In the Linux kernel, the following vulnerability has been resolved:
x86/ioremap: Map EFI-reserved memory as encrypted for SEV
Some drivers require memory that is marked as EFI boot services data. In order for this memory to not be re-used by the kernel after ExitBootServices(), efimemreserve() is used to preserve it by inserting a new EFI memory descriptor and marking it with the EFIMEMORYRUNTIME attribute.
Under SEV, memory marked with the EFIMEMORYRUNTIME attribute needs to be mapped encrypted by Linux, otherwise the kernel might crash at boot like below:
EFI Variables Facility v0.08 2004-May-17 general protection fault, probably for non-canonical address 0x3597688770a868b2: 0000 [#1] SMP NOPTI CPU: 13 PID: 1 Comm: swapper/0 Not tainted 5.12.4-2-default #1 openSUSE Tumbleweed Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 RIP: 0010:efimokvarentrynext [...] Call Trace: efimokvarsysfsinit ? efimokvartableinit dooneinitcall ? _kmalloc kernelinitfreeable ? restinit kernelinit retfromfork
Expand the _ioremapcheck_other() function to additionally check for this other type of boot data reserved at runtime and indicate that it should be mapped encrypted for an SEV guest.
[ bp: Massage commit message. ]