In the Linux kernel, the following vulnerability has been resolved:
x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers
require memory that is marked as EFI boot services data. In order for this
memory to not be re-used by the kernel after ExitBootServices(),
efi_mem_reserve() is used to preserve it by inserting a new EFI memory
descriptor and marking it with the EFI_MEMORY_RUNTIME attribute. Under SEV,
memory marked with the EFI_MEMORY_RUNTIME attribute needs to be mapped
encrypted by Linux, otherwise the kernel might crash at boot like below:
EFI Variables Facility v0.08 2004-May-17 general protection fault, probably
for non-canonical address 0x3597688770a868b2: 0000 [#1] SMP NOPTI CPU: 13
PID: 1 Comm: swapper/0 Not tainted 5.12.4-2-default #1 openSUSE Tumbleweed
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015
RIP: 0010:efi_mokvar_entry_next […] Call Trace: efi_mokvar_sysfs_init ?
efi_mokvar_table_init do_one_initcall ? __kmalloc kernel_init_freeable ?
rest_init kernel_init ret_from_fork Expand the __ioremap_check_other()
function to additionally check for this other type of boot data reserved at
runtime and indicate that it should be mapped encrypted for an SEV guest. [
bp: Massage commit message. ]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b (5.13-rc7)
git.kernel.org/stable/c/208bb686e7fa7fff16e8fa78ff0db34aa9acdbd7
git.kernel.org/stable/c/8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b
git.kernel.org/stable/c/b7a05aba39f733ec337c5b952e112dd2dc4fc404
launchpad.net/bugs/cve/CVE-2021-47228
nvd.nist.gov/vuln/detail/CVE-2021-47228
security-tracker.debian.org/tracker/CVE-2021-47228
www.cve.org/CVERecord?id=CVE-2021-47228