lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260109034532.1012993-1-seanjc@google.com>
Date: Thu,  8 Jan 2026 19:45:24 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Chao Gao <chao.gao@...el.com>
Subject: [PATCH v4 0/8] KVM: VMX: Rip out "deferred nested VM-Exit updates"

v4 of what was "KVM: VMX: Fix APICv activation bugs", but the two bug fixes
were already merged and so that name doesn't fit.

Rip out the "defer updates until nested VM-Exit" that contributed to the
APICv bugs and made them harder to fix.

v4:
 - Collect reviews. [Chao]
 - Use the existing vmcall() in the selftest. [Chao]
 - Use GUEST_FAIL() instead of TEST_FAIL() in the guest. [Chao]
 - Correct the number of args passed to the guest in the test. [Chao]
 - Remove the redundant hwapic_isr_update() call in kvm_lapic_reset()
 - Use the local "vmx" variable in vmx_set_virtual_apic_mode(). [Chao]
 - Relocate the "update SVI" comment from __kvm_vcpu_update_apicv()
   to kvm_apic_update_apicv().

v3:
 - https://lore.kernel.org/all/20251205231913.441872-1-seanjc@google.com
 - Add a selftest.
 - Rip out the deferred updates stuff.
 - Collect Chao's review.
 - Add Dongli's fix for bug #2. [Chao]

v2:
 - https://lore.kernel.org/all/20251110063212.34902-1-dongli.zhang@oracle.com
 - Add support for guest mode (suggested by Chao Gao).
 - Add comments in the code (suggested by Chao Gao).
 - Remove WARN_ON_ONCE from vmx_hwapic_isr_update().
 - Edit commit message "AMD SVM APICv" to "AMD SVM AVIC"
   (suggested by Alejandro Jimenez).


Sean Christopherson (8):
  KVM: selftests: Add a test to verify APICv updates (while L2 is
    active)
  KVM: nVMX: Switch to vmcs01 to update PML controls on-demand if L2 is
    active
  KVM: nVMX: Switch to vmcs01 to update TPR threshold on-demand if L2 is
    active
  KVM: nVMX: Switch to vmcs01 to update SVI on-demand if L2 is active
  KVM: nVMX: Switch to vmcs01 to refresh APICv controls on-demand if L2
    is active
  KVM: nVMX: Switch to vmcs01 to update APIC page on-demand if L2 is
    active
  KVM: nVMX: Switch to vmcs01 to set virtual APICv mode on-demand if L2
    is active
  KVM: x86: Update APICv ISR (a.k.a. SVI) as part of
    kvm_apic_update_apicv()

 arch/x86/kvm/lapic.c                          |  31 ++--
 arch/x86/kvm/lapic.h                          |   1 -
 arch/x86/kvm/vmx/nested.c                     |  29 ----
 arch/x86/kvm/vmx/vmx.c                        |  95 +++++++----
 arch/x86/kvm/vmx/vmx.h                        |   9 -
 arch/x86/kvm/x86.c                            |   7 -
 tools/testing/selftests/kvm/Makefile.kvm      |   1 +
 .../testing/selftests/kvm/include/x86/apic.h  |   4 +
 .../kvm/x86/vmx_apicv_updates_test.c          | 155 ++++++++++++++++++
 9 files changed, 232 insertions(+), 100 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/x86/vmx_apicv_updates_test.c


base-commit: 9448598b22c50c8a5bb77a9103e2d49f134c9578
-- 
2.52.0.457.g6b5491de43-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ