lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CABgObfYpkzNO-4XoCpEdoWGx_a9GiBpg=YjE0Y48T6OpvtPVrA@mail.gmail.com>
Date: Tue, 30 Sep 2025 19:35:24 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] KVM: x86: SVM changes for 6.18

On Sat, Sep 27, 2025 at 8:09 AM Sean Christopherson <seanjc@...gle.com> wrote:
>
> The headliner here is to enable AVIC by deafult for Zen4+ if x2AVIC is
> supported.  The other highlight is support for Secure TSC (support for
> CiphertextHiding is coming in a separate pull request).
>
> The "lowlight" is a bug fix for an issue where KVM could clobber TSC_AUX if an
> SEV-ES+ vCPU runs on the same pCPU as a non-SEV-ES CPU.
>
> Regarding enabling AVIC by default, despite there still being at least one
> known wart (the IRQ window inhibit mess), I think AVIC is stable enough to
> enable by default.  More importantly, I think that getting it enabled in 6.18
> in particular, i.e. in the next LTS, will be a net positive in the sense that
> we'll hopefully get more "free" testing, and thus help fix any lurking bugs
> for the folks that are explicitly enabling AVIC.
>
> The following changes since commit c17b750b3ad9f45f2b6f7e6f7f4679844244f0b9:
>
>   Linux 6.17-rc2 (2025-08-17 15:22:10 -0700)

Pulled, thanks.

Paolo

> are available in the Git repository at:
>
>   https://github.com/kvm-x86/linux.git tags/kvm-x86-svm-6.18
>
> for you to fetch changes up to ca2967de5a5b098b43c5ad665672945ce7e7d4f7:
>
>   KVM: SVM: Enable AVIC by default for Zen4+ if x2AVIC is support (2025-09-23 08:56:49 -0700)
>
> ----------------------------------------------------------------
> KVM SVM changes for 6.18
>
>  - Require a minimum GHCB version of 2 when starting SEV-SNP guests via
>    KVM_SEV_INIT2 so that invalid GHCB versions result in immediate errors
>    instead of latent guest failures.
>
>  - Add support for Secure TSC for SEV-SNP guests, which prevents the untrusted
>    host from tampering with the guest's TSC frequency, while still allowing the
>    the VMM to configure the guest's TSC frequency prior to launch.
>
>  - Mitigate the potential for TOCTOU bugs when accessing GHCB fields by
>    wrapping all accesses via READ_ONCE().
>
>  - Validate the XCR0 provided by the guest (via the GHCB) to avoid tracking a
>    bogous XCR0 value in KVM's software model.
>
>  - Save an SEV guest's policy if and only if LAUNCH_START fully succeeds to
>    avoid leaving behind stale state (thankfully not consumed in KVM).
>
>  - Explicitly reject non-positive effective lengths during SNP's LAUNCH_UPDATE
>    instead of subtly relying on guest_memfd to do the "heavy" lifting.
>
>  - Reload the pre-VMRUN TSC_AUX on #VMEXIT for SEV-ES guests, not the host's
>    desired TSC_AUX, to fix a bug where KVM could clobber a different vCPU's
>    TSC_AUX due to hardware not matching the value cached in the user-return MSR
>    infrastructure.
>
>  - Enable AVIC by default for Zen4+ if x2AVIC (and other prereqs) is supported,
>    and clean up the AVIC initialization code along the way.
>
> ----------------------------------------------------------------
> Hou Wenlong (2):
>       KVM: x86: Add helper to retrieve current value of user return MSR
>       KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest
>
> Naveen N Rao (1):
>       KVM: SVM: Enable AVIC by default for Zen4+ if x2AVIC is support
>
> Nikunj A Dadhania (4):
>       KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it
>       KVM: SEV: Enforce minimum GHCB version requirement for SEV-SNP guests
>       x86/cpufeatures: Add SNP Secure TSC
>       KVM: SVM: Enable Secure TSC for SNP guests
>
> Sean Christopherson (15):
>       KVM: SVM: Move SEV-ES VMSA allocation to a dedicated sev_vcpu_create() helper
>       KVM: SEV: Move init of SNP guest state into sev_init_vmcb()
>       KVM: SEV: Set RESET GHCB MSR value during sev_es_init_vmcb()
>       KVM: SEV: Fold sev_es_vcpu_reset() into sev_vcpu_create()
>       KVM: SEV: Save the SEV policy if and only if LAUNCH_START succeeds
>       KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code()
>       KVM: SEV: Read save fields from GHCB exactly once
>       KVM: SEV: Validate XCR0 provided by guest in GHCB
>       KVM: SEV: Reject non-positive effective lengths during LAUNCH_UPDATE
>       KVM: SVM: Make svm_x86_ops globally visible, clean up on-HyperV usage
>       KVM: SVM: Move x2AVIC MSR interception helper to avic.c
>       KVM: SVM: Update "APICv in x2APIC without x2AVIC" in avic.c, not svm.c
>       KVM: SVM: Always print "AVIC enabled" separately, even when force enabled
>       KVM: SVM: Don't advise the user to do force_avic=y (when x2AVIC is detected)
>       KVM: SVM: Move global "avic" variable to avic.c
>
> Thorsten Blum (1):
>       KVM: nSVM: Replace kzalloc() + copy_from_user() with memdup_user()
>
>  arch/x86/include/asm/cpufeatures.h |   1 +
>  arch/x86/include/asm/kvm_host.h    |   2 +
>  arch/x86/include/asm/svm.h         |   1 +
>  arch/x86/kvm/svm/avic.c            | 151 ++++++++++++++++++++++++++++------
>  arch/x86/kvm/svm/nested.c          |  18 ++---
>  arch/x86/kvm/svm/sev.c             | 160 +++++++++++++++++++++++++------------
>  arch/x86/kvm/svm/svm.c             | 126 +++++------------------------
>  arch/x86/kvm/svm/svm.h             |  40 ++++++----
>  arch/x86/kvm/svm/svm_onhyperv.c    |  28 ++++++-
>  arch/x86/kvm/svm/svm_onhyperv.h    |  31 +------
>  arch/x86/kvm/x86.c                 |   9 ++-
>  virt/kvm/guest_memfd.c             |   3 +-
>  12 files changed, 323 insertions(+), 247 deletions(-)
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ