lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aXkyz3IbBOphjNEi@google.com>
Date: Tue, 27 Jan 2026 13:49:03 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: David Woodhouse <dwmw2@...radead.org>
Cc: Khushit Shah <khushit.shah@...anix.com>, pbonzini@...hat.com, kai.huang@...el.com, 
	mingo@...hat.com, x86@...nel.org, bp@...en8.de, hpa@...or.com, 
	linux-kernel@...r.kernel.org, kvm@...r.kernel.org, 
	dave.hansen@...ux.intel.com, tglx@...utronix.de, jon@...anix.com, 
	shaju.abraham@...anix.com, stable@...r.kernel.org
Subject: Re: [PATCH v6] KVM: x86: Add x2APIC "features" to control EOI
 broadcast suppression

On Tue, Jan 27, 2026, David Woodhouse wrote:
> On Fri, 2026-01-23 at 12:56 +0000, Khushit Shah wrote:
> > 
> > @@ -4931,6 +4933,8 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
> >  		break;
> >  	case KVM_CAP_X2APIC_API:
> >  		r = KVM_X2APIC_API_VALID_FLAGS;
> > +		if (kvm && !irqchip_split(kvm))
> > +			r &= ~KVM_X2APIC_ENABLE_SUPPRESS_EOI_BROADCAST;
> >  		break;
> >  	case KVM_CAP_NESTED_STATE:
> >  		r = kvm_x86_ops.nested_ops->get_state ?
> > @@ -6748,11 +6752,24 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
> >  		if (cap->args[0] & ~KVM_X2APIC_API_VALID_FLAGS)
> >  			break;
> >  
> > +		if ((cap->args[0] & KVM_X2APIC_ENABLE_SUPPRESS_EOI_BROADCAST) &&
> > +		    (cap->args[0] & KVM_X2APIC_DISABLE_SUPPRESS_EOI_BROADCAST))
> > +			break;
> > +
> > +		if ((cap->args[0] & KVM_X2APIC_ENABLE_SUPPRESS_EOI_BROADCAST) &&
> > +		    !irqchip_split(kvm))
> > +			break;
> > +
> >  		if (cap->args[0] & KVM_X2APIC_API_USE_32BIT_IDS)
> 
> Is it possible to set KVM_X2APIC_ENABLE_SUPPRESS_EOI_BROADCAST and
> *then* create the in-kernel I/O APIC?

Nope, we should be good on that front, kvm->arch.irqchip_mode can't be changed
once its set.  I.e. the irqchip_split() check could get a false negative if it's
racing with KVM_CREATE_IRQCHIP, but it can't get a false positive and thus
incorrectly allow KVM_X2APIC_ENABLE_SUPPRESS_EOI_BROADCAST.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ