lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250815001205.2370711-1-seanjc@google.com>
Date: Thu, 14 Aug 2025 17:11:44 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: stable@...r.kernel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, 
	Sasha Levin <sashal@...nel.org>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Paolo Bonzini <pbonzini@...hat.com>
Subject: [PATCH 6.1.y 00/21] KVM: x86: Backports for 6.1.y

This is a collection of backports for patches that were Cc'd to stable,
but failed to apply, along with their dependencies.

Note, Sasha already posted[1][2] these (and I acked them):

  KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
  KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs
  KVM: VMX: Extract checking of guest's DEBUGCTL into helper
  KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
  KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs

I'm including them here to hopefully make life easier for y'all, and because
the order they are presented here is the preferred ordering, i.e. should be
the same ordering as the original upstream patches.

But, if you end up grabbing Sasha's patches first, it's not a big deal as the
only true dependencies is that the DEBUGCTL.RTM_DEBUG patch needs to land
before "Check vmcs12->guest_ia32_debugctl on nested VM-Enter".

Many of the patches to get to the last patch (the DEBUGCTLMSR_FREEZE_IN_SMM
fix) are dependencies that arguably shouldn't be backported to LTS kernels.
I opted to do the backports because none of the patches are scary (if it was
1-3 dependency patches instead of 8 I wouldn't hesitate), and there's a decent
chance they'll be dependencies for future fixes.

[1] https://lore.kernel.org/all/20250813184918.2071296-1-sashal@kernel.org
[2] https://lore.kernel.org/all/20250814132434.2096873-1-sashal@kernel.org

Chao Gao (1):
  KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID

Maxim Levitsky (3):
  KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
  KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
  KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the
    guest

Sean Christopherson (17):
  KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI
    shadow
  KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC)
  KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
  KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
  KVM: x86: Snapshot the host's DEBUGCTL in common x86
  KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
  KVM: x86/pmu: Gate all "unimplemented MSR" prints on
    report_ignored_msrs
  KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
  KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer
    exits
  KVM: VMX: Handle forced exit due to preemption timer in fastpath
  KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
  KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
  KVM: x86: Fully defer to vendor code to decide how to force immediate
    exit
  KVM: x86: Convert vcpu_run()'s immediate exit param into a generic
    bitmap
  KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
  KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
  KVM: VMX: Extract checking of guest's DEBUGCTL into helper

 arch/x86/include/asm/kvm-x86-ops.h |   2 -
 arch/x86/include/asm/kvm_host.h    |  24 +++--
 arch/x86/include/asm/msr-index.h   |   1 +
 arch/x86/kvm/hyperv.c              |  10 +-
 arch/x86/kvm/lapic.c               |  61 ++++++++---
 arch/x86/kvm/lapic.h               |   1 +
 arch/x86/kvm/svm/svm.c             |  49 ++++++---
 arch/x86/kvm/svm/vmenter.S         |   9 +-
 arch/x86/kvm/trace.h               |   9 +-
 arch/x86/kvm/vmx/nested.c          |  26 ++++-
 arch/x86/kvm/vmx/pmu_intel.c       |   8 +-
 arch/x86/kvm/vmx/vmx.c             | 168 ++++++++++++++++++-----------
 arch/x86/kvm/vmx/vmx.h             |  31 +++++-
 arch/x86/kvm/x86.c                 |  65 ++++++-----
 arch/x86/kvm/x86.h                 |  12 +++
 15 files changed, 322 insertions(+), 154 deletions(-)


base-commit: 3594f306da129190de25938b823f353ef7f9e322
-- 
2.51.0.rc1.163.g2494970778-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ