| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251219131131.52272-1-pbonzini@redhat.com>
Date: Fri, 19 Dec 2025 14:11:31 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: torvalds@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Subject: [GIT PULL] KVM changes for Linux 6.19-rc2
Linus,
The following changes since commit ea1013c1539270e372fc99854bc6e4d94eaeff66:
Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf (2025-12-17 15:54:58 +1200)
are available in the Git repository at:
https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus
for you to fetch changes up to 0499add8efd72456514c6218c062911ccc922a99:
Merge tag 'kvm-x86-fixes-6.19-rc1' of https://github.com/kvm-x86/linux into HEAD (2025-12-18 18:38:45 +0100)
----------------------------------------------------------------
x86 fixes. Everyone else is already in holiday mood apparently.
- Add a missing "break" to fix param parsing in the rseq selftest.
- Apply runtime updates to the _current_ CPUID when userspace is setting
CPUID, e.g. as part of vCPU hotplug, to fix a false positive and to avoid
dropping the pending update.
- Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot, as it's not
supported by KVM and leads to a use-after-free due to KVM failing to unbind
the memslot from the previously-associated guest_memfd instance.
- Harden against similar KVM_MEM_GUEST_MEMFD goofs, and prepare for supporting
flags-only changes on KVM_MEM_GUEST_MEMFD memlslots, e.g. for dirty logging.
- Set exit_code[63:32] to -1 (all 0xffs) when synthesizing a nested
SVM_EXIT_ERR (a.k.a. VMEXIT_INVALID) #VMEXIT, as VMEXIT_INVALID is defined
as -1ull (a 64-bit value).
- Update SVI when activating APICv to fix a bug where a post-activation EOI
for an in-service IRQ would effective be lost due to SVI being stale.
- Immediately refresh APICv controls (if necessary) on a nested VM-Exit
instead of deferring the update via KVM_REQ_APICV_UPDATE, as the request is
effectively ignored because KVM thinks the vCPU already has the correct
APICv settings.
----------------------------------------------------------------
Dongli Zhang (2):
KVM: VMX: Update SVI during runtime APICv activation
KVM: nVMX: Immediately refresh APICv controls as needed on nested VM-Exit
Gavin Shan (1):
KVM: selftests: Add missing "break" in rseq_test's param parsing
Paolo Bonzini (1):
Merge tag 'kvm-x86-fixes-6.19-rc1' of https://github.com/kvm-x86/linux into HEAD
Sean Christopherson (6):
KVM: x86: Apply runtime updates to current CPUID during KVM_SET_CPUID{,2}
KVM: selftests: Add a CPUID testcase for KVM_SET_CPUID2 with runtime updates
KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot
KVM: Harden and prepare for modifying existing guest_memfd memslots
KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits
KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN)
arch/x86/kvm/cpuid.c | 11 +++++++++--
arch/x86/kvm/svm/nested.c | 4 ++--
arch/x86/kvm/svm/svm.c | 2 ++
arch/x86/kvm/svm/svm.h | 7 ++++---
arch/x86/kvm/vmx/nested.c | 3 ++-
arch/x86/kvm/vmx/vmx.c | 9 ---------
arch/x86/kvm/x86.c | 7 +++++++
tools/testing/selftests/kvm/rseq_test.c | 1 +
tools/testing/selftests/kvm/x86/cpuid_test.c | 15 +++++++++++++++
virt/kvm/kvm_main.c | 17 ++++++++++++++++-
10 files changed, 58 insertions(+), 18 deletions(-)
Powered by blists - more mailing lists