lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aWfxtLLz5STAF-iY@google.com>
Date: Wed, 14 Jan 2026 11:42:44 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Naveen N Rao <naveen@...nel.org>
Cc: Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Suravee Suthikulpanit <suravee.suthikulpanit@....com>
Subject: Re: [PATCH] KVM: SVM: Check vCPU ID against max x2AVIC ID if and only
 if x2AVIC is enabled

On Wed, Jan 14, 2026, Naveen N Rao wrote:
> On Mon, Jan 12, 2026 at 03:28:05PM -0800, Sean Christopherson wrote:
> > When allocating the AVIC backing page, only check one of the max AVIC vs.
> > x2AVIC ID based on whether or not x2AVIC is enabled.  Doing so fixes a bug
> > where KVM incorrectly inhibits AVIC if x2AVIC is _disabled_ and any vCPU
> > with a non-zero APIC ID is created, as x2avic_max_physical_id is left '0'
> > when x2AVIC is disabled.
> > 
> > Fixes: 940fc47cfb0d ("KVM: SVM: Add AVIC support for 4k vCPUs in x2AVIC mode")
> > Cc: stable@...r.kernel.org
> > Cc: Naveen N Rao (AMD) <naveen@...nel.org>
> > Cc: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
> > Signed-off-by: Sean Christopherson <seanjc@...gle.com>
> > ---
> >  arch/x86/kvm/svm/avic.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> I think the bad commit is:
> f628a34a9d52 ("KVM: SVM: Replace "avic_mode" enum with "x2avic_enabled" boolean")
> 
> ... which introduced x2avic_enabled.

No.  That commit definitely set a trap for 4k vCPUs support, but there was no
functional bug as of that commit.  KVM would unnecessarily check @id against
X2AVIC_MAX_PHYSICAL_ID, but it's a non-issue because X2AVIC_MAX_PHYSICAL_ID is
a constant and greater than AVIC_MAX_PHYSICAL_ID.

        if ((!x2avic_enabled && id > AVIC_MAX_PHYSICAL_ID) ||
            (id > X2AVIC_MAX_PHYSICAL_ID))
                return -EINVAL;

So from a "what LTS commits need this fix" perspective, it's just the ones with
940fc47cfb0d.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ