[GIT PULL] KVM fixes for Linux 6.1-rc7
From: Paolo Bonzini
Date: Sun Nov 27 2022 - 03:54:27 EST
Linus,
The following changes since commit 6d3085e4d89ad7e6c7f1c6cf929d903393565861:
KVM: x86/mmu: Block all page faults during kvm_zap_gfn_range() (2022-11-11 07:19:46 -0500)
are available in the Git repository at:
https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus
for you to fetch changes up to fe08e36be9ecbf6b38714a77c97b1d25b7a6e4b0:
Merge branch 'kvm-dwmw2-fixes' into HEAD (2022-11-23 18:59:45 -0500)
----------------------------------------------------------------
x86:
* Fixes for Xen emulation. While nobody should be enabling it in
the kernel (the only public users of the feature are the selftests),
the bug effectively allows userspace to read arbitrary memory.
* Correctness fixes for nested hypervisors that do not intercept INIT
or SHUTDOWN on AMD; the subsequent CPU reset can cause a use-after-free
when it disables virtualization extensions. While downgrading the panic
to a WARN is quite easy, the full fix is a bit more laborious; there
are also tests. This is the bulk of the pull request.
* Fix race condition due to incorrect mmu_lock use around
make_mmu_pages_available().
Generic:
* Obey changes to the kvm.halt_poll_ns module parameter in VMs
not using KVM_CAP_HALT_POLL, restoring behavior from before
the introduction of the capability
----------------------------------------------------------------
David Matlack (3):
KVM: Cap vcpu->halt_poll_ns before halting rather than after
KVM: Avoid re-reading kvm->max_halt_poll_ns during halt-polling
KVM: Obey kvm.halt_poll_ns in VMs not using KVM_CAP_HALT_POLL
David Woodhouse (3):
KVM: x86/xen: Validate port number in SCHEDOP_poll
KVM: x86/xen: Only do in-kernel acceleration of hypercalls for guest CPL0
KVM: Update gfn_to_pfn_cache khva when it moves within the same page
Kazuki Takiguchi (1):
KVM: x86/mmu: Fix race condition in direct_page_fault
Maxim Levitsky (9):
KVM: x86: nSVM: leave nested mode on vCPU free
KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use
KVM: x86: add kvm_leave_nested
KVM: x86: forcibly leave nested mode on vCPU reset
KVM: selftests: move idt_entry to header
kvm: selftests: add svm nested shutdown test
KVM: x86: allow L1 to not intercept triple fault
KVM: selftests: add svm part to triple_fault_test
KVM: x86: remove exit_int_info warning in svm_handle_exit
Paolo Bonzini (2):
Merge branch 'kvm-svm-harden' into HEAD
Merge branch 'kvm-dwmw2-fixes' into HEAD
arch/x86/kvm/mmu/mmu.c | 13 ++--
arch/x86/kvm/svm/nested.c | 12 +++-
arch/x86/kvm/svm/svm.c | 16 +----
arch/x86/kvm/vmx/nested.c | 4 +-
arch/x86/kvm/x86.c | 29 +++++++--
arch/x86/kvm/xen.c | 32 +++++++---
include/linux/kvm_host.h | 1 +
tools/testing/selftests/kvm/.gitignore | 1 +
tools/testing/selftests/kvm/Makefile | 1 +
.../selftests/kvm/include/x86_64/processor.h | 13 ++++
tools/testing/selftests/kvm/lib/x86_64/processor.c | 13 ----
.../kvm/x86_64/svm_nested_shutdown_test.c | 67 ++++++++++++++++++++
.../selftests/kvm/x86_64/triple_fault_event_test.c | 73 +++++++++++++++++-----
virt/kvm/kvm_main.c | 52 ++++++++++++---
virt/kvm/pfncache.c | 7 ++-
15 files changed, 251 insertions(+), 83 deletions(-)
create mode 100644 tools/testing/selftests/kvm/x86_64/svm_nested_shutdown_test.c