lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250511112225.47328-1-pbonzini@redhat.com>
Date: Sun, 11 May 2025 13:22:23 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: torvalds@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org,
	kvm@...r.kernel.org
Subject: [GIT PULL] KVM changes for Linux 6.15-rc6

Linus,

The following changes since commit 92a09c47464d040866cf2b4cd052bc60555185fb:

  Linux 6.15-rc5 (2025-05-04 13:55:04 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus

for you to fetch changes up to add20321af2f882ad18716a2fb7b2ce861963f76:

  Merge tag 'kvm-x86-fixes-6.15-rcN' of https://github.com/kvm-x86/linux into HEAD (2025-05-10 11:11:06 -0400)

----------------------------------------------------------------
ARM:

* Avoid use of uninitialized memcache pointer in user_mem_abort()

* Always set HCR_EL2.xMO bits when running in VHE, allowing interrupts
  to be taken while TGE=0 and fixing an ugly bug on AmpereOne that
  occurs when taking an interrupt while clearing the xMO bits
  (AC03_CPU_36)

* Prevent VMMs from hiding support for AArch64 at any EL virtualized by
  KVM

* Save/restore the host value for HCRX_EL2 instead of restoring an
  incorrect fixed value

* Make host_stage2_set_owner_locked() check that the entire requested
  range is memory rather than just the first page

RISC-V:

* Add missing reset of smstateen CSRs

x86:

* Forcibly leave SMM on SHUTDOWN interception on AMD CPUs to avoid causing
  problems due to KVM stuffing INIT on SHUTDOWN (KVM needs to sanitize the
  VMCB as its state is undefined after SHUTDOWN, emulating INIT is the
  least awful choice).

* Track the valid sync/dirty fields in kvm_run as a u64 to ensure KVM
  KVM doesn't goof a sanity check in the future.

* Free obsolete roots when (re)loading the MMU to fix a bug where
  pre-faulting memory can get stuck due to always encountering a stale
  root.

* When dumping GHCB state, use KVM's snapshot instead of the raw GHCB page
  to print state, so that KVM doesn't print stale/wrong information.

* When changing memory attributes (e.g. shared <=> private), add potential
  hugepage ranges to the mmu_invalidate_range_{start,end} set so that KVM
  doesn't create a shared/private hugepage when the the corresponding
  attributes will become mixed (the attributes are commited *after* KVM
  finishes the invalidation).

* Rework the SRSO mitigation to enable BP_SPEC_REDUCE only when KVM has at
  least one active VM.  Effectively BP_SPEC_REDUCE when KVM is loaded led
  to very measurable performance regressions for non-KVM workloads.

----------------------------------------------------------------
Dan Carpenter (1):
      KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run()

Marc Zyngier (5):
      KVM: arm64: Force HCR_EL2.xMO to 1 at all times in VHE mode
      KVM: arm64: Prevent userspace from disabling AArch64 support at any virtualisable EL
      KVM: arm64: selftest: Don't try to disable AArch64 support
      KVM: arm64: Properly save/restore HCRX_EL2
      KVM: arm64: Kill HCRX_HOST_FLAGS

Mikhail Lobanov (1):
      KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception

Mostafa Saleh (1):
      KVM: arm64: Fix memory check in host_stage2_set_owner_locked()

Paolo Bonzini (3):
      Merge tag 'kvm-riscv-fixes-6.15-1' of https://github.com/kvm-riscv/linux into HEAD
      Merge tag 'kvmarm-fixes-6.15-3' of https://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
      Merge tag 'kvm-x86-fixes-6.15-rcN' of https://github.com/kvm-x86/linux into HEAD

Radim Krčmář (1):
      KVM: RISC-V: reset smstateen CSRs

Sean Christopherson (2):
      KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing
      KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions

Sebastian Ott (1):
      KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort()

Tom Lendacky (1):
      KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields

Yan Zhao (1):
      KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload()

 arch/arm64/include/asm/el2_setup.h              |  2 +-
 arch/arm64/include/asm/kvm_arm.h                |  3 +-
 arch/arm64/kvm/hyp/include/hyp/switch.h         | 13 ++--
 arch/arm64/kvm/hyp/nvhe/mem_protect.c           |  2 +-
 arch/arm64/kvm/hyp/vgic-v3-sr.c                 | 36 +++++-----
 arch/arm64/kvm/mmu.c                            | 13 ++--
 arch/arm64/kvm/sys_regs.c                       |  6 ++
 arch/riscv/kvm/vcpu.c                           |  2 +
 arch/x86/kvm/mmu.h                              |  3 +
 arch/x86/kvm/mmu/mmu.c                          | 90 ++++++++++++++++++-------
 arch/x86/kvm/smm.c                              |  1 +
 arch/x86/kvm/svm/sev.c                          | 32 +++++----
 arch/x86/kvm/svm/svm.c                          | 75 +++++++++++++++++++--
 arch/x86/kvm/svm/svm.h                          |  2 +
 arch/x86/kvm/x86.c                              |  4 +-
 tools/testing/selftests/kvm/arm64/set_id_regs.c |  8 +--
 16 files changed, 210 insertions(+), 82 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ