[v2] KVM: riscv: Fix Spectre-v1 vulnerabilities in register access

[PATCH v2 0/4] KVM: riscv: Fix Spectre-v1 vulnerabilities in register access

Posted by Lukas Gerlach 1 month, 1 week ago

This series adds array_index_nospec() to RISC-V KVM to prevent
speculative out-of-bounds access to kernel memory.

Similar fixes exist for x86 (ioapic, lapic, PMU) and arm64 (vgic).

Signed-off-by: Lukas Gerlach <lukas.gerlach@cispa.de>
---
Changes in v2:
Add array_index_nospec() to four additional sites in vcpu_pmu.c
(Radim Krčmář)

---
Lukas Gerlach (4):
      KVM: riscv: Fix Spectre-v1 in ONE_REG register access
      KVM: riscv: Fix Spectre-v1 in AIA CSR access
      KVM: riscv: Fix Spectre-v1 in floating-point register access
      KVM: riscv: Fix Spectre-v1 in PMU counter access

 arch/riscv/kvm/aia.c         | 11 +++++++++--
 arch/riscv/kvm/vcpu_fp.c     | 17 +++++++++++++----
 arch/riscv/kvm/vcpu_onereg.c | 36 ++++++++++++++++++++++++++++--------
 arch/riscv/kvm/vcpu_pmu.c    | 14 +++++++++++---
 4 files changed, 61 insertions(+), 17 deletions(-)
---
base-commit: f4d0ec0aa20d49f09dc01d82894ce80d72de0560
change-id: 20260226-kvm-riscv-spectre-v1-4d04dc68c226

Best regards,
-- 
Lukas Gerlach <lukas.gerlach@cispa.de>

Re: [PATCH v2 0/4] KVM: riscv: Fix Spectre-v1 vulnerabilities in register access

Posted by Anup Patel 1 month ago

On Tue, Mar 3, 2026 at 7:49 PM Lukas Gerlach <lukas.gerlach@cispa.de> wrote:
>
> This series adds array_index_nospec() to RISC-V KVM to prevent
> speculative out-of-bounds access to kernel memory.
>
> Similar fixes exist for x86 (ioapic, lapic, PMU) and arm64 (vgic).
>
> Signed-off-by: Lukas Gerlach <lukas.gerlach@cispa.de>
> ---
> Changes in v2:
> Add array_index_nospec() to four additional sites in vcpu_pmu.c
> (Radim Krčmář)
>
> ---
> Lukas Gerlach (4):
>       KVM: riscv: Fix Spectre-v1 in ONE_REG register access
>       KVM: riscv: Fix Spectre-v1 in AIA CSR access
>       KVM: riscv: Fix Spectre-v1 in floating-point register access
>       KVM: riscv: Fix Spectre-v1 in PMU counter access
>
>  arch/riscv/kvm/aia.c         | 11 +++++++++--
>  arch/riscv/kvm/vcpu_fp.c     | 17 +++++++++++++----
>  arch/riscv/kvm/vcpu_onereg.c | 36 ++++++++++++++++++++++++++++--------
>  arch/riscv/kvm/vcpu_pmu.c    | 14 +++++++++++---
>  4 files changed, 61 insertions(+), 17 deletions(-)

Queued these patches as fixes for Linux-7.0-rcX

Thanks,
Anup