| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABgObfbKEad11qb6OGLjnPp5aPVUXUmn7+yQUCvXT-dmDeRw2A@mail.gmail.com> Date: Mon, 9 Feb 2026 19:33:44 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Sean Christopherson <seanjc@...gle.com> Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [GIT PULL] KVM: x86: APIC related changes for 6.20 On Sat, Feb 7, 2026 at 5:10 AM Sean Christopherson <seanjc@...gle.com> wrote: > > A variety of cleanups and minor fixes, mostly related to APIC and APICv. > > The following changes since commit 9ace4753a5202b02191d54e9fdf7f9e3d02b85eb: > > Linux 6.19-rc4 (2026-01-04 14:41:55 -0800) > > are available in the Git repository at: > > https://github.com/kvm-x86/linux.git tags/kvm-x86-apic-6.20 > > for you to fetch changes up to ac4f869c56301831a60706a84acbf13b4f0f9886: > > KVM: VMX: Remove declaration of nested_mark_vmcs12_pages_dirty() (2026-01-14 06:01:03 -0800) Pulled, thanks. Paolo > ---------------------------------------------------------------- > KVM x86 APIC-ish changes for 6.20 > > - Fix a benign bug where KVM could use the wrong memslots (ignored SMM) when > creating a vCPU-specific mapping of guest memory. > > - Clean up KVM's handling of marking mapped vCPU pages dirty. > > - Drop a pile of *ancient* sanity checks hidden behind in KVM's unused > ASSERT() macro, most of which could be trivially triggered by the guest > and/or user, and all of which were useless. > > - Fold "struct dest_map" into its sole user, "struct rtc_status", to make it > more obvious what the weird parameter is used for, and to allow burying the > RTC shenanigans behind CONFIG_KVM_IOAPIC=y. > > - Bury all of ioapic.h and KVM_IRQCHIP_KERNEL behind CONFIG_KVM_IOAPIC=y. > > - Add a regression test for recent APICv update fixes. > > - Rework KVM's handling of VMCS updates while L2 is active to temporarily > switch to vmcs01 instead of deferring the update until the next nested > VM-Exit. The deferred updates approach directly contributed to several > bugs, was proving to be a maintenance burden due to the difficulty in > auditing the correctness of deferred updates, and was polluting > "struct nested_vmx" with a growing pile of booleans. > > - Handle "hardware APIC ISR", a.k.a. SVI, updates in kvm_apic_update_apicv() > to consolidate the updates, and to co-locate SVI updates with the updates > for KVM's own cache of ISR information. > > - Drop a dead function declaration. > > ---------------------------------------------------------------- > Binbin Wu (1): > KVM: VMX: Remove declaration of nested_mark_vmcs12_pages_dirty() > > Fred Griffoul (1): > KVM: nVMX: Mark APIC access page dirty when syncing vmcs12 pages > > Sean Christopherson (21): > KVM: Use vCPU specific memslots in __kvm_vcpu_map() > KVM: x86: Mark vmcs12 pages as dirty if and only if they're mapped > KVM: nVMX: Precisely mark vAPIC and PID maps dirty when delivering nested PI > KVM: VMX: Move nested_mark_vmcs12_pages_dirty() to vmx.c, and rename > KVM: x86: Drop ASSERT()s on APIC/vCPU being non-NULL > KVM: x86: Drop guest/user-triggerable asserts on IRR/ISR vectors > KVM: x86: Drop ASSERT() on I/O APIC EOIs being only for LEVEL_to WARN_ON_ONCE > KVM: x86: Drop guest-triggerable ASSERT()s on I/O APIC access alignment > KVM: x86: Drop MAX_NR_RESERVED_IOAPIC_PINS, use KVM_MAX_IRQ_ROUTES directly > KVM: x86: Add a wrapper to handle common case of IRQ delivery without dest_map > KVM: x86: Fold "struct dest_map" into "struct rtc_status" > KVM: x86: Bury ioapic.h definitions behind CONFIG_KVM_IOAPIC > KVM: x86: Hide KVM_IRQCHIP_KERNEL behind CONFIG_KVM_IOAPIC=y > KVM: selftests: Add a test to verify APICv updates (while L2 is active) > KVM: nVMX: Switch to vmcs01 to update PML controls on-demand if L2 is active > KVM: nVMX: Switch to vmcs01 to update TPR threshold on-demand if L2 is active > KVM: nVMX: Switch to vmcs01 to update SVI on-demand if L2 is active > KVM: nVMX: Switch to vmcs01 to refresh APICv controls on-demand if L2 is active > KVM: nVMX: Switch to vmcs01 to update APIC page on-demand if L2 is active > KVM: nVMX: Switch to vmcs01 to set virtual APICv mode on-demand if L2 is active > KVM: x86: Update APICv ISR (a.k.a. SVI) as part of kvm_apic_update_apicv() > > arch/x86/include/asm/kvm_host.h | 2 + > arch/x86/kvm/hyperv.c | 2 +- > arch/x86/kvm/ioapic.c | 43 +++--- > arch/x86/kvm/ioapic.h | 38 ++--- > arch/x86/kvm/irq.c | 4 +- > arch/x86/kvm/lapic.c | 97 ++++++------- > arch/x86/kvm/lapic.h | 21 ++- > arch/x86/kvm/vmx/nested.c | 54 +------ > arch/x86/kvm/vmx/nested.h | 1 - > arch/x86/kvm/vmx/vmx.c | 106 +++++++++----- > arch/x86/kvm/vmx/vmx.h | 9 -- > arch/x86/kvm/x86.c | 11 +- > arch/x86/kvm/xen.c | 2 +- > include/linux/kvm_host.h | 9 +- > tools/testing/selftests/kvm/Makefile.kvm | 1 + > tools/testing/selftests/kvm/include/x86/apic.h | 4 + > .../selftests/kvm/x86/vmx_apicv_updates_test.c | 155 +++++++++++++++++++++ > virt/kvm/kvm_main.c | 2 +- > 18 files changed, 334 insertions(+), 227 deletions(-) > create mode 100644 tools/testing/selftests/kvm/x86/vmx_apicv_updates_test.c >
Powered by blists - more mailing lists