| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aVxi32EbgNwMVsK-@google.com> Date: Mon, 5 Jan 2026 17:18:23 -0800 From: Sean Christopherson <seanjc@...gle.com> To: Paolo Bonzini <pbonzini@...hat.com> Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org, x86@...nel.org Subject: Re: [PATCH v2 0/4] x86, fpu/kvm: fix crash with AMX On Thu, Jan 01, 2026, Paolo Bonzini wrote: > Fix a possible host panic, due to an unexpected #NM, when a KVM guest > is using AMX features. > > The guest's XFD value, which is stored in fpstate->xfd, is used for both > guest execution and host XSAVE operations. However, the guest-configured > XFD setting can disable features that were enabled when the guest executed > XSAVE, and this causes a #NM when executing XRSTOR on the guest FPU state. > > This can happen in two cases: due to a KVM_SET_XSAVE that includes a > disabled component, or if an interrupt causes XSAVE to be executed > before the call to fpu_update_guest_xfd(). > > The first patch fixes both cases, the rest is improvements to selftests > in order to cover this test and also verify that #NM faults are injected > corectly. > > v1 had extra patches to export higher-level functions for KVM in place > of switch_fpu_return() and fpregs_assert_state_consistent(). Those > were part of refactoring how KVM loaded guest state when KVM_RUN is > issued, but are not needed anymore with this v2 fix and I will submit > them separately. > > Tested on a Sapphire Rapids machine, reviews and acks are welcome so > that I can submit it to Linus via the KVM tree. Tested on EMR with with my simulated IRQ hack. Other than ongoing complaints about the prints in the selftest, LGTM :-)
Powered by blists - more mailing lists