lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260203190711.458413-1-seanjc@google.com>
Date: Tue,  3 Feb 2026 11:07:08 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	Jim Mattson <jmattson@...gle.com>, Naveen N Rao <naveen@...nel.org>, 
	"Maciej S . Szmigiero" <maciej.szmigiero@...cle.com>
Subject: [PATCH 0/2] KVM: SVM: Fix CR8 intercpetion woes with AVIC

Fix a bug (or rather, a class of bugs) where SVM leaves the CR8 write
intercept enabled after AVIC is enabled.  On its own, the dangling CR8
intercept is "just" a performance issue.  But combined with the TPR sync bug
fixed by commit d02e48830e3f ("KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR
even if AVIC is active"), the danging intercept is fatal to Windows guests as
the TPR seen by hardware gets wildly out of sync with reality.

Tagged for stable even though there shouldn't be functional issues so long as
the TPR sync bug is fixed, because (a) write_cr8 exits can represent the
overwhelming majority of exits (hence the quotes around "just" a performance
issue), and (b) running with a bad/wrong configuration increases the chances
of encountering other lurking TPR bugs (if there are any), i.e. of hitting
bugs that would otherwise be rare edge (which is good for testing, but bad
for production).

Sean Christopherson (2):
  KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with
    in-kernel APIC
  KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated

 arch/x86/kvm/svm/avic.c |  8 +++++---
 arch/x86/kvm/svm/svm.c  | 11 ++++++-----
 2 files changed, 11 insertions(+), 8 deletions(-)


base-commit: e944fe2c09f405a2e2d147145c9b470084bc4c9a
-- 
2.53.0.rc2.204.g2597b5adb4-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ