Linux Kernel x86/SEV VMSA Page Handling Vulnerability During SNP Guest Memory Kdump

A vulnerability in the Linux kernel's handling of VMSA pages during SNP guest memory kdump has been addressed. When kdump runs makedumpfile to create a vmcore and dump SNP guest memory, it inadvertently accesses the VMSA page of the vCPU executing kdump. This interference leads to unrecoverable #NPF/RMP faults, as the VMSA page is marked busy when the vCPU is active, causing a guest soft lockup or hang. Additionally, other application processors (APs) may be stalled in guest mode with their VMSA pages also busy. Accessing these VMSA pages during the memory dump can trigger similar #NPF faults. The vulnerability arises because the kdump process disrupts the normal management of VMSA pages, particularly for vCPUs that are active or in guest mode.

Impact

The vulnerability can cause guest soft lockups or hangs, disrupting normal operations and potentially leading to system instability.

Remediation

The vulnerability has been resolved by modifying the kdump process to avoid touching VMSA pages that are in use. This includes issuing AP_DESTROY GHCB calls to other APs to exit guest mode and clearing the VMSA bit on their VMSA pages. For vCPUs running kdump, their VMSA pages are marked offline to prevent inclusion in the memory dump.