Re: stable backports for "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN"

Next message: Sean Christopherson: "[PATCH 6/9] KVM: x86: Add static asserts to document connection b/w TSS structs and macros"
Previous message: Sean Christopherson: "[PATCH 5/9] KVM: x86: Move KVM_GUESTDBG_VALID_MASK from kvm_host.h =&gt; x86.c"
Next in thread: Nathan Gao: "Re: stable backports for &quot;KVM: x86: Fix shadow paging use-after-free due to unexpected GFN&quot;"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Nathan Gao

Date: Thu Jun 25 2026 - 18:05:58 EST

Thanks Paolo! I tested these in the context of Amazon Linux, carrying the
series as a downstream patch set on top of our 5.10 and 5.15 trees, as
follows.

Test setup
- Trees: Amazon Linux 5.10 and 5.15, with the backports applied as
downstream patches. (For 5.10, applied a83e50d86^..d3d0e6688; for 5.15,
applied 4db658c99^..1ab8cd246)
- For each tree we ran with EPT enabled and disabled, i.e.
sudo rmmod kvm_intel && sudo modprobe kvm_intel ept=0
and confirmed via /sys/module/kvm_intel/parameters/ept.
- Tested with AWS EC2 c5.metal.

Tests
- KVM selftests: make -C tools/testing/selftests/kvm run_tests
- kvm-unit-tests: https://www.linux-kvm.org/page/KVM-unit-tests

For each (tree x EPT setting) we collected results before and after
applying the backport and compared them.

Results
- No regressions. On both 5.10 and 5.15, and with EPT on and off, the
test outcomes are the same before and after the backport.
- kvm-unit-tests output was identical before vs. after.
- The KVM selftest verdicts (ok/not ok) were identical before vs. after.
The handful of failing tests are pre-existing on our baseline and
unrelated to the MMU change (e.g. debug_regs, vmx_pmu_msrs_test, a
memslot_perf_test timeout, etc.).

So from these tests, the backport looks good. Please let me know if
there are any other tests I can help with.

Tested-by: Nathan Gao <zcgao@xxxxxxxxxx>

Thanks,
Nathan Gao