[GIT PULL] KVM: x86: VMX changes for 6.12
From: Sean Christopherson
Date: Fri Sep 13 2024 - 21:15:57 EST
The highlight is a fix for nested posted interrupts that shows up on CPUs with
IPI virtualization. If KVM ends up handling an L1 virtual IRQ for L2's posted
interrupt notification vector, KVM will incorrectly synthesize a VM-Exit to L1
instead of processing pending posted interrupts.
I am very confident in the fix itself. The refactorings to land the fix without
creating a TOCTOU bug on the other hand... I did my best to test that I didn't
botch anything, but my first attempt went poorly, and as a result the changes
haven't been in -next for as long as I'd normally prefer.
The following changes since commit 47ac09b91befbb6a235ab620c32af719f8208399:
Linux 6.11-rc4 (2024-08-18 13:17:27 -0700)
are available in the Git repository at:
https://github.com/kvm-x86/linux.git tags/kvm-x86-vmx-6.12
for you to fetch changes up to f3009482512eb057e7161214a068c6bd7bae83a4:
KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (2024-09-09 20:33:22 -0700)
----------------------------------------------------------------
KVM VMX changes for 6.12:
- Set FINAL/PAGE in the page fault error code for EPT Violations if and only
if the GVA is valid. If the GVA is NOT valid, there is no guest-side page
table walk and so stuffing paging related metadata is nonsensical.
- Fix a bug where KVM would incorrectly synthesize a nested VM-Exit instead of
emulating posted interrupt delivery to L2.
- Add a lockdep assertion to detect unsafe accesses of vmcs12 structures.
- Harden eVMCS loading against an impossible NULL pointer deref (really truly
should be impossible).
- Minor SGX fix and a cleanup.
----------------------------------------------------------------
Kai Huang (2):
KVM: VMX: Do not account for temporary memory allocation in ECREATE emulation
KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled
Maxim Levitsky (1):
KVM: nVMX: Use vmx_segment_cache_clear() instead of open coded equivalent
Qiang Liu (1):
KVM: VMX: Modify the BUILD_BUG_ON_MSG of the 32-bit field in the vmcs_check16 function
Sean Christopherson (9):
KVM: nVMX: Honor userspace MSR filter lists for nested VM-Enter/VM-Exit
KVM: x86: Move "ack" phase of local APIC IRQ delivery to separate API
KVM: nVMX: Get to-be-acknowledge IRQ for nested VM-Exit at injection site
KVM: nVMX: Suppress external interrupt VM-Exit injection if there's no IRQ
KVM: nVMX: Detect nested posted interrupt NV at nested VM-Exit injection
KVM: x86: Fold kvm_get_apic_interrupt() into kvm_cpu_get_interrupt()
KVM: nVMX: Explicitly invalidate posted_intr_nv if PI is disabled at VM-Enter
KVM: nVMX: Assert that vcpu->mutex is held when accessing secondary VMCSes
KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid
Vitaly Kuznetsov (1):
KVM: VMX: hyper-v: Prevent impossible NULL pointer dereference in evmcs_load()
Documentation/virt/kvm/api.rst | 23 ++++++++++---
arch/x86/include/asm/kvm_host.h | 3 ++
arch/x86/kvm/irq.c | 10 ++++--
arch/x86/kvm/lapic.c | 9 +++---
arch/x86/kvm/lapic.h | 2 +-
arch/x86/kvm/vmx/nested.c | 72 ++++++++++++++++++++++++++++++-----------
arch/x86/kvm/vmx/nested.h | 6 ++++
arch/x86/kvm/vmx/sgx.c | 2 +-
arch/x86/kvm/vmx/vmx.c | 17 ++++++----
arch/x86/kvm/vmx/vmx.h | 5 +++
arch/x86/kvm/vmx/vmx_onhyperv.h | 8 +++++
arch/x86/kvm/vmx/vmx_ops.h | 2 +-
arch/x86/kvm/x86.c | 6 ++--
13 files changed, 124 insertions(+), 41 deletions(-)