[GIT PULL] KVM changes for Linux 7.1-rc6

[Paolo Bonzini]

Linus,

The following changes since commit e7ae89a0c97ce2b68b0983cd01eda67cf373517d:

  Linux 7.1-rc5 (2026-05-24 13:48:06 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus

for you to fetch changes up to 713074d53be5c8684cb31fa7a8f09ffb679338d9:

  Merge commit 'kvm-psc-for-7.1' into HEAD (2026-05-29 20:25:59 +0200)

Long weekend here, so I'm not sending it on Sunday...

Thanks,

Paolo
----------------------------------------------------------------
Arm:

- Restore CONFIG_PKVM_DISABLE_STAGE2_ON_PANIC to its former glory by
  making sure the config symbol is correctly spelled out in the code

- Don't reset the AArch32 view of the PMU counters to zero when the
  guest is writing to them

- Fix an assorted collection of memory leaks in the newly added tracing
  code

- Fix the capping of ZCR_EL2 which could be used in an unsanitised way
  by an L2 guest

x86:

- Include the kernel's linux/mman.h in KVM selftests to ensure MADV_COLLAPSE
  is defined, as older libc versions may not provide it.

- Include execinfo.h if and only if KVM selftests are building against glibc,
  and provide a test_dump_stack() for non-glibc builds.

- Silence an annoying RCU splat on (even non-KVM-related) panics.  The splat
  is technically legit, but in practice not an issue.  To have a race, you
  would need to unload the KVM modules at exactly the time a panic happens;
  and speaking of incredibly rare races, taking the locks risks introducing
  a deadlock if the module unload code took the lock on a CPU that has been
  halted.  Which seems possibly more likely than the RCU grace period issue,
  so just shut it up.  This code used to be in KVM but is now outside it;
  but the x86 maintainers haven't picked it up, so here we are.

- Rate-limit global clock updates once again (but without delayed work), as
  KVM was subtly relying on the old rate-limiting for NPT correction to guard
  against "update storms" when running without a master clock on systems with
  overcommitted CPUs.

- Fix a brown paper bag goof where KVM checked if ERAPS is "dirty" instead of
  marking it dirty when emulating INVPCID.

- Flush the TLB when transitioning from xAVIC => x2AVIC to ensure the CPU TLB
  doesn't contain AVIC-tagged entries for the APIC base GPA.

- The top 10 commits fix buffer overflow (and potential TOC/TOU) flaws in the
  page state change protocol for encrypted VMs.  AI models find it quite
  easily given it was reported three times, but aren't as good at writing
  a comprehensive fix.  There's more to clean up in the area, which will
  come in 7.2.

----------------------------------------------------------------
Emily Ehlert (1):
      KVM: x86: Fix ERAPS RAP clear on INVPCID single-context invalidation

Hisam Mehboob (1):
      KVM: selftests: Guard execinfo.h inclusion for non-glibc builds

Lei Chen (1):
      KVM: x86: Rate-limit global clock updates on vCPU load

Mark Brown (1):
      KVM: arm64: Correctly cap ZCR_EL2 provided by a guest hypervisor

Michael Roth (1):
      KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use

Mikhail Gavrilov (1):
      x86/virt: Silence RCU lockdep splat in emergency virt callback path

Paolo Bonzini (3):
      Merge tag 'kvm-x86-fixes-7.1-rc6' of https://github.com/kvm-x86/linux into HEAD
      Merge tag 'kvmarm-fixes-7.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
      Merge commit 'kvm-psc-for-7.1' into HEAD

Qiang Ma (1):
      KVM: arm64: PMU: Preserve AArch32 counter low bits

Sean Christopherson (11):
      KVM: selftests: Include sys/mman.h *and* linux/mman.h, via kvm_syscalls.h
      KVM: SVM: Flush the current TLB when transitioning from xAVIC => x2AVIC
      KVM: SEV: Ignore MMIO requests of length '0'
      KVM: SEV: Reject MMIO requests larger than 8 bytes with GHCB v2+
      KVM: SEV: Ignore Port I/O requests of length '0'
      KVM: SEV: Use the size of the PSC header as the minimum size for PSC requests
      KVM: SEV: Compute the correct max length of the in-GHCB scratch area
      KVM: SEV: WARN if KVM attempts to setup scratch area with min_len==0
      KVM: SEV: Don't explicitly pass PSC buffer to snp_begin_psc()
      KVM: SEV: Check PSC request indices against the actual size of the buffer
      KVM: SEV: Use READ_ONCE() when reading entries/indices from PSC buffer

Vincent Donnefort (4):
      KVM: arm64: Fix CONFIG_PKVM_DISABLE_STAGE2_ON_PANIC
      KVM: arm64: Fix meta-page unsharing in pKVM hyp tracing
      KVM: arm64: Fix rollback in hyp_trace_buffer_share_hyp()
      KVM: arm64: Fix memory leak in hyp_trace_unload()

 arch/arm64/include/asm/kvm_host.h                  |  2 +-
 arch/arm64/kvm/hyp/include/hyp/switch.h            | 16 ++--
 arch/arm64/kvm/hyp/nvhe/host.S                     |  2 +-
 arch/arm64/kvm/hyp_trace.c                         |  9 ++-
 arch/arm64/kvm/nested.c                            |  5 ++
 arch/arm64/kvm/pmu-emul.c                          |  4 +-
 arch/arm64/kvm/sys_regs.c                          | 11 +--
 arch/x86/include/asm/kvm_host.h                    |  1 +
 arch/x86/kvm/svm/avic.c                            | 35 +++++++--
 arch/x86/kvm/svm/sev.c                             | 91 +++++++++++++++-------
 arch/x86/kvm/x86.c                                 | 13 +++-
 arch/x86/virt/hw.c                                 | 15 +++-
 .../selftests/kvm/access_tracking_perf_test.c      |  2 +-
 tools/testing/selftests/kvm/guest_memfd_test.c     |  2 +-
 tools/testing/selftests/kvm/include/kvm_syscalls.h | 10 +++
 tools/testing/selftests/kvm/include/test_util.h    |  2 +-
 tools/testing/selftests/kvm/lib/assert.c           |  8 +-
 tools/testing/selftests/kvm/lib/kvm_util.c         |  2 +-
 tools/testing/selftests/kvm/memslot_perf_test.c    |  2 +-
 .../selftests/kvm/s390/shared_zeropage_test.c      |  3 +-
 tools/testing/selftests/kvm/s390/tprot.c           |  2 +-
 .../testing/selftests/kvm/set_memory_region_test.c |  2 +-
 22 files changed, 172 insertions(+), 67 deletions(-)