漏洞标题
cxl/pci:如果DVSEC CXL范围与CFMWS窗口不匹配,修复禁用内存的问题
漏洞描述信息
在Linux内核中,以下漏洞已得到修复:
cxl/pci:修复在DVSEC CXL范围与CFMWS窗口不匹配时禁用内存的问题
Linux CXL子系统建立在HPA==SPA的假设之上。
也就是说,HDM解码器寄存器被编程的主机物理地址(HPA)是系统物理地址(SPA)。
在HDM解码器设置过程中,会检查DVSEC CXL范围寄存器(cxl-3.1,8.1.3.8)是否启用内存,以及CXL范围是否位于CXL主机桥的CFMWS结构(cxl-3.1,9.18.1.3)中描述的HPA窗口内。
现在,如果HPA不是一个SPA,那么CXL范围与CFMWS窗口不匹配,CXL内存范围将被禁用。HDM解码器将停止工作,导致系统内存被禁用,进一步在HDM解码器初始化期间(通常在启用CXL的内核启动时)导致系统挂起。
防止系统挂起,如果解码器的CXL范围在CFMWS窗口中找不到,就不要禁用HDM解码器。
请注意,这个更改仅修复了硬件挂起的问题,但并没有实现HPA/SPA的转换。对此的支持可以添加在后续的补丁系列中。
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
漏洞类别
输入验证不恰当
漏洞标题
cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved:
cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window
The Linux CXL subsystem is built on the assumption that HPA == SPA.
That is, the host physical address (HPA) the HDM decoder registers are
programmed with are system physical addresses (SPA).
During HDM decoder setup, the DVSEC CXL range registers (cxl-3.1,
8.1.3.8) are checked if the memory is enabled and the CXL range is in
a HPA window that is described in a CFMWS structure of the CXL host
bridge (cxl-3.1, 9.18.1.3).
Now, if the HPA is not an SPA, the CXL range does not match a CFMWS
window and the CXL memory range will be disabled then. The HDM decoder
stops working which causes system memory being disabled and further a
system hang during HDM decoder initialization, typically when a CXL
enabled kernel boots.
Prevent a system hang and do not disable the HDM decoder if the
decoder's CXL range is not found in a CFMWS window.
Note the change only fixes a hardware hang, but does not implement
HPA/SPA translation. Support for this can be added in a follow on
patch series.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Linux kernel 安全漏洞
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于禁用内存错误。
CVSS信息
N/A
漏洞类别
其他