CVE-2023-52597

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> KVM: s390: fix setting of fpc register<br /> <br /> kvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control<br /> (fpc) register of a guest cpu. The new value is tested for validity by<br /> temporarily loading it into the fpc register.<br /> <br /> This may lead to corruption of the fpc register of the host process:<br /> if an interrupt happens while the value is temporarily loaded into the fpc<br /> register, and within interrupt context floating point or vector registers<br /> are used, the current fp/vx registers are saved with save_fpu_regs()<br /> assuming they belong to user space and will be loaded into fp/vx registers<br /> when returning to user space.<br /> <br /> test_fp_ctl() restores the original user space / host process fpc register<br /> value, however it will be discarded, when returning to user space.<br /> <br /> In result the host process will incorrectly continue to run with the value<br /> that was supposed to be used for a guest cpu.<br /> <br /> Fix this by simply removing the test. There is another test right before<br /> the SIE context is entered which will handles invalid values.<br /> <br /> This results in a change of behaviour: invalid values will now be accepted<br /> instead of that the ioctl fails with -EINVAL. This seems to be acceptable,<br /> given that this interface is most likely not used anymore, and this is in<br /> addition the same behaviour implemented with the memory mapped interface<br /> (replace invalid values with zero) - see sync_regs() in kvm-s390.c.