| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250725220713.264711-7-seanjc@google.com>
Date: Fri, 25 Jul 2025 15:07:06 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Sean Christopherson <seanjc@...gle.com>
Subject: [GIT PULL] KVM: x86: MMIO State Data mitigation changes for 6.17
Rework the MMIO Stale Data mitigation to apply to all VMs that can access host
MMIO, not just VMs that are associated with a VFIO group.
My motivation for this series is all about killing off assigned_device_count
(spoiler alert), I honestly have no idea if there are any real world setups
that are affected by this change.
You should see a trivial conflict with Linus' tree (commit f9af88a3d384
("x86/bugs: Rename MDS machinery to something more generic")). As usual,
Stephen's resolution[*] is correct:
diff --cc arch/x86/kvm/vmx/vmx.c
index 191a9ed0da22,65949882afa9..47019c9af671
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@@ -7290,8 -7210,8 +7210,8 @@@ static noinstr void vmx_vcpu_enter_exit
if (static_branch_unlikely(&vmx_l1d_should_flush))
vmx_l1d_flush(vcpu);
else if (static_branch_unlikely(&cpu_buf_vm_clear) &&
- kvm_arch_has_assigned_device(vcpu->kvm))
+ (flags & VMX_RUN_CLEAR_CPU_BUFFERS_FOR_MMIO))
- mds_clear_cpu_buffers();
+ x86_clear_cpu_buffers();
vmx_disable_fb_clear(vmx);
[*] https://lore.kernel.org/all/20250709171115.7556c98c@canb.auug.org.au
The following changes since commit 28224ef02b56fceee2c161fe2a49a0bb197e44f5:
KVM: TDX: Report supported optional TDVMCALLs in TDX capabilities (2025-06-20 14:20:20 -0400)
are available in the Git repository at:
https://github.com/kvm-x86/linux.git tags/kvm-x86-mmio-6.17
for you to fetch changes up to 83ebe715748314331f9639de2220d02debfe926d:
KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (2025-06-25 08:42:51 -0700)
----------------------------------------------------------------
KVM MMIO Stale Data mitigation cleanup for 6.17
Rework KVM's mitigation for the MMIO State Data vulnerability to track
whether or not a vCPU has access to (host) MMIO based on the MMU that will be
used when running in the guest. The current approach doesn't actually detect
whether or not a guest has access to MMIO, and is prone to false negatives (and
to a lesser extent, false positives), as KVM_DEV_VFIO_FILE_ADD is optional, and
obviously only covers VFIO devices.
----------------------------------------------------------------
Sean Christopherson (3):
KVM: x86: Avoid calling kvm_is_mmio_pfn() when kvm_x86_ops.get_mt_mask is NULL
KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE
KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/mmu/mmu_internal.h | 3 +++
arch/x86/kvm/mmu/spte.c | 43 ++++++++++++++++++++++++++++++++++++++---
arch/x86/kvm/mmu/spte.h | 10 ++++++++++
arch/x86/kvm/vmx/run_flags.h | 10 ++++++----
arch/x86/kvm/vmx/vmx.c | 8 +++++++-
6 files changed, 67 insertions(+), 8 deletions(-)
Powered by blists - more mailing lists