** Information type changed from Private Security to Public Security ** Summary changed:
- Placeholder bug + arm64/KVM debug registers vulnerability ** Description changed: - Placeholder bug report for arm64 KVM issue. + [Impact] + + https://www.openwall.com/lists/oss-security/2020/01/30/5 + + A bug has been fixed in the arm64 KVM port (commit id + 4942dc6638b07b5326b6d2faa142635c559e7cd5 "KVM: arm64: Write + arch.mdcr_el2 changes since last vcpu_load on VHE") which would allow a + guest to access the debug/PMU registers used by the host without being + trapped. This can only happen during the vCPU start until the first + preemption. Systems with an ARMv8.1 or later CPU are affected (with the + Virtualisation Host Extensions). + + The implications are that a guest, for a brief period, may be able to + read event counters belonging to the host or potentially trigger + perf-related IRQs in the host. + + + [Test Case] + + [Regression Potential] -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1860657 Title: Prevent arm64 guest from accessing host debug registers Status in linux package in Ubuntu: Triaged Bug description: [Impact] Guests could access host debug/PMU registers. This could happen very briefly before they are first preempted. This only affects arm64 CPUs that support virtualization. [Regression potential] This could break virtualization or guest access to PMU registers. [Test case] A guest has been run with a host with the patched kernel. perf top has been run on the guest. Using uvtool: host$ sudo apt install uvtool qemu-efi-aarch64 host$ uvt-kvm create test release=eoan arch=arm64 host$ uvt-kvm ssh test guest$ sudo perf top To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1860657/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
