From: Paolo Bonzini <pbonzini@redhat.com>
To: torvalds@linux-foundation.org
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Subject: [GIT PULL] Final set of KVM fixes for Linux 6.8
Date: Sun, 10 Mar 2024 10:35:56 +0100 [thread overview]
Message-ID: <20240310093556.653127-1-pbonzini@redhat.com> (raw)
Linus,
The following changes since commit c48617fbbe831d4c80fe84056033f17b70a31136:
Merge tag 'kvmarm-fixes-6.8-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD (2024-02-21 05:18:56 -0500)
are available in the Git repository at:
https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus
for you to fetch changes up to 5abf6dceb066f2b02b225fd561440c98a8062681:
SEV: disable SEV-ES DebugSwap by default (2024-03-09 11:42:25 -0500)
Sorry that this comes in a bit late.
It's a bunch of fixes mostly involving confidential VMs; in particular,
many of the commits constrain the new guest_memfd API a bit more, so
that we're not stuck supporting more than it's necessary. However,
there's also a rare failure to mark a guest page as dirty and a fix
for awful startup performance with preemptible kernels (including
CONFIG_PREEMPT_DYNAMIC in non-preemptible mode) of guests with many vCPUs.
----------------------------------------------------------------
KVM GUEST_MEMFD fixes for 6.8:
- Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY to
avoid creating an inconsistent ABI (KVM_MEM_GUEST_MEMFD is not writable
from userspace, so there would be no way to write to a read-only
guest_memfd).
- Update documentation for KVM_SW_PROTECTED_VM to make it abundantly
clear that such VMs are purely for development and testing.
- Limit KVM_SW_PROTECTED_VM guests to the TDP MMU, as the long term plan
is to support confidential VMs with deterministic private memory (SNP
and TDX) only in the TDP MMU.
- Fix a bug in a GUEST_MEMFD dirty logging test that caused false passes.
x86 fixes:
- Fix missing marking of a guest page as dirty when emulating an atomic access.
- Check for mmu_notifier invalidation events before faulting in the pfn,
and before acquiring mmu_lock, to avoid unnecessary work and lock
contention with preemptible kernels (including CONFIG_PREEMPT_DYNAMIC
in non-preemptible mode).
- Disable AMD DebugSwap by default, it breaks VMSA signing and will be
re-enabled with a better VM creation API in 6.10.
- Do the cache flush of converted pages in svm_register_enc_region() before
dropping kvm->lock, to avoid a race with unregistering of the same region
and the consequent use-after-free issue.
----------------------------------------------------------------
Paolo Bonzini (3):
Merge tag 'kvm-x86-fixes-6.8-2' of https://github.com/kvm-x86/linux into HEAD
Merge tag 'kvm-x86-guest_memfd_fixes-6.8' of https://github.com/kvm-x86/linux into HEAD
SEV: disable SEV-ES DebugSwap by default
Sean Christopherson (8):
KVM: x86: Mark target gfn of emulated atomic instruction as dirty
KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY
KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP
KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU
KVM: selftests: Create GUEST_MEMFD for relevant invalid flags testcases
KVM: selftests: Add a testcase to verify GUEST_MEMFD and READONLY are exclusive
KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region()
KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing
Documentation/virt/kvm/api.rst | 5 +++
arch/x86/kvm/Kconfig | 7 ++--
arch/x86/kvm/mmu/mmu.c | 42 ++++++++++++++++++++++
arch/x86/kvm/svm/sev.c | 25 +++++++------
arch/x86/kvm/x86.c | 12 ++++++-
include/linux/kvm_host.h | 26 ++++++++++++++
.../testing/selftests/kvm/set_memory_region_test.c | 12 ++++++-
virt/kvm/kvm_main.c | 8 ++++-
8 files changed, 121 insertions(+), 16 deletions(-)
next reply other threads:[~2024-03-10 9:36 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-10 9:35 Paolo Bonzini [this message]
2024-03-10 16:33 ` [GIT PULL] Final set of KVM fixes for Linux 6.8 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240310093556.653127-1-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.