lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240420083458.3692711-1-pbonzini@redhat.com>
Date: Sat, 20 Apr 2024 04:34:58 -0400
From: Paolo Bonzini <pbonzini@...hat.com>
To: torvalds@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org,
	kvm@...r.kernel.org
Subject: [GIT PULL] KVM changes for Linux 6.9-rc5

Linus,

The following changes since commit fec50db7033ea478773b159e0e2efb135270e3b7:

  Linux 6.9-rc3 (2024-04-07 13:22:46 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus

for you to fetch changes up to 44ecfa3e5f1ce2b5c7fa7003abde8a667c158f88:

  Merge branch 'svm' of https://github.com/kvm-x86/linux into HEAD (2024-04-17 11:44:37 -0400)

This is a bit on the large side, mostly due to two parts of the pull request:

* changes to disable some broken PMU virtualization

* a clean up to SVM's enter/exit assembly code so that it can be compiled
  without OBJECT_FILES_NON_STANDARD, fixing a warning that appeared in
  6.9-rc1.

Everything else is small bugfixes and selftest changes.

----------------------------------------------------------------
* Clean up SVM's enter/exit assembly code so that it can be compiled
  without OBJECT_FILES_NON_STANDARD.  This fixes a warning
  "Unpatched return thunk in use. This should not happen!" when running
  KVM selftests.

* Fix a mostly benign bug in the gfn_to_pfn_cache infrastructure where KVM
  would allow userspace to refresh the cache with a bogus GPA.  The bug has
  existed for quite some time, but was exposed by a new sanity check added in
  6.9 (to ensure a cache is either GPA-based or HVA-based).

* Drop an unused param from gfn_to_pfn_cache_invalidate_start() that got left
  behind during a 6.9 cleanup.

* Fix a math goof in x86's hugepage logic for KVM_SET_MEMORY_ATTRIBUTES that
  results in an array overflow (detected by KASAN).

* Fix a bug where KVM incorrectly clears root_role.direct when userspace sets
  guest CPUID.

* Fix a dirty logging bug in the where KVM fails to write-protect SPTEs used
  by a nested guest, if KVM is using Page-Modification Logging and the nested
  hypervisor is NOT using EPT.

x86 PMU:

* Drop support for virtualizing adaptive PEBS, as KVM's implementation is
  architecturally broken without an obvious/easy path forward, and because
  exposing adaptive PEBS can leak host LBRs to the guest, i.e. can leak
  host kernel addresses to the guest.

* Set the enable bits for general purpose counters in PERF_GLOBAL_CTRL at
  RESET time, as done by both Intel and AMD processors.

* Disable LBR virtualization on CPUs that don't support LBR callstacks, as
  KVM unconditionally uses PERF_SAMPLE_BRANCH_CALL_STACK when creating the
  perf event, and would fail on such CPUs.

Tests:

* Fix a flaw in the max_guest_memory selftest that results in it exhausting
  the supply of ucall structures when run with more than 256 vCPUs.

* Mark KVM_MEM_READONLY as supported for RISC-V in set_memory_region_test.

----------------------------------------------------------------
Andrew Jones (1):
      KVM: selftests: fix supported_flags for riscv

Christophe JAILLET (1):
      KVM: SVM: Remove a useless zeroing of allocated memory

David Matlack (4):
      KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status
      KVM: x86/mmu: Remove function comments above clear_dirty_{gfn_range,pt_masked}()
      KVM: x86/mmu: Fix and clarify comments about clearing D-bit vs. write-protecting
      KVM: selftests: Add coverage of EPT-disabled to vmx_dirty_log_test

Maxim Levitsky (1):
      KVM: selftests: fix max_guest_memory_test with more that 256 vCPUs

Paolo Bonzini (2):
      Merge tag 'kvm-x86-fixes-6.9-rcN' of https://github.com/kvm-x86/linux into HEAD
      Merge branch 'svm' of https://github.com/kvm-x86/linux into HEAD

Rick Edgecombe (1):
      KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes

Sandipan Das (1):
      KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms

Sean Christopherson (20):
      KVM: Add helpers to consolidate gfn_to_pfn_cache's page split check
      KVM: Check validity of offset+length of gfn_to_pfn_cache prior to activation
      KVM: Explicitly disallow activatating a gfn_to_pfn_cache with INVALID_GPA
      KVM: x86/pmu: Disable support for adaptive PEBS
      KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at "RESET"
      KVM: selftests: Verify post-RESET value of PERF_GLOBAL_CTRL in PMCs test
      KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding
      KVM: SVM: Wrap __svm_sev_es_vcpu_run() with #ifdef CONFIG_KVM_AMD_SEV
      KVM: SVM: Drop 32-bit "support" from __svm_sev_es_vcpu_run()
      KVM: SVM: Clobber RAX instead of RBX when discarding spec_ctrl_intercepted
      KVM: SVM: Save/restore non-volatile GPRs in SEV-ES VMRUN via host save area
      KVM: SVM: Save/restore args across SEV-ES VMRUN via host save area
      KVM: SVM: Create a stack frame in __svm_sev_es_vcpu_run()
      KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD
      KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible
      KVM: VMX: Snapshot LBR capabilities during module initialization
      perf/x86/intel: Expose existence of callback support to KVM
      KVM: VMX: Disable LBR virtualization if the CPU doesn't support LBR callstacks
      KVM: x86/mmu: Precisely invalidate MMU root_role during CPUID update
      KVM: Drop unused @may_block param from gfn_to_pfn_cache_invalidate_start()

Tao Su (1):
      KVM: VMX: Ignore MKTME KeyID bits when intercepting #PF for allow_smaller_maxphyaddr

 arch/x86/events/intel/lbr.c                        |  1 +
 arch/x86/include/asm/kvm_host.h                    |  1 +
 arch/x86/include/asm/perf_event.h                  |  1 +
 arch/x86/kvm/Makefile                              |  5 --
 arch/x86/kvm/cpuid.c                               |  1 +
 arch/x86/kvm/cpuid.h                               | 10 +++
 arch/x86/kvm/lapic.c                               |  3 +-
 arch/x86/kvm/mmu/mmu.c                             | 11 +--
 arch/x86/kvm/mmu/tdp_mmu.c                         | 51 +++++-------
 arch/x86/kvm/pmu.c                                 | 16 +++-
 arch/x86/kvm/svm/sev.c                             |  2 +-
 arch/x86/kvm/svm/svm.c                             | 17 ++--
 arch/x86/kvm/svm/svm.h                             |  3 +-
 arch/x86/kvm/svm/vmenter.S                         | 97 ++++++++++------------
 arch/x86/kvm/vmx/pmu_intel.c                       |  2 +-
 arch/x86/kvm/vmx/vmx.c                             | 41 +++++++--
 arch/x86/kvm/vmx/vmx.h                             |  6 +-
 arch/x86/kvm/x86.c                                 |  2 +-
 .../testing/selftests/kvm/max_guest_memory_test.c  | 15 ++--
 .../testing/selftests/kvm/set_memory_region_test.c |  2 +-
 .../selftests/kvm/x86_64/pmu_counters_test.c       | 20 ++++-
 .../selftests/kvm/x86_64/vmx_dirty_log_test.c      | 60 +++++++++----
 virt/kvm/kvm_main.c                                |  3 +-
 virt/kvm/kvm_mm.h                                  |  6 +-
 virt/kvm/pfncache.c                                | 50 +++++++----
 25 files changed, 267 insertions(+), 159 deletions(-)


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ