| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241112193335.597514-3-seanjc@google.com>
Date: Tue, 12 Nov 2024 11:33:32 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Sean Christopherson <seanjc@...gle.com>
Subject: [GIT PULL] KVM: x86: Misc changes for 6.13
Please pull a variety of misc x86 changes. The highlight is Maxim's
overhaul of the non-canonical logic to (try to) better follow hardware
behavior when LA57 is supported.
The STUFF_FEATURE_MSRS quirk might also be worth a second glance?
The following changes since commit 81983758430957d9a5cb3333fe324fd70cf63e7e:
Linux 6.12-rc5 (2024-10-27 12:52:02 -1000)
are available in the Git repository at:
https://github.com/kvm-x86/linux.git tags/kvm-x86-misc-6.13
for you to fetch changes up to a75b7bb46a83a2990f6b498251798930a19808d9:
KVM: x86: Short-circuit all of kvm_apic_set_base() if MSR value is unchanged (2024-11-04 20:57:55 -0800)
----------------------------------------------------------------
KVM x86 misc changes for 6.13
- Clean up and optimize KVM's handling of writes to MSR_IA32_APICBASE.
- Quirk KVM's misguided behavior of initialized certain feature MSRs to
their maximum supported feature set, which can result in KVM creating
invalid vCPU state. E.g. initializing PERF_CAPABILITIES to a non-zero
value results in the vCPU having invalid state if userspace hides PDCM
from the guest, which can lead to save/restore failures.
- Fix KVM's handling of non-canonical checks for vCPUs that support LA57
to better follow the "architecture", in quotes because the actual
behavior is poorly documented. E.g. most MSR writes and descriptor
table loads ignore CR4.LA57 and operate purely on whether the CPU
supports LA57.
- Bypass the register cache when querying CPL from kvm_sched_out(), as
filling the cache from IRQ context is generally unsafe, and harden the
cache accessors to try to prevent similar issues from occuring in the
future.
- Advertise AMD_IBPB_RET to userspace, and fix a related bug where KVM
over-advertises SPEC_CTRL when trying to support cross-vendor VMs.
- Minor cleanups
----------------------------------------------------------------
Jim Mattson (2):
KVM: x86: Advertise AMD_IBPB_RET to userspace
KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB
Kai Huang (2):
KVM: x86: Fix a comment inside kvm_vcpu_update_apicv()
KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit()
Maxim Levitsky (5):
KVM: x86: drop x86.h include from cpuid.h
KVM: x86: Route non-canonical checks in emulator through emulate_ops
KVM: x86: Add X86EMUL_F_MSR and X86EMUL_F_DT_LOAD to aid canonical checks
KVM: x86: model canonical checks more precisely
KVM: nVMX: fix canonical check of vmcs12 HOST_RIP
Sean Christopherson (23):
KVM: x86: Ensure vcpu->mode is loaded from memory in kvm_vcpu_exit_request()
KVM: x86: Bypass register cache when querying CPL from kvm_sched_out()
KVM: x86: Add lockdep-guarded asserts on register cache usage
KVM: x86: Use '0' for guest RIP if PMI encounters protected guest state
KVM: x86: Document an erratum in KVM_SET_VCPU_EVENTS on Intel CPUs
KVM: x86: Co-locate initialization of feature MSRs in kvm_arch_vcpu_create()
KVM: x86: Disallow changing MSR_PLATFORM_INFO after vCPU has run
KVM: x86: Quirk initialization of feature MSRs to KVM's max configuration
KVM: x86: Reject userspace attempts to access PERF_CAPABILITIES w/o PDCM
KVM: VMX: Remove restriction that PMU version > 0 for PERF_CAPABILITIES
KVM: x86: Reject userspace attempts to access ARCH_CAPABILITIES w/o support
KVM: x86: Remove ordering check b/w MSR_PLATFORM_INFO and MISC_FEATURES_ENABLES
KVM: selftests: Verify get/set PERF_CAPABILITIES w/o guest PDMC behavior
KVM: selftests: Add a testcase for disabling feature MSRs init quirk
KVM: x86: Short-circuit all kvm_lapic_set_base() if MSR value isn't changing
KVM: x86: Drop superfluous kvm_lapic_set_base() call when setting APIC state
KVM: x86: Get vcpu->arch.apic_base directly and drop kvm_get_apic_base()
KVM: x86: Inline kvm_get_apic_mode() in lapic.h
KVM: x86: Move kvm_set_apic_base() implementation to lapic.c (from x86.c)
KVM: x86: Rename APIC base setters to better capture their relationship
KVM: x86: Make kvm_recalculate_apic_map() local to lapic.c
KVM: x86: Unpack msr_data structure prior to calling kvm_apic_set_base()
KVM: x86: Short-circuit all of kvm_apic_set_base() if MSR value is unchanged
Documentation/virt/kvm/api.rst | 22 ++++
Documentation/virt/kvm/x86/errata.rst | 12 +++
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h | 4 +-
arch/x86/include/uapi/asm/kvm.h | 1 +
arch/x86/kvm/cpuid.c | 12 ++-
arch/x86/kvm/cpuid.h | 1 -
arch/x86/kvm/emulate.c | 15 +--
arch/x86/kvm/kvm_cache_regs.h | 17 +++
arch/x86/kvm/kvm_emulate.h | 5 +
arch/x86/kvm/lapic.c | 39 ++++++-
arch/x86/kvm/lapic.h | 11 +-
arch/x86/kvm/mmu.h | 1 +
arch/x86/kvm/mmu/mmu.c | 2 +-
arch/x86/kvm/mtrr.c | 1 +
arch/x86/kvm/svm/svm.c | 5 +-
arch/x86/kvm/vmx/hyperv.c | 1 +
arch/x86/kvm/vmx/main.c | 1 +
arch/x86/kvm/vmx/nested.c | 35 +++---
arch/x86/kvm/vmx/pmu_intel.c | 2 +-
arch/x86/kvm/vmx/sgx.c | 5 +-
arch/x86/kvm/vmx/vmx.c | 38 ++++---
arch/x86/kvm/vmx/vmx.h | 1 +
arch/x86/kvm/x86.c | 120 ++++++++++-----------
arch/x86/kvm/x86.h | 48 ++++++++-
tools/testing/selftests/kvm/Makefile | 2 +-
.../selftests/kvm/x86_64/feature_msrs_test.c | 113 +++++++++++++++++++
.../selftests/kvm/x86_64/get_msr_index_features.c | 35 ------
.../selftests/kvm/x86_64/platform_info_test.c | 2 -
.../selftests/kvm/x86_64/vmx_pmu_caps_test.c | 23 ++++
30 files changed, 419 insertions(+), 156 deletions(-)
create mode 100644 tools/testing/selftests/kvm/x86_64/feature_msrs_test.c
delete mode 100644 tools/testing/selftests/kvm/x86_64/get_msr_index_features.c
Powered by blists - more mailing lists