From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Ben Hutchings <ben@decadent.org.uk>
Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
akpm@linux-foundation.org, Denis Kirjanov <kda@linux-powerpc.org>,
Nadav Amit <nadav.amit@gmail.com>,
Doug Reiland <doug.reiland@intel.com>,
Paolo Bonzini <pbonzini@redhat.com>, Peter Xu <peterx@redhat.com>
Subject: Re: [PATCH 3.16 31/72] KVM: x86: Manually calculate reserved bits when loading PDPTRS
Date: Mon, 9 Dec 2019 07:49:13 -0800 [thread overview]
Message-ID: <20191209154913.GB4042@linux.intel.com> (raw)
In-Reply-To: <lsq.1575813165.887619822@decadent.org.uk>
On Sun, Dec 08, 2019 at 01:53:15PM +0000, Ben Hutchings wrote:
> 3.16.79-rc1 review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Sean Christopherson <sean.j.christopherson@intel.com>
>
> commit 16cfacc8085782dab8e365979356ce1ca87fd6cc upstream.
You'll also want to pull in two PAE related fixes (in this order):
d35b34a9a70e ("kvm: mmu: Don't read PDPTEs when paging is not enabled")
bf03d4f93347 ("KVM: x86: introduce is_pae_paging")
The "introduce is_pae_paging" has an undocumented bug fix. IIRC it
manifests as an unexpected #GP on MOV CR3 in 64-bit mode. Here's the blurb
I added to the backports for 4.x.
Moving to the common helper also fixes a subtle bug in kvm_set_cr3()
where it fails to check is_long_mode() and results in KVM incorrectly
attempting to load PDPTRs for a 64-bit guest.
next prev parent reply other threads:[~2019-12-09 15:49 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-08 13:52 [PATCH 3.16 00/72] 3.16.79-rc1 review Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 01/72] ASoC: Define a set of DAPM pre/post-up events Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 02/72] ASoC: sgtl5000: fix VAG power up timing Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 03/72] ASoC: sgtl5000: Improve VAG power and mute control Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 04/72] leds: leds-lp5562 allow firmware files up to the maximum length Ben Hutchings
2019-12-14 8:37 ` Pavel Machek
2019-12-14 18:44 ` Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 05/72] media: dib0700: fix link error for dibx000_i2c_set_speed Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 06/72] fbdev: ssd1307fb: return proper error code if write command fails Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 07/72] video: ssd1307fb: Start page range at page_offset Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 08/72] libertas_tf: Use correct channel range in lbtf_geo_init Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 09/72] x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 10/72] video: of: display_timing: Add of_node_put() in of_get_display_timing() Ben Hutchings
2019-12-09 21:19 ` Doug Anderson
2019-12-10 13:27 ` Thierry Reding
2019-12-10 15:52 ` Ben Hutchings
2019-12-10 15:31 ` Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 11/72] ALSA: aoa: onyx: always initialize register read value Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 12/72] efi: cper: print AER info of PCIe fatal error Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 13/72] ext4: set error return correctly when ext4_htree_store_dirent fails Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 14/72] ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up Ben Hutchings
2019-12-08 13:52 ` [PATCH 3.16 15/72] media: tm6000: double free if usb disconnect while streaming Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 16/72] powerpc/rtas: use device model APIs and serialization during LPM Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 17/72] can: mcp251x: mcp251x_hw_reset(): allow more time after a reset Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 18/72] HID: hidraw: Fix invalid read in hidraw_ioctl Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 19/72] ext4: fix warning inside ext4_convert_unwritten_extents_endio Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 20/72] media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 21/72] mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 22/72] /dev/mem: Bail out upon SIGKILL Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 23/72] USB: usbcore: Fix slab-out-of-bounds bug during device reset Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 24/72] Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 25/72] smack: use GFP_NOFS while holding inode_smack::smk_lock Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 26/72] HID: prodikeys: Fix general protection fault during probe Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 27/72] parisc: Disable HP HSC-PCI Cards to prevent kernel crash Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 28/72] Btrfs: fix use-after-free when using the tree modification log Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 29/72] btrfs: Relinquish CPUs in btrfs_compare_trees Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 30/72] KVM: mmio: cleanup kvm_set_mmio_spte_mask Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 31/72] KVM: x86: Manually calculate reserved bits when loading PDPTRS Ben Hutchings
2019-12-09 15:49 ` Sean Christopherson [this message]
2019-12-10 16:16 ` Ben Hutchings
2019-12-10 16:27 ` Sean Christopherson
2019-12-08 13:53 ` [PATCH 3.16 32/72] cfg80211: Purge frame registrations on iftype change Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 33/72] configfs: fix a deadlock in configfs_symlink() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 34/72] powerpc/pseries: correctly track irq state in default idle Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 35/72] hypfs: Fix error number left in struct pointer member Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 36/72] hwrng: core - don't wait on add_early_randomness() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 37/72] ALSA: hda - Add laptop imic fixup for ASUS M9V laptop Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 38/72] sch_netem: fix a divide by zero in tabledist() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 39/72] net/phy: fix DP83865 10 Mbps HDX loopback disable function Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 40/72] s390/topology: avoid firing events before kobjs are created Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 41/72] s390/cio: avoid calling strlen on null pointer Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 42/72] s390/cio: exclude subchannels with no parent from pseudo check Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 43/72] thermal: Fix use-after-free when unregistering thermal zone device Ben Hutchings
2019-12-08 16:22 ` Ido Schimmel
2019-12-08 18:09 ` Ben Hutchings
2019-12-09 1:40 ` Zhang Rui
2019-12-08 13:53 ` [PATCH 3.16 44/72] CIFS: fix max ea value size Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 45/72] fuse: fix missing unlock_page in fuse_writepage() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 46/72] CIFS: Fix oplock handling for SMB 2.1+ protocols Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 47/72] i2c: riic: Clear NACK in tend isr Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 48/72] ANDROID: binder: remove waitqueue when thread exits Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 49/72] media: b2c2-flexcop-usb: add sanity checking Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 50/72] cfg80211: add and use strongly typed element iteration macros Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 51/72] nl80211: validate beacon head Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 52/72] wimax: i2400: fix memory leak Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 53/72] wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 54/72] can: gs_usb: gs_can_open(): prevent memory leak Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 55/72] mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 56/72] mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 57/72] crypto: user - Fix crypto_alg_match race Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 58/72] crypto: user - fix memory leak in crypto_report Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 59/72] scsi: bfa: release allocated memory in case of error Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 60/72] appletalk: Fix potential NULL pointer dereference in unregister_snap_client Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 61/72] appletalk: Set error code if register_snap_client failed Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 62/72] KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 63/72] USB: adutux: remove redundant variable minor Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 64/72] USB: adutux: fix use-after-free on disconnect Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 65/72] Input: ff-memless - kill timer in destroy() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 66/72] HID: hiddev: do cleanup in failure of opening a device Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 67/72] HID: hiddev: avoid opening a disconnected device Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 68/72] usb: iowarrior: fix deadlock on disconnect Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 69/72] USB: iowarrior: fix use-after-free " Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 70/72] HID: Fix assumption that devices have inputs Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 71/72] media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() Ben Hutchings
2019-12-08 13:53 ` [PATCH 3.16 72/72] can: peak_usb: fix slab info leak Ben Hutchings
2019-12-08 14:49 ` [PATCH 3.16 00/72] 3.16.79-rc1 review Guenter Roeck
2019-12-08 15:09 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191209154913.GB4042@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=akpm@linux-foundation.org \
--cc=ben@decadent.org.uk \
--cc=doug.reiland@intel.com \
--cc=kda@linux-powerpc.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nadav.amit@gmail.com \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).