| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250927060910.2933942-11-seanjc@google.com>
Date: Fri, 26 Sep 2025 23:09:10 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Sean Christopherson <seanjc@...gle.com>
Subject: [GIT PULL] KVM: Symbol export restrictions for 6.18
Note! If possible, and you're feeling generous, please merge this dead last
and manually convert any new KVM exports to EXPORT_SYMBOL_FOR_KVM_INTERNAL so
that there are no unwanted exports.
Three new exports are coming in via other kvm-x86 pull requests; I've been
"fixing" them as part of the merge into kvm-x86/next (see diff below), so those
at least have gotten coverage in -next.
Note #2, this is based on the "misc" branch/pull, but includes a backmerge of
v6.17-rc3. I posted the patches against kvm-x86/next to avoid an annoying
conflict (which I can't even remember at this point), and then didn't realize
I needed v6.17-rc3 to pick up the EXPORT_SYMBOL_GPL_FOR_MODULES =>
EXPORT_SYMBOL_FOR_MODULES rename that snuck in until the 0-day bot yelled
because the branch didn't compile (I only tested when merged on top of
kvm/next, doh).
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e96080cba540..3d4ec1806d3e 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -695,7 +695,7 @@ u64 kvm_get_user_return_msr(unsigned int slot)
{
return this_cpu_ptr(user_return_msrs)->values[slot].curr;
}
-EXPORT_SYMBOL_GPL(kvm_get_user_return_msr);
+EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_get_user_return_msr);
static void drop_user_return_notifiers(void)
{
@@ -1304,7 +1304,7 @@ int __kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
vcpu->arch.cpuid_dynamic_bits_dirty = true;
return 0;
}
-EXPORT_SYMBOL_GPL(__kvm_set_xcr);
+EXPORT_SYMBOL_FOR_KVM_INTERNAL(__kvm_set_xcr);
int kvm_emulate_xsetbv(struct kvm_vcpu *vcpu)
{
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index b99eb34174af..83a1b4dbbbd8 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -2661,7 +2661,7 @@ struct kvm_memory_slot *kvm_vcpu_gfn_to_memslot(struct kvm_vcpu *vcpu, gfn_t gfn
return NULL;
}
-EXPORT_SYMBOL_GPL(kvm_vcpu_gfn_to_memslot);
+EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_vcpu_gfn_to_memslot);
bool kvm_is_visible_gfn(struct kvm *kvm, gfn_t gfn)
{
The following changes since commit 1b237f190eb3d36f52dffe07a40b5eb210280e00:
Linux 6.17-rc3 (2025-08-24 12:04:12 -0400)
are available in the Git repository at:
https://github.com/kvm-x86/linux.git tags/kvm-x86-exports-6.18
for you to fetch changes up to aca2a0fa7796cf026a39a49ef9325755a9ead932:
KVM: x86: Export KVM-internal symbols for sub-modules only (2025-09-24 07:01:30 -0700)
----------------------------------------------------------------
KVM symbol export restrictions for 6.18
Use the newfangled EXPORT_SYMBOL_FOR_MODULES() along with some macro
shenanigans to export KVM-internal symbols if and only if KVM has one or
more sub-modules, and only for those sub-modules, e.g. x86's kvm-amd.ko
and/or kvm-intel.ko, and PPC's many varieties of sub-modules.
Define the macros in the kvm_types.h so that the core logic is visible outside
of KVM, so that the logic can be reused in the future to further restrict
kernel exports that exist purely for KVM (x86 in particular has a _lot_ of
exports that are used only by KVM).
----------------------------------------------------------------
Sean Christopherson (6):
Merge 'v6.17-rc3' into 'exports' to EXPORT_SYMBOL_FOR_MODULES rename
KVM: s390/vfio-ap: Use kvm_is_gpa_in_memslot() instead of open coded equivalent
KVM: Export KVM-internal symbols for sub-modules only
KVM: x86: Move kvm_intr_is_single_vcpu() to lapic.c
KVM: x86: Drop pointless exports of kvm_arch_xxx() hooks
KVM: x86: Export KVM-internal symbols for sub-modules only
arch/powerpc/include/asm/Kbuild | 1 -
arch/powerpc/include/asm/kvm_types.h | 15 +++++++++
arch/s390/include/asm/kvm_host.h | 2 ++
arch/s390/kvm/priv.c | 8 +++++
arch/x86/include/asm/kvm_host.h | 3 --
arch/x86/include/asm/kvm_types.h | 10 ++++++
arch/x86/kvm/cpuid.c | 10 +++---
arch/x86/kvm/hyperv.c | 4 +--
arch/x86/kvm/irq.c | 34 ++------------------
arch/x86/kvm/kvm_onhyperv.c | 6 ++--
arch/x86/kvm/lapic.c | 71 +++++++++++++++++++++++++++++-------------
arch/x86/kvm/lapic.h | 4 +--
arch/x86/kvm/mmu/mmu.c | 36 ++++++++++-----------
arch/x86/kvm/mmu/spte.c | 10 +++---
arch/x86/kvm/mmu/tdp_mmu.c | 2 +-
arch/x86/kvm/pmu.c | 10 +++---
arch/x86/kvm/smm.c | 2 +-
arch/x86/kvm/x86.c | 219 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------------------------------------------------------------
drivers/s390/crypto/vfio_ap_ops.c | 2 +-
include/linux/kvm_types.h | 25 ++++++++++-----
virt/kvm/eventfd.c | 2 +-
virt/kvm/guest_memfd.c | 4 +--
virt/kvm/kvm_main.c | 126 +++++++++++++++++++++++++++++++++++++-------------------------------------
23 files changed, 323 insertions(+), 283 deletions(-)
create mode 100644 arch/powerpc/include/asm/kvm_types.h
Powered by blists - more mailing lists