| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260204175509.163280-1-pbonzini@redhat.com>
Date: Wed, 4 Feb 2026 18:55:09 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: torvalds@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Subject: [GIT PULL] Final KVM changes for Linux 6.19
Linus,
The following changes since commit e89f0e9a0a007e8c3afb8ecd739c0b3255422b00:
Merge tag 'kvmarm-fixes-6.19-1' of https://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD (2026-01-24 08:42:14 +0100)
are available in the Git repository at:
https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus
for you to fetch changes up to 0de4a0eec25b9171f2a2abb1a820e125e6797770:
Merge tag 'kvm-x86-fixes-6.19-rc8' of https://github.com/kvm-x86/linux into HEAD (2026-02-04 18:30:32 +0100)
Sorry for being a bit late, I try to send things over the weekend
if possible but last Saturday/Sunday I was at FOSDEM.
----------------------------------------------------------------
Final KVM fixes for 6.19:
- Fix a bug where AVIC is incorrectly inhibited when running with x2AVIC
disabled via module param (or on a system without x2AVIC).
- Fix a dangling device posted IRQs bug by explicitly checking if the irqfd is
still active (on the list) when handling an eventfd signal, instead of
zeroing the irqfd's routing information when the irqfd is deassigned.
Zeroing the irqfd's routing info causes arm64 and x86's to not disable
posting for the IRQ (kvm_arch_irq_bypass_del_producer() looks for an MSI),
incorrectly leaving the IRQ in posted mode (and leading to use-after-free
and memory leaks on AMD in particular).
This is both the most pressing and scariest, but it's been in -next for
a while.
- Disable FORTIFY_SOURCE for KVM selftests to prevent the compiler from
generating calls to the checked versions of memset() and friends, which
leads to unexpected page faults in guest code due e.g. __memset_chk@plt
not being resolved.
- Explicitly configure the support XSS from within {svm,vmx}_set_cpu_caps() to
fix a bug where VMX will compute the reference VMCS configuration with SHSTK
and IBT enabled, but then compute each CPUs local config with SHSTK and IBT
disabled if not all CET xfeatures are enabled, e.g. if the kernel is built
with X86_KERNEL_IBT=n. The mismatch in features results in differing nVMX
setting, and ultimately causes kvm-intel.ko to refuse to load with nested=1.
----------------------------------------------------------------
Paolo Bonzini (1):
Merge tag 'kvm-x86-fixes-6.19-rc8' of https://github.com/kvm-x86/linux into HEAD
Sean Christopherson (4):
KVM: SVM: Check vCPU ID against max x2AVIC ID if and only if x2AVIC is enabled
KVM: Don't clobber irqfd routing type when deassigning irqfd
KVM: x86: Assert that non-MSI doesn't have bypass vCPU when deleting producer
KVM: x86: Explicitly configure supported XSS from {svm,vmx}_set_cpu_caps()
Zhiquan Li (1):
KVM: selftests: Add -U_FORTIFY_SOURCE to avoid some unpredictable test failures
arch/x86/kvm/irq.c | 3 ++-
arch/x86/kvm/svm/avic.c | 4 +--
arch/x86/kvm/svm/svm.c | 2 ++
arch/x86/kvm/vmx/vmx.c | 2 ++
arch/x86/kvm/x86.c | 30 ++++++++++++----------
arch/x86/kvm/x86.h | 2 ++
tools/testing/selftests/kvm/Makefile.kvm | 1 +
virt/kvm/eventfd.c | 44 +++++++++++++++++---------------
8 files changed, 52 insertions(+), 36 deletions(-)
Powered by blists - more mailing lists