git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Yosry Ahmed <yosry@kernel.org>
	Tue, 3 Mar 2026 00:34:17 +0000 (00:34 +0000)
committer	Sean Christopherson <seanjc@google.com>
	Thu, 5 Mar 2026 00:09:07 +0000 (16:09 -0800)
commit	30a1d2fa819039e06bc6242669f6fd45df039a41
tree	2a706aac5b4d1ce00b3b12f541894a01cc5bc8e5	tree \| snapshot
parent	a2b858051cf03d4f0abca014cddd424675be5316	commit \| diff

KVM: nSVM: Sanitize TLB_CONTROL field when copying from vmcb12

The APM defines possible values for TLB_CONTROL as 0, 1, 3, and 7 -- all
of which are always allowed for KVM guests as KVM always supports
X86_FEATURE_FLUSHBYASID. Only copy bits 0 to 2 from vmcb12's
TLB_CONTROL, such that no unhandled or reserved bits end up in vmcb02.

Note that TLB_CONTROL in vmcb12 is currently ignored by KVM, as it nukes
the TLB on nested transitions anyway (see
nested_svm_transition_tlb_flush()). However, such sanitization will be
needed once the TODOs there are addressed, and it's minimal churn to add
it now.

Signed-off-by: Yosry Ahmed <yosry@kernel.org>
Link: https://patch.msgid.link/20260303003421.2185681-24-yosry@kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>

arch/x86/include/asm/svm.h		diff \| blob \| blame \| history
arch/x86/kvm/svm/nested.c		diff \| blob \| blame \| history