arch/x86/kvm/lapic.c | 55 ++++++++++++++++++++++++++---------------- arch/x86/kvm/lapic.h | 2 ++ arch/x86/kvm/vmx/vmx.c | 40 +++++++++++++++--------------- 3 files changed, 57 insertions(+), 40 deletions(-)
Fixes for edge cases where KVM mishandles reserved bits/regs checks when
the vCPU is in x2APIC mode.
The first two patches were previously posted[*], but both patches were
broken (as posted against upstream), hence I took full credit for doing
the work and changed Marc to a reporter.
The VMX APICv fixes are for bugs found when writing tests. *sigh*
I didn't Cc those to stable as the odds of breaking something when touching
the MSR bitmaps seemed higher than someone caring about a 10 year old bug.
AMD x2AVIC support may or may not suffer similar interception bugs, but I
don't have hardware to test and this already snowballed further than
expected...
[*] https://lore.kernel.org/kvm/20220525173933.1611076-1-venkateshs@chromium.org
Sean Christopherson (6):
KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32
KVM: x86: Mark x2APIC DFR reg as non-existent for x2APIC
KVM: x86: Split out logic to generate "readable" APIC regs mask to
helper
KVM: VMX: Always intercept accesses to unsupported "extended" x2APIC
regs
KVM: VMX: Intercept reads to invalid and write-only x2APIC registers
arch/x86/kvm/lapic.c | 55 ++++++++++++++++++++++++++----------------
arch/x86/kvm/lapic.h | 2 ++
arch/x86/kvm/vmx/vmx.c | 40 +++++++++++++++---------------
3 files changed, 57 insertions(+), 40 deletions(-)
base-commit: 91dc252b0dbb6879e4067f614df1e397fec532a1
--
2.39.0.314.g84b9a713c41-goog
On Sat, 07 Jan 2023 01:10:19 +0000, Sean Christopherson wrote:
> Fixes for edge cases where KVM mishandles reserved bits/regs checks when
> the vCPU is in x2APIC mode.
>
> The first two patches were previously posted[*], but both patches were
> broken (as posted against upstream), hence I took full credit for doing
> the work and changed Marc to a reporter.
>
> [...]
Applied to kvm-x86 apic, thanks past me!
[1/6] KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
https://github.com/kvm-x86/linux/commit/aeee623ea411
[2/6] KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32
https://github.com/kvm-x86/linux/commit/a927a2508121
[3/6] KVM: x86: Mark x2APIC DFR reg as non-existent for x2APIC
https://github.com/kvm-x86/linux/commit/6d4719e1b5a2
[4/6] KVM: x86: Split out logic to generate "readable" APIC regs mask to helper
https://github.com/kvm-x86/linux/commit/1088d5e5cf70
[5/6] KVM: VMX: Always intercept accesses to unsupported "extended" x2APIC regs
https://github.com/kvm-x86/linux/commit/cbb3f75487a9
[6/6] KVM: VMX: Intercept reads to invalid and write-only x2APIC registers
https://github.com/kvm-x86/linux/commit/7b205379c53d
--
https://github.com/kvm-x86/linux/tree/next
https://github.com/kvm-x86/linux/tree/fixes
On 1/7/23 02:10, Sean Christopherson wrote: > Fixes for edge cases where KVM mishandles reserved bits/regs checks when > the vCPU is in x2APIC mode. > > The first two patches were previously posted[*], but both patches were > broken (as posted against upstream), hence I took full credit for doing > the work and changed Marc to a reporter. > > The VMX APICv fixes are for bugs found when writing tests. *sigh* > I didn't Cc those to stable as the odds of breaking something when touching > the MSR bitmaps seemed higher than someone caring about a 10 year old bug. > > AMD x2AVIC support may or may not suffer similar interception bugs, but I > don't have hardware to test and this already snowballed further than > expected... > > [*] https://lore.kernel.org/kvm/20220525173933.1611076-1-venkateshs@chromium.org Looks good; please feel free to start gathering this in your tree for 6.3. Next week I'll go through Ben's series as well as Aaron's "Clean up the supported xfeatures" and others. Let me know if you would like me to queue anything of these instead, and please remember to set up the tree in linux-next. :) Thanks, Paolo > Sean Christopherson (6): > KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI > KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32 > KVM: x86: Mark x2APIC DFR reg as non-existent for x2APIC > KVM: x86: Split out logic to generate "readable" APIC regs mask to > helper > KVM: VMX: Always intercept accesses to unsupported "extended" x2APIC > regs > KVM: VMX: Intercept reads to invalid and write-only x2APIC registers > > arch/x86/kvm/lapic.c | 55 ++++++++++++++++++++++++++---------------- > arch/x86/kvm/lapic.h | 2 ++ > arch/x86/kvm/vmx/vmx.c | 40 +++++++++++++++--------------- > 3 files changed, 57 insertions(+), 40 deletions(-) > > > base-commit: 91dc252b0dbb6879e4067f614df1e397fec532a1
On Fri, Jan 13, 2023, Paolo Bonzini wrote: > On 1/7/23 02:10, Sean Christopherson wrote: > > Fixes for edge cases where KVM mishandles reserved bits/regs checks when > > the vCPU is in x2APIC mode. > > > > The first two patches were previously posted[*], but both patches were > > broken (as posted against upstream), hence I took full credit for doing > > the work and changed Marc to a reporter. > > > > The VMX APICv fixes are for bugs found when writing tests. *sigh* > > I didn't Cc those to stable as the odds of breaking something when touching > > the MSR bitmaps seemed higher than someone caring about a 10 year old bug. > > > > AMD x2AVIC support may or may not suffer similar interception bugs, but I > > don't have hardware to test and this already snowballed further than > > expected... > > > > [*] https://lore.kernel.org/kvm/20220525173933.1611076-1-venkateshs@chromium.org > > Looks good; please feel free to start gathering this in your tree for 6.3. Thanks! > Next week I'll go through Ben's series as well as Aaron's "Clean up the > supported xfeatures" and others. > > Let me know if you would like me to queue anything of these instead, and > please remember to set up the tree in linux-next. :) Ya, next week is going to be dedicated to sorting out maintenance mechanics.
© 2016 - 2025 Red Hat, Inc.