]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
5.10-stable patches
authorGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 17 May 2021 08:52:18 +0000 (10:52 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 17 May 2021 08:52:18 +0000 (10:52 +0200)
added patches:
kvm-vmx-disable-preemption-when-probing-user-return-msrs.patch
kvm-vmx-do-not-advertise-rdpid-if-enable_rdtscp-control-is-unsupported.patch

queue-5.10/kvm-vmx-disable-preemption-when-probing-user-return-msrs.patch [new file with mode: 0644]
queue-5.10/kvm-vmx-do-not-advertise-rdpid-if-enable_rdtscp-control-is-unsupported.patch [new file with mode: 0644]
queue-5.10/series

diff --git a/queue-5.10/kvm-vmx-disable-preemption-when-probing-user-return-msrs.patch b/queue-5.10/kvm-vmx-disable-preemption-when-probing-user-return-msrs.patch
new file mode 100644 (file)
index 0000000..da3feb1
--- /dev/null
@@ -0,0 +1,82 @@
+From 5104d7ffcf24749939bea7fdb5378d186473f890 Mon Sep 17 00:00:00 2001
+From: Sean Christopherson <seanjc@google.com>
+Date: Tue, 4 May 2021 10:17:24 -0700
+Subject: KVM: VMX: Disable preemption when probing user return MSRs
+
+From: Sean Christopherson <seanjc@google.com>
+
+commit 5104d7ffcf24749939bea7fdb5378d186473f890 upstream.
+
+Disable preemption when probing a user return MSR via RDSMR/WRMSR.  If
+the MSR holds a different value per logical CPU, the WRMSR could corrupt
+the host's value if KVM is preempted between the RDMSR and WRMSR, and
+then rescheduled on a different CPU.
+
+Opportunistically land the helper in common x86, SVM will use the helper
+in a future commit.
+
+Fixes: 4be534102624 ("KVM: VMX: Initialize vmx->guest_msrs[] right after allocation")
+Cc: stable@vger.kernel.org
+Cc: Xiaoyao Li <xiaoyao.li@intel.com>
+Signed-off-by: Sean Christopherson <seanjc@google.com>
+Message-Id: <20210504171734.1434054-6-seanjc@google.com>
+Reviewed-by: Jim Mattson <jmattson@google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/include/asm/kvm_host.h |    1 +
+ arch/x86/kvm/vmx/vmx.c          |    5 +----
+ arch/x86/kvm/x86.c              |   16 ++++++++++++++++
+ 3 files changed, 18 insertions(+), 4 deletions(-)
+
+--- a/arch/x86/include/asm/kvm_host.h
++++ b/arch/x86/include/asm/kvm_host.h
+@@ -1668,6 +1668,7 @@ int kvm_pv_send_ipi(struct kvm *kvm, uns
+                   unsigned long icr, int op_64_bit);
+ void kvm_define_user_return_msr(unsigned index, u32 msr);
++int kvm_probe_user_return_msr(u32 msr);
+ int kvm_set_user_return_msr(unsigned index, u64 val, u64 mask);
+ u64 kvm_scale_tsc(struct kvm_vcpu *vcpu, u64 tsc);
+--- a/arch/x86/kvm/vmx/vmx.c
++++ b/arch/x86/kvm/vmx/vmx.c
+@@ -6864,12 +6864,9 @@ static int vmx_create_vcpu(struct kvm_vc
+       for (i = 0; i < ARRAY_SIZE(vmx_uret_msrs_list); ++i) {
+               u32 index = vmx_uret_msrs_list[i];
+-              u32 data_low, data_high;
+               int j = vmx->nr_uret_msrs;
+-              if (rdmsr_safe(index, &data_low, &data_high) < 0)
+-                      continue;
+-              if (wrmsr_safe(index, data_low, data_high) < 0)
++              if (kvm_probe_user_return_msr(index))
+                       continue;
+               vmx->guest_uret_msrs[j].slot = i;
+--- a/arch/x86/kvm/x86.c
++++ b/arch/x86/kvm/x86.c
+@@ -322,6 +322,22 @@ static void kvm_on_user_return(struct us
+       }
+ }
++int kvm_probe_user_return_msr(u32 msr)
++{
++      u64 val;
++      int ret;
++
++      preempt_disable();
++      ret = rdmsrl_safe(msr, &val);
++      if (ret)
++              goto out;
++      ret = wrmsrl_safe(msr, val);
++out:
++      preempt_enable();
++      return ret;
++}
++EXPORT_SYMBOL_GPL(kvm_probe_user_return_msr);
++
+ void kvm_define_user_return_msr(unsigned slot, u32 msr)
+ {
+       BUG_ON(slot >= KVM_MAX_NR_USER_RETURN_MSRS);
diff --git a/queue-5.10/kvm-vmx-do-not-advertise-rdpid-if-enable_rdtscp-control-is-unsupported.patch b/queue-5.10/kvm-vmx-do-not-advertise-rdpid-if-enable_rdtscp-control-is-unsupported.patch
new file mode 100644 (file)
index 0000000..9168d56
--- /dev/null
@@ -0,0 +1,42 @@
+From 8aec21c04caa2000f91cf8822ae0811e4b0c3971 Mon Sep 17 00:00:00 2001
+From: Sean Christopherson <seanjc@google.com>
+Date: Tue, 4 May 2021 10:17:20 -0700
+Subject: KVM: VMX: Do not advertise RDPID if ENABLE_RDTSCP control is unsupported
+
+From: Sean Christopherson <seanjc@google.com>
+
+commit 8aec21c04caa2000f91cf8822ae0811e4b0c3971 upstream.
+
+Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is
+unsupported.  Despite being enumerated in a separate CPUID flag, RDPID is
+bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root
+if ENABLE_RDTSCP is not enabled.
+
+Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID")
+Cc: stable@vger.kernel.org
+Signed-off-by: Sean Christopherson <seanjc@google.com>
+Message-Id: <20210504171734.1434054-2-seanjc@google.com>
+Reviewed-by: Jim Mattson <jmattson@google.com>
+Reviewed-by: Reiji Watanabe <reijiw@google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kvm/vmx/vmx.c |    6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/kvm/vmx/vmx.c
++++ b/arch/x86/kvm/vmx/vmx.c
+@@ -7302,9 +7302,11 @@ static __init void vmx_set_cpu_caps(void
+       if (!cpu_has_vmx_xsaves())
+               kvm_cpu_cap_clear(X86_FEATURE_XSAVES);
+-      /* CPUID 0x80000001 */
+-      if (!cpu_has_vmx_rdtscp())
++      /* CPUID 0x80000001 and 0x7 (RDPID) */
++      if (!cpu_has_vmx_rdtscp()) {
+               kvm_cpu_cap_clear(X86_FEATURE_RDTSCP);
++              kvm_cpu_cap_clear(X86_FEATURE_RDPID);
++      }
+       if (cpu_has_vmx_waitpkg())
+               kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG);
index f3e6ad73341b392154a317d0cad6dd4f31ee46c4..7bbe75634e2d4bdcbd1f6c85ce40e6ac0a55181e 100644 (file)
@@ -256,3 +256,5 @@ xen-gntdev-fix-gntdev_mmap-error-exit-path.patch
 kvm-x86-emulate-rdpid-only-if-rdtscp-is-supported.patch
 kvm-x86-move-rdpid-emulation-intercept-to-its-own-enum.patch
 kvm-nvmx-always-make-an-attempt-to-map-evmcs-after-migration.patch
+kvm-vmx-do-not-advertise-rdpid-if-enable_rdtscp-control-is-unsupported.patch
+kvm-vmx-disable-preemption-when-probing-user-return-msrs.patch