| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABgObfbvYC9mGL8x1JSQwmq7BT9j7gwf11nmHsumOumd4P0abg@mail.gmail.com> Date: Wed, 26 Nov 2025 09:50:04 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Sean Christopherson <seanjc@...gle.com> Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [GIT PULL] KVM: x86: VMX changes for 6.19 On Wed, Nov 26, 2025 at 2:45 AM Sean Christopherson <seanjc@...gle.com> wrote: > > The highlight is EPTP construction cleanup that's worthwhile on its own, but > is also a step toward eliding the EPT flushes that KVM does on pCPU migration, > which are especially costly when running nested: > > https://lore.kernel.org/all/aJKW9gTeyh0-pvcg@google.com > > The following changes since commit 3a8660878839faadb4f1a6dd72c3179c1df56787: > > Linux 6.18-rc1 (2025-10-12 13:42:36 -0700) > > are available in the Git repository at: > > https://github.com/kvm-x86/linux.git tags/kvm-x86-vmx-6.19 > > for you to fetch changes up to dfd1572a64c90770a2bddfab9bbb69932217b1da: > > KVM: VMX: Make loaded_vmcs_clear() static in vmx.c (2025-11-11 07:41:16 -0800) Pulled; there was another minor conflict due to the introduction of kvm_request_l1tf_flush_l1d(). Paolo > ---------------------------------------------------------------- > KVM VMX changes for 6.19: > > - Use the root role from kvm_mmu_page to construct EPTPs instead of the > current vCPU state, partly as worthwhile cleanup, but mostly to pave the > way for tracking per-root TLB flushes so that KVM can elide EPT flushes on > pCPU migration if KVM has flushed the root at least once. > > - Add a few missing nested consistency checks. > > - Rip out support for doing "early" consistency checks via hardware as the > functionality hasn't been used in years and is no longer useful in general, > and replace it with an off-by-default module param to detected missed > consistency checks (i.e. WARN if hardware finds a check that KVM does not). > > - Fix a currently-benign bug where KVM would drop the guest's SPEC_CTRL[63:32] > on VM-Enter. > > - Misc cleanups. > > ---------------------------------------------------------------- > Dmytro Maluka (1): > KVM: VMX: Remove stale vmx_set_dr6() declaration > > Sean Christopherson (10): > KVM: VMX: Hoist construct_eptp() "up" in vmx.c > KVM: nVMX: Hardcode dummy EPTP used for early nested consistency checks > KVM: x86/mmu: Move "dummy root" helpers to spte.h > KVM: VMX: Use kvm_mmu_page role to construct EPTP, not current vCPU state > KVM: nVMX: Add consistency check for TPR_THRESHOLD[31:4]!=0 without VID > KVM: nVMX: Add consistency check for TSC_MULTIPLIER=0 > KVM: nVMX: Stuff vmcs02.TSC_MULTIPLIER early on for nested early checks > KVM: nVMX: Remove support for "early" consistency checks via hardware > KVM: nVMX: Add an off-by-default module param to WARN on missed consistency checks > KVM: VMX: Make loaded_vmcs_clear() static in vmx.c > > Thorsten Blum (1): > KVM: TDX: Replace kmalloc + copy_from_user with memdup_user in tdx_td_init() > > Uros Bizjak (1): > KVM: VMX: Ensure guest's SPEC_CTRL[63:32] is loaded on VM-Enter > > Xin Li (1): > KVM: nVMX: Use vcpu instead of vmx->vcpu when vcpu is available > > arch/x86/kvm/mmu/mmu_internal.h | 10 --- > arch/x86/kvm/mmu/spte.h | 10 +++ > arch/x86/kvm/vmx/nested.c | 173 ++++++++++++++-------------------------- > arch/x86/kvm/vmx/tdx.c | 30 +++---- > arch/x86/kvm/vmx/vmenter.S | 20 +++-- > arch/x86/kvm/vmx/vmx.c | 59 +++++++++----- > arch/x86/kvm/vmx/vmx.h | 2 - > arch/x86/kvm/vmx/x86_ops.h | 1 - > 8 files changed, 135 insertions(+), 170 deletions(-) >
Powered by blists - more mailing lists