| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABgObfYKWku7=i8b3FE=dRseQrsGbS6pPc_kC+S4Yxv90M1VTA@mail.gmail.com>
Date: Tue, 30 Sep 2025 19:41:13 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] KVM: Symbol export restrictions for 6.18
On Sat, Sep 27, 2025 at 8:09 AM Sean Christopherson <seanjc@...gle.com> wrote:
>
> Note! If possible, and you're feeling generous, please merge this dead last
> and manually convert any new KVM exports to EXPORT_SYMBOL_FOR_KVM_INTERNAL so
> that there are no unwanted exports.
>
> Three new exports are coming in via other kvm-x86 pull requests; I've been
> "fixing" them as part of the merge into kvm-x86/next (see diff below), so those
> at least have gotten coverage in -next.
>
> Note #2, this is based on the "misc" branch/pull, but includes a backmerge of
> v6.17-rc3. I posted the patches against kvm-x86/next to avoid an annoying
> conflict (which I can't even remember at this point), and then didn't realize
> I needed v6.17-rc3 to pick up the EXPORT_SYMBOL_GPL_FOR_MODULES =>
> EXPORT_SYMBOL_FOR_MODULES rename that snuck in until the 0-day bot yelled
> because the branch didn't compile (I only tested when merged on top of
> kvm/next, doh).
I've cherry picked instead of merging it, seems to be the simplest way
to clean up the backmerge.
Paolo
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index e96080cba540..3d4ec1806d3e 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -695,7 +695,7 @@ u64 kvm_get_user_return_msr(unsigned int slot)
> {
> return this_cpu_ptr(user_return_msrs)->values[slot].curr;
> }
> -EXPORT_SYMBOL_GPL(kvm_get_user_return_msr);
> +EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_get_user_return_msr);
>
> static void drop_user_return_notifiers(void)
> {
> @@ -1304,7 +1304,7 @@ int __kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
> vcpu->arch.cpuid_dynamic_bits_dirty = true;
> return 0;
> }
> -EXPORT_SYMBOL_GPL(__kvm_set_xcr);
> +EXPORT_SYMBOL_FOR_KVM_INTERNAL(__kvm_set_xcr);
>
> int kvm_emulate_xsetbv(struct kvm_vcpu *vcpu)
> {
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index b99eb34174af..83a1b4dbbbd8 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -2661,7 +2661,7 @@ struct kvm_memory_slot *kvm_vcpu_gfn_to_memslot(struct kvm_vcpu *vcpu, gfn_t gfn
>
> return NULL;
> }
> -EXPORT_SYMBOL_GPL(kvm_vcpu_gfn_to_memslot);
> +EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_vcpu_gfn_to_memslot);
>
> bool kvm_is_visible_gfn(struct kvm *kvm, gfn_t gfn)
> {
>
> The following changes since commit 1b237f190eb3d36f52dffe07a40b5eb210280e00:
>
> Linux 6.17-rc3 (2025-08-24 12:04:12 -0400)
>
> are available in the Git repository at:
>
> https://github.com/kvm-x86/linux.git tags/kvm-x86-exports-6.18
>
> for you to fetch changes up to aca2a0fa7796cf026a39a49ef9325755a9ead932:
>
> KVM: x86: Export KVM-internal symbols for sub-modules only (2025-09-24 07:01:30 -0700)
>
> ----------------------------------------------------------------
> KVM symbol export restrictions for 6.18
>
> Use the newfangled EXPORT_SYMBOL_FOR_MODULES() along with some macro
> shenanigans to export KVM-internal symbols if and only if KVM has one or
> more sub-modules, and only for those sub-modules, e.g. x86's kvm-amd.ko
> and/or kvm-intel.ko, and PPC's many varieties of sub-modules.
>
> Define the macros in the kvm_types.h so that the core logic is visible outside
> of KVM, so that the logic can be reused in the future to further restrict
> kernel exports that exist purely for KVM (x86 in particular has a _lot_ of
> exports that are used only by KVM).
>
> ----------------------------------------------------------------
> Sean Christopherson (6):
> Merge 'v6.17-rc3' into 'exports' to EXPORT_SYMBOL_FOR_MODULES rename
> KVM: s390/vfio-ap: Use kvm_is_gpa_in_memslot() instead of open coded equivalent
> KVM: Export KVM-internal symbols for sub-modules only
> KVM: x86: Move kvm_intr_is_single_vcpu() to lapic.c
> KVM: x86: Drop pointless exports of kvm_arch_xxx() hooks
> KVM: x86: Export KVM-internal symbols for sub-modules only
>
> arch/powerpc/include/asm/Kbuild | 1 -
> arch/powerpc/include/asm/kvm_types.h | 15 +++++++++
> arch/s390/include/asm/kvm_host.h | 2 ++
> arch/s390/kvm/priv.c | 8 +++++
> arch/x86/include/asm/kvm_host.h | 3 --
> arch/x86/include/asm/kvm_types.h | 10 ++++++
> arch/x86/kvm/cpuid.c | 10 +++---
> arch/x86/kvm/hyperv.c | 4 +--
> arch/x86/kvm/irq.c | 34 ++------------------
> arch/x86/kvm/kvm_onhyperv.c | 6 ++--
> arch/x86/kvm/lapic.c | 71 +++++++++++++++++++++++++++++-------------
> arch/x86/kvm/lapic.h | 4 +--
> arch/x86/kvm/mmu/mmu.c | 36 ++++++++++-----------
> arch/x86/kvm/mmu/spte.c | 10 +++---
> arch/x86/kvm/mmu/tdp_mmu.c | 2 +-
> arch/x86/kvm/pmu.c | 10 +++---
> arch/x86/kvm/smm.c | 2 +-
> arch/x86/kvm/x86.c | 219 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------------------------------------------------------------
> drivers/s390/crypto/vfio_ap_ops.c | 2 +-
> include/linux/kvm_types.h | 25 ++++++++++-----
> virt/kvm/eventfd.c | 2 +-
> virt/kvm/guest_memfd.c | 4 +--
> virt/kvm/kvm_main.c | 126 +++++++++++++++++++++++++++++++++++++-------------------------------------
> 23 files changed, 323 insertions(+), 283 deletions(-)
> create mode 100644 arch/powerpc/include/asm/kvm_types.h
>
Powered by blists - more mailing lists