| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251017213210.339764-1-seanjc@google.com>
Date: Fri, 17 Oct 2025 14:32:10 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Sean Christopherson <seanjc@...gle.com>
Subject: [GIT PULL] KVM: guest_memd fixes+tests and a PMU fix for 6.18
Proactively add a guest_memfd flag, INIT_SHARED, to head off a lurking ABI
collision that will necessitate a new flag at some point. Without INIT_SHARED,
we'll likely end up with x86 CoCo VMs initializing memory to PRIVATE by default,
SHARED if MMAP, and PRIVATE if INIT_PRIVATE (the potential new flag we're
trying to avoid).
Allow mmap() on x86 CoCo VMs, i.e. on private memory, to try and detect any
other lurking ABI issues.
In addition to the guest_memfd fixes/cleanups, fix a PMU goof where KVM calls
into perf on a hybrid CPU and gets yelled at. There's no functional issue, but
the WARN is obviously less than ideal.
The following changes since commit 6b36119b94d0b2bb8cea9d512017efafd461d6ac:
KVM: x86: Export KVM-internal symbols for sub-modules only (2025-09-30 13:40:02 -0400)
are available in the Git repository at:
https://github.com/kvm-x86/linux.git tags/kvm-x86-fixes-6.18-rc2
for you to fetch changes up to 505f5224b197b77169c977e747cbc18b222f85f9:
KVM: selftests: Verify that reads to inaccessible guest_memfd VMAs SIGBUS (2025-10-10 14:25:30 -0700)
----------------------------------------------------------------
KVM x86 fixes for 6.18:
- Expand the KVM_PRE_FAULT_MEMORY selftest to add a regression test for the
bug fixed by commit 3ccbf6f47098 ("KVM: x86/mmu: Return -EAGAIN if userspace
deletes/moves memslot during prefault")
- Don't try to get PMU capabbilities from perf when running a CPU with hybrid
CPUs/PMUs, as perf will rightly WARN.
- Rework KVM_CAP_GUEST_MEMFD_MMAP (newly introduced in 6.18) into a more
generic KVM_CAP_GUEST_MEMFD_FLAGS
- Add a guest_memfd INIT_SHARED flag and require userspace to explicitly set
said flag to initialize memory as SHARED, irrespective of MMAP. The
behavior merged in 6.18 is that enabling mmap() implicitly initializes
memory as SHARED, which would result in an ABI collision for x86 CoCo VMs
as their memory is currently always initialized PRIVATE.
- Allow mmap() on guest_memfd for x86 CoCo VMs, i.e. on VMs with private
memory, to enable testing such setups, i.e. to hopefully flush out any
other lurking ABI issues before 6.18 is officially released.
- Add testcases to the guest_memfd selftest to cover guest_memfd without MMAP,
and host userspace accesses to mmap()'d private memory.
----------------------------------------------------------------
Ackerley Tng (1):
KVM: selftests: Add test coverage for guest_memfd without GUEST_MEMFD_FLAG_MMAP
Dapeng Mi (1):
KVM: x86/pmu: Don't try to get perf capabilities for hybrid CPUs
Sean Christopherson (12):
KVM: Rework KVM_CAP_GUEST_MEMFD_MMAP into KVM_CAP_GUEST_MEMFD_FLAGS
KVM: guest_memfd: Add INIT_SHARED flag, reject user page faults if not set
KVM: guest_memfd: Invalidate SHARED GPAs if gmem supports INIT_SHARED
KVM: Explicitly mark KVM_GUEST_MEMFD as depending on KVM_GENERIC_MMU_NOTIFIER
KVM: guest_memfd: Allow mmap() on guest_memfd for x86 VMs with private memory
KVM: selftests: Stash the host page size in a global in the guest_memfd test
KVM: selftests: Create a new guest_memfd for each testcase
KVM: selftests: Add wrappers for mmap() and munmap() to assert success
KVM: selftests: Isolate the guest_memfd Copy-on-Write negative testcase
KVM: selftests: Add wrapper macro to handle and assert on expected SIGBUS
KVM: selftests: Verify that faulting in private guest_memfd memory fails
KVM: selftests: Verify that reads to inaccessible guest_memfd VMAs SIGBUS
Yan Zhao (1):
KVM: selftests: Test prefault memory during concurrent memslot removal
Documentation/virt/kvm/api.rst | 15 ++++++++--
arch/x86/kvm/pmu.c | 8 ++++--
arch/x86/kvm/x86.c | 7 +++--
include/linux/kvm_host.h | 12 +++++++-
include/uapi/linux/kvm.h | 5 ++--
tools/testing/selftests/kvm/guest_memfd_test.c | 175 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------
tools/testing/selftests/kvm/include/kvm_util.h | 25 ++++++++++++++++
tools/testing/selftests/kvm/include/test_util.h | 19 +++++++++++++
tools/testing/selftests/kvm/lib/kvm_util.c | 44 ++++++++++------------------
tools/testing/selftests/kvm/lib/test_util.c | 7 +++++
tools/testing/selftests/kvm/mmu_stress_test.c | 5 ++--
tools/testing/selftests/kvm/pre_fault_memory_test.c | 131 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------
tools/testing/selftests/kvm/s390/ucontrol_test.c | 16 +++++------
tools/testing/selftests/kvm/set_memory_region_test.c | 17 ++++++-----
virt/kvm/Kconfig | 1 +
virt/kvm/guest_memfd.c | 75 +++++++++++++++++++++++++++++++-----------------
virt/kvm/kvm_main.c | 4 +--
17 files changed, 378 insertions(+), 188 deletions(-)
Powered by blists - more mailing lists