Commit 628e04df authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm 

Pull KVM fixes from Paolo Bonzini:
 "Bugfixes and strengthening the validity checks on inputs from new
  userspace APIs.

  Now I know why I shouldn't prepare pull requests on the weekend, it's
  hard to concentrate if your son is shouting about his latest Minecraft
  builds in your ear. Fortunately all the patches were ready and I just
  had to check the test results..."

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM
  KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled
  KVM: arm64: Don't inherit exec permission across page-table levels
  KVM: arm64: Prevent vcpu_has_ptrauth from generating OOL functions
  KVM: nVMX: check for invalid hdr.vmx.flags
  KVM: nVMX: check for required but missing VMCS12 in KVM_SET_NESTED_STATE
  selftests: kvm: do not set guest mode flag
parents ac3a0c84 830f01b0

arch/arm64/include/asm/kvm_host.h

+8 −3
Original line number Diff line number Diff line
@@ -380,9 +380,14 @@ struct kvm_vcpu_arch { 
#define vcpu_has_sve(vcpu) (system_supports_sve() && \

			    ((vcpu)->arch.flags & KVM_ARM64_GUEST_HAS_SVE))



#define vcpu_has_ptrauth(vcpu)	((system_supports_address_auth() || \

				  system_supports_generic_auth()) && \

				 ((vcpu)->arch.flags & KVM_ARM64_GUEST_HAS_PTRAUTH))

#ifdef CONFIG_ARM64_PTR_AUTH

#define vcpu_has_ptrauth(vcpu)						\

	((cpus_have_final_cap(ARM64_HAS_ADDRESS_AUTH) ||		\

	  cpus_have_final_cap(ARM64_HAS_GENERIC_AUTH)) &&		\

	 (vcpu)->arch.flags & KVM_ARM64_GUEST_HAS_PTRAUTH)

#else

#define vcpu_has_ptrauth(vcpu)		false

#endif



#define vcpu_gp_regs(v)		(&(v)->arch.ctxt.gp_regs)

arch/arm64/kvm/mmu.c

+6 −5
Original line number Diff line number Diff line
@@ -1326,7 +1326,7 @@ static bool stage2_get_leaf_entry(struct kvm *kvm, phys_addr_t addr, 
	return true;

}



static bool stage2_is_exec(struct kvm *kvm, phys_addr_t addr)

static bool stage2_is_exec(struct kvm *kvm, phys_addr_t addr, unsigned long sz)

{

	pud_t *pudp;

	pmd_t *pmdp;
@@ -1338,11 +1338,11 @@ static bool stage2_is_exec(struct kvm *kvm, phys_addr_t addr) 
		return false;



	if (pudp)

		return kvm_s2pud_exec(pudp);

		return sz <= PUD_SIZE && kvm_s2pud_exec(pudp);

	else if (pmdp)

		return kvm_s2pmd_exec(pmdp);

		return sz <= PMD_SIZE && kvm_s2pmd_exec(pmdp);

	else

		return kvm_s2pte_exec(ptep);

		return sz == PAGE_SIZE && kvm_s2pte_exec(ptep);

}



static int stage2_set_pte(struct kvm *kvm, struct kvm_mmu_memory_cache *cache,
@@ -1958,7 +1958,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, 
	 * execute permissions, and we preserve whatever we have.

	 */

	needs_exec = exec_fault ||

		(fault_status == FSC_PERM && stage2_is_exec(kvm, fault_ipa));

		(fault_status == FSC_PERM &&

		 stage2_is_exec(kvm, fault_ipa, vma_pagesize));



	if (vma_pagesize == PUD_SIZE) {

		pud_t new_pud = kvm_pfn_pud(pfn, mem_type);

arch/x86/kvm/lapic.c

+1 −1
Original line number Diff line number Diff line
@@ -2195,7 +2195,7 @@ void kvm_set_lapic_tscdeadline_msr(struct kvm_vcpu *vcpu, u64 data) 
{

	struct kvm_lapic *apic = vcpu->arch.apic;



	if (!lapic_in_kernel(vcpu) || apic_lvtt_oneshot(apic) ||

	if (!kvm_apic_present(vcpu) || apic_lvtt_oneshot(apic) ||

			apic_lvtt_period(apic))

		return;

arch/x86/kvm/svm/svm.c

+6 −3
Original line number Diff line number Diff line
@@ -1090,7 +1090,7 @@ static void init_vmcb(struct vcpu_svm *svm) 
	svm->nested.vmcb = 0;

	svm->vcpu.arch.hflags = 0;



	if (pause_filter_count) {

	if (!kvm_pause_in_guest(svm->vcpu.kvm)) {

		control->pause_filter_count = pause_filter_count;

		if (pause_filter_thresh)

			control->pause_filter_thresh = pause_filter_thresh;
@@ -2693,7 +2693,7 @@ static int pause_interception(struct vcpu_svm *svm) 
	struct kvm_vcpu *vcpu = &svm->vcpu;

	bool in_kernel = (svm_get_cpl(vcpu) == 0);



	if (pause_filter_thresh)

	if (!kvm_pause_in_guest(vcpu->kvm))

		grow_ple_window(vcpu);



	kvm_vcpu_on_spin(vcpu, in_kernel);
@@ -3780,7 +3780,7 @@ static void svm_handle_exit_irqoff(struct kvm_vcpu *vcpu) 


static void svm_sched_in(struct kvm_vcpu *vcpu, int cpu)

{

	if (pause_filter_thresh)

	if (!kvm_pause_in_guest(vcpu->kvm))

		shrink_ple_window(vcpu);

}
@@ -3958,6 +3958,9 @@ static void svm_vm_destroy(struct kvm *kvm) 


static int svm_vm_init(struct kvm *kvm)

{

	if (!pause_filter_count || !pause_filter_thresh)

		kvm->arch.pause_in_guest = true;



	if (avic) {

		int ret = avic_vm_init(kvm);

		if (ret)

arch/x86/kvm/vmx/nested.c

+13 −3
Original line number Diff line number Diff line
@@ -6079,6 +6079,9 @@ static int vmx_set_nested_state(struct kvm_vcpu *vcpu, 
	    ~(KVM_STATE_NESTED_SMM_GUEST_MODE | KVM_STATE_NESTED_SMM_VMXON))

		return -EINVAL;



	if (kvm_state->hdr.vmx.flags & ~KVM_STATE_VMX_PREEMPTION_TIMER_DEADLINE)

		return -EINVAL;



	/*

	 * SMM temporarily disables VMX, so we cannot be in guest mode,

	 * nor can VMLAUNCH/VMRESUME be pending.  Outside SMM, SMM flags
@@ -6108,9 +6111,16 @@ static int vmx_set_nested_state(struct kvm_vcpu *vcpu, 
	if (ret)

		return ret;



	/* Empty 'VMXON' state is permitted */

	if (kvm_state->size < sizeof(*kvm_state) + sizeof(*vmcs12))

	/* Empty 'VMXON' state is permitted if no VMCS loaded */

	if (kvm_state->size < sizeof(*kvm_state) + sizeof(*vmcs12)) {

		/* See vmx_has_valid_vmcs12.  */

		if ((kvm_state->flags & KVM_STATE_NESTED_GUEST_MODE) ||

		    (kvm_state->flags & KVM_STATE_NESTED_EVMCS) ||

		    (kvm_state->hdr.vmx.vmcs12_pa != -1ull))

			return -EINVAL;

		else

			return 0;

	}



	if (kvm_state->hdr.vmx.vmcs12_pa != -1ull) {

		if (kvm_state->hdr.vmx.vmcs12_pa == kvm_state->hdr.vmx.vmxon_pa ||

CRA Git | Maintained and supported by SUSTech CRA and CCSE