| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250927060910.2933942-9-seanjc@google.com>
Date: Fri, 26 Sep 2025 23:09:08 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Sean Christopherson <seanjc@...gle.com>
Subject: [GIT PULL] KVM: x86: Misc changes for 6.18
Lots and lots (and lots) of prep work for CET and FRED virtualization, and for
mediated vPMU support (about 1/3 of that series is in here, as it didn't make
the cut this time around, and the cleanups are worthwhile on their own).
Buried in here is also support for immediate forms of RDMSR/WRMSRNS, and
fastpath exit handling for TSC_DEADLINE writes on AMD.
The following changes since commit c17b750b3ad9f45f2b6f7e6f7f4679844244f0b9:
Linux 6.17-rc2 (2025-08-17 15:22:10 -0700)
are available in the Git repository at:
https://github.com/kvm-x86/linux.git tags/kvm-x86-misc-6.18
for you to fetch changes up to 86bcd23df9cec9c2df520ae0982033e301d3c184:
KVM: x86: Fix hypercalls docs section number order (2025-09-22 07:51:36 -0700)
----------------------------------------------------------------
KVM x86 changes for 6.18
- Don't (re)check L1 intercepts when completing userspace I/O to fix a flaw
where a misbehaving usersepace (a.k.a. syzkaller) could swizzle L1's
intercepts and trigger a variety of WARNs in KVM.
- Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 guests, as the MSR is
supposed to exist for v2 PMUs.
- Allow Centaur CPU leaves (base 0xC000_0000) for Zhaoxin CPUs.
- Clean up KVM's vector hashing code for delivering lowest priority IRQs.
- Clean up the fastpath handler code to only handle IPIs and WRMSRs that are
actually "fast", as opposed to handling those that KVM _hopes_ are fast, and
in the process of doing so add fastpath support for TSC_DEADLINE writes on
AMD CPUs.
- Clean up a pile of PMU code in anticipation of adding support for mediated
vPMUs.
- Add support for the immediate forms of RDMSR and WRMSRNS, sans full
emulator support (KVM should never need to emulate the MSRs outside of
forced emulation and other contrived testing scenarios).
- Clean up the MSR APIs in preparation for CET and FRED virtualization, as
well as mediated vPMU support.
- Rejecting a fully in-kernel IRQCHIP if EOIs are protected, i.e. for TDX VMs,
as KVM can't faithfully emulate an I/O APIC for such guests.
- KVM_REQ_MSR_FILTER_CHANGED into a generic RECALC_INTERCEPTS in preparation
for mediated vPMU support, as KVM will need to recalculate MSR intercepts in
response to PMU refreshes for guests with mediated vPMUs.
- Misc cleanups and minor fixes.
----------------------------------------------------------------
Bagas Sanjaya (1):
KVM: x86: Fix hypercalls docs section number order
Chao Gao (1):
KVM: x86: Zero XSTATE components on INIT by iterating over supported features
Dapeng Mi (5):
KVM: x86/pmu: Correct typo "_COUTNERS" to "_COUNTERS"
KVM: x86: Rename vmx_vmentry/vmexit_ctrl() helpers
KVM: x86/pmu: Move PMU_CAP_{FW_WRITES,LBR_FMT} into msr-index.h header
KVM: VMX: Add helpers to toggle/change a bit in VMCS execution controls
KVM: x86/pmu: Use BIT_ULL() instead of open coded equivalents
Ewan Hai (1):
KVM: x86: allow CPUID 0xC000_0000 to proceed on Zhaoxin CPUs
Jiaming Zhang (1):
Documentation: KVM: Call out that KVM strictly follows the 8254 PIT spec
Liao Yuanhong (2):
KVM: x86: Use guard() instead of mutex_lock() to simplify code
KVM: x86: hyper-v: Use guard() instead of mutex_lock() to simplify code
Sagi Shahar (1):
KVM: TDX: Reject fully in-kernel irqchip if EOIs are protected, i.e. for TDX VMs
Sean Christopherson (34):
KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O
KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2
KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid
KVM: x86: Add kvm_icr_to_lapic_irq() helper to allow for fastpath IPIs
KVM: x86: Only allow "fast" IPIs in fastpath WRMSR(X2APIC_ICR) handler
KVM: x86: Drop semi-arbitrary restrictions on IPI type in fastpath
KVM: x86: Unconditionally handle MSR_IA32_TSC_DEADLINE in fastpath exits
KVM: x86: Acquire SRCU in WRMSR fastpath iff instruction needs to be skipped
KVM: x86: Unconditionally grab data from EDX:EAX in WRMSR fastpath
KVM: x86: Fold WRMSR fastpath helpers into the main handler
KVM: x86/pmu: Move kvm_init_pmu_capability() to pmu.c
KVM: x86/pmu: Add wrappers for counting emulated instructions/branches
KVM: x86/pmu: Calculate set of to-be-emulated PMCs at time of WRMSRs
KVM: x86/pmu: Rename pmc_speculative_in_use() to pmc_is_locally_enabled()
KVM: x86/pmu: Open code pmc_event_is_allowed() in its callers
KVM: x86/pmu: Drop redundant check on PMC being globally enabled for emulation
KVM: x86/pmu: Drop redundant check on PMC being locally enabled for emulation
KVM: x86/pmu: Rename check_pmu_event_filter() to pmc_is_event_allowed()
KVM: x86: Push acquisition of SRCU in fastpath into kvm_pmu_trigger_event()
KVM: x86: Add a fastpath handler for INVD
KVM: x86: Rename local "ecx" variables to "msr" and "pmc" as appropriate
KVM: x86: Use double-underscore read/write MSR helpers as appropriate
KVM: x86: Manually clear MPX state only on INIT
KVM: x86: Move kvm_irq_delivery_to_apic() from irq.c to lapic.c
KVM: x86: Make "lowest priority" helpers local to lapic.c
KVM: x86: Move vector_hashing into lapic.c
KVM: VMX: Setup canonical VMCS config prior to kvm_x86_vendor_init()
KVM: SVM: Check pmu->version, not enable_pmu, when getting PMC MSRs
KVM: x86/pmu: Snapshot host (i.e. perf's) reported PMU capabilities
KVM: x86: Rework KVM_REQ_MSR_FILTER_CHANGED into a generic RECALC_INTERCEPTS
KVM: x86: Use KVM_REQ_RECALC_INTERCEPTS to react to CPUID updates
KVM: x86/pmu: Move initialization of valid PMCs bitmask to common x86
KVM: x86/pmu: Restrict GLOBAL_{CTRL,STATUS}, fixed PMCs, and PEBS to PMU v2+
KVM: x86: Don't treat ENTER and LEAVE as branches, because they aren't
Thomas Huth (1):
arch/x86/kvm/ioapic: Remove license boilerplate with bad FSF address
Xin Li (5):
x86/cpufeatures: Add a CPU feature bit for MSR immediate form instructions
KVM: x86: Rename handle_fastpath_set_msr_irqoff() to handle_fastpath_wrmsr()
KVM: x86: Add support for RDMSR/WRMSRNS w/ immediate on Intel
KVM: VMX: Support the immediate form of WRMSRNS in the VM-Exit fastpath
KVM: x86: Advertise support for the immediate form of MSR instructions
Yang Weijiang (2):
KVM: x86: Rename kvm_{g,s}et_msr()* to show that they emulate guest accesses
KVM: x86: Add kvm_msr_{read,write}() helpers
Yury Norov (1):
kvm: x86: simplify kvm_vector_to_index()
Documentation/virt/kvm/api.rst | 6 +
Documentation/virt/kvm/x86/hypercalls.rst | 6 +-
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/kvm-x86-ops.h | 2 +-
arch/x86/include/asm/kvm_host.h | 31 +-
arch/x86/include/asm/msr-index.h | 16 +-
arch/x86/include/uapi/asm/vmx.h | 6 +-
arch/x86/kernel/cpu/scattered.c | 1 +
arch/x86/kvm/cpuid.c | 13 +-
arch/x86/kvm/emulate.c | 13 +-
arch/x86/kvm/hyperv.c | 12 +-
arch/x86/kvm/ioapic.c | 15 +-
arch/x86/kvm/irq.c | 57 ----
arch/x86/kvm/irq.h | 4 -
arch/x86/kvm/kvm_emulate.h | 3 +-
arch/x86/kvm/lapic.c | 169 ++++++++---
arch/x86/kvm/lapic.h | 15 +-
arch/x86/kvm/pmu.c | 169 +++++++++--
arch/x86/kvm/pmu.h | 60 +---
arch/x86/kvm/reverse_cpuid.h | 5 +
arch/x86/kvm/smm.c | 4 +-
arch/x86/kvm/svm/pmu.c | 8 +-
arch/x86/kvm/svm/svm.c | 30 +-
arch/x86/kvm/vmx/capabilities.h | 3 -
arch/x86/kvm/vmx/main.c | 14 +-
arch/x86/kvm/vmx/nested.c | 29 +-
arch/x86/kvm/vmx/pmu_intel.c | 85 +++---
arch/x86/kvm/vmx/tdx.c | 5 +
arch/x86/kvm/vmx/vmx.c | 91 ++++--
arch/x86/kvm/vmx/vmx.h | 13 +
arch/x86/kvm/vmx/x86_ops.h | 2 +-
arch/x86/kvm/x86.c | 334 ++++++++++++---------
arch/x86/kvm/x86.h | 5 +-
.../testing/selftests/kvm/x86/pmu_counters_test.c | 8 +-
34 files changed, 715 insertions(+), 520 deletions(-)
Powered by blists - more mailing lists