)]}'
{
  "commit": "30e492ecce8decf0855b77d7e30c7f9ec9d23f8d",
  "tree": "d7ce90b5eb644f48138cb7badd5125b972b32d1a",
  "parents": [
    "a0c4516394ceb5b924a5fc597fa0eba9f1708879"
  ],
  "author": {
    "name": "Joerg Roedel",
    "email": "jroedel@suse.de",
    "time": "Mon Oct 16 14:42:50 2023 +0200"
  },
  "committer": {
    "name": "He Gao",
    "email": "hegao@google.com",
    "time": "Fri Nov 10 21:20:05 2023 +0000"
  },
  "message": "x86/sev: Check for user-space IOIO pointing to kernel space\n\nUpstream commit: 63e44bc52047f182601e7817da969a105aa1f721\n\nCheck the memory operand of INS/OUTS before emulating the instruction.\nThe #VC exception can get raised from user-space, but the memory operand\ncan be manipulated to access kernel memory before the emulation actually\nbegins and after the exception handler has run.\n\n  [ bp: Massage commit message. ]\n\nCherry-pick to release branch to fix CVE-2023-46813.\n\nBUG\u003db/309761497\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixed CVE-2023-46813 in the Linux kernel.\n\nFixes: 597cfe48212a (\"x86/boot/compressed/64: Setup a GHCB-based VC Exception handler\")\nReported-by: Tom Dohrmann \u003cerbse.13@gmx.de\u003e\nChange-Id: I2fca727a9ebadf0e321d26b9dbf90866c23620eb\nSigned-off-by: Joerg Roedel \u003cjroedel@suse.de\u003e\nSigned-off-by: Borislav Petkov (AMD) \u003cbp@alien8.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/61035\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Anil Altinay \u003caaltinay@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "0c2c87696d03d46002720379ce910ab9dc5acb52",
      "old_mode": 33188,
      "old_path": "arch/x86/boot/compressed/sev-es.c",
      "new_id": "e23748fa2d5f53d0d886259d6e01ad1b72ece946",
      "new_mode": 33188,
      "new_path": "arch/x86/boot/compressed/sev-es.c"
    },
    {
      "type": "modify",
      "old_id": "ec699f113fa900e3084a849ea08790fd03fe26b6",
      "old_mode": 33188,
      "old_path": "arch/x86/kernel/sev-es-shared.c",
      "new_id": "e9f8a2bc5de963dfa1d778fc0f2c4d9d00257109",
      "new_mode": 33188,
      "new_path": "arch/x86/kernel/sev-es-shared.c"
    }
  ]
}