto

crypto: jitter - fix intermediary handling

2025-08-28 16:28:26 +02:00

Documentation

Documentation/hw-vuln: Add VMSCAPE documentation

2025-09-11 17:20:27 +02:00

drivers

spi: fsl-qspi: Fix double cleanup in probe error path

2025-09-09 18:56:35 +02:00

btrfs: adjust subpage bit start based on sectorsize

2025-09-09 18:56:30 +02:00

include

PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads

2025-09-09 18:56:29 +02:00

init

sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP

2025-05-02 07:50:57 +02:00

io_uring

io_uring/net: commit partial buffers on retry

2025-08-28 16:28:11 +02:00

ipc

ipc: fix to protect IPCS lookups using RCU

2025-06-27 11:08:49 +01:00

kernel

sched: Fix sched_numa_find_nth_cpu() if mask offline

2025-09-09 18:56:26 +02:00

lib

netlink: add variable-length / auto integers

2025-09-09 18:56:22 +02:00

LICENSES

LICENSES: Add the copyleft-next-0.3.1 license

2022-11-08 15:44:01 +01:00

mm: slub: avoid wake up kswapd in set_track_prepare

2025-09-09 18:56:34 +02:00

net

net: dsa: microchip: linearize skb for tail-tagging switches

2025-09-09 18:56:31 +02:00

rust

rust: module: place cleanup_module() in .exit.text section

2025-07-06 11:00:06 +02:00

samples

samples: mei: Fix building on musl libc

2025-08-15 12:08:43 +02:00

scripts

kconfig: lxdialog: fix 'space' to (de)select options

2025-08-28 16:28:29 +02:00

security

apparmor: use the condition in AA_BUG_FMT even with debug disabled

2025-08-28 16:28:28 +02:00

sound

ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY

2025-09-09 18:56:32 +02:00

tools

tools: gpio: remove the include directory on make clean

2025-09-09 18:56:34 +02:00

usr

kbuild: hdrcheck: fix cross build with clang

2025-03-13 12:58:38 +01:00

virt

KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock

2024-10-04 16:29:47 +02:00

.clang-format

iommu: Add for_each_group_device()

2023-05-23 08:15:51 +02:00

.cocciconfig

scripts: add Linux .cocciconfig for coccinelle

2016-07-22 12:13:39 +02:00

.get_maintainer.ignore

get_maintainer: add Alan to .get_maintainer.ignore

2022-08-20 15:17:44 -07:00

.gitattributes

.gitattributes: set diff driver for Rust source code files

2023-05-31 17:48:25 +02:00

.gitignore

Remove *.orig pattern from .gitignore

2024-10-04 16:29:44 +02:00

.mailmap

Merge tag 'mm-hotfixes-stable-2023-10-24-09-40' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm

2023-10-24 09:52:16 -10:00

.rustfmt.toml

rust: add .rustfmt.toml

2022-09-28 09:02:20 +02:00

COPYING

COPYING: state that all contributions really are covered by this file

2020-02-10 13:32:20 -08:00

CREDITS

USB: Remove Wireless USB and UWB documentation

2023-08-09 14:17:32 +02:00

Kbuild

Merge tag 'kbuild-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2022-10-10 12:00:45 -07:00

Kconfig

kbuild: ensure full rebuild when the compiler is updated

2020-05-12 13:28:33 +09:00

MAINTAINERS

sign-file,extract-cert: move common SSL helper functions to a header

2025-04-25 10:45:57 +02:00

Makefile

Linux 6.6.105

2025-09-09 18:56:35 +02:00

README

Drop all 00-INDEX files from Documentation/

2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.