github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-10 15:42:19 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
01f217fa8a
linux/include
History
Paolo Bonzini 92cdeac6a4 KVM SVM changes for 7.1 
- Fix and optimize IRQ window inhibit handling for AVIC (the tracking needs to
    be per-vCPU, e.g. so that KVM doesn't prematurely re-enable AVIC if multiple
    vCPUs have to-be-injected IRQs).
 
  - Fix an undefined behavior warning where a crafty userspace can read the
    "avic" module param before it's fully initialized.
 
  - Fix a (likely benign) bug in the "OS-visible workarounds" handling, where
    KVM could clobber state when enabling virtualization on multiple CPUs in
    parallel, and clean up and optimize the code.
 
  - Drop a WARN in KVM_MEMORY_ENCRYPT_REG_REGION where KVM complains about a
    "too large" size based purely on user input, and clean up and harden the
    related pinning code.
 
  - Disallow synchronizing a VMSA of an already-launched/encrypted vCPU, as
    doing so for an SNP guest will trigger an RMP violation #PF and crash the
    host.
 
  - Protect all of sev_mem_enc_register_region() with kvm->lock to ensure
    sev_guest() is stable for the entire of the function.
 
  - Lock all vCPUs when synchronizing VMSAs for SNP guests to ensure the VMSA
    page isn't actively being used.
 
  - Overhaul KVM's APIs for detecting SEV+ guests so that VM-scoped queries are
    required to hold kvm->lock (KVM has had multiple bugs due "is SEV?" checks
    becoming stale), enforced by lockdep.  Add and use vCPU-scoped APIs when
    possible/appropriate, as all checks that originate from a vCPU are
    guaranteed to be stable.
 
  - Convert a pile of kvm->lock SEV code to guard().
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEKTobbabEP7vbhhN9OlYIJqCjN/0FAmnZK4wACgkQOlYIJqCj
 N/2uOQ/+LzGQD7myCn47rUhiMo/aY3qjrS+u6PSuFeEMFyaATiWpf/s50hIMHh+/
 VCRAptKgL0PBV/RbOqhZdx4Zn/Yb/NNBwraqc7xQgMOlQwFedOetuFtRveJ4z6Af
 8ycwMxYYtz6SbaT+R3AdK51Nb8S2ZRpd082CiaLgChVcdodkeFtS5KVBqrlBGB21
 EKFbW+QXMHrpmGbgZ8YWMrL5UCSmJFG8ZztcncNfsLS6WxbUjdo/MEiLEDIsrXZd
 oGViwmnY7hcJ5ClcF8UMPtXHHP1+EOk6BKAsmYguG3qUxbX+EEbymb8o16k+h6iw
 ybUZWF7cq44Pl1FModTFAB5LQPg6z6XNhjZ8L+0kjAI05lvszf3QDtezQ+BF24tW
 S18x6yCIpdEJ3VxM4r5Yqf10CRbxMtHKU6EUjL7C4KNNYOz2sX+Tqgi/uHtbgzUJ
 zPG9faY5M3hMjfj5tOCpy/fAEF3fD1mg4GE8pfXZa8d/ppqI4hU0ASpFzw/d4LnH
 PJSaeJhmmEIdRj+RtIGIRSZ9flHM61/+clKngaoR+c/mPQPnDbapivl2kgKWbVJ4
 47c44pYQLTWI01nuwcEILCEj8D1mABJygPjNoO79b2mitmYazMnO42mV3lI5oP0c
 QyzX7sSed6ImIRn8xadfE+tIz3ji9r/ak+ekZvdNiqiNEoi2YG8=
 =AjgE
 -----END PGP SIGNATURE-----

Merge tag 'kvm-x86-svm-7.1' of https://github.com/kvm-x86/linux into HEAD

KVM SVM changes for 7.1

 - Fix and optimize IRQ window inhibit handling for AVIC (the tracking needs to
   be per-vCPU, e.g. so that KVM doesn't prematurely re-enable AVIC if multiple
   vCPUs have to-be-injected IRQs).

 - Fix an undefined behavior warning where a crafty userspace can read the
   "avic" module param before it's fully initialized.

 - Fix a (likely benign) bug in the "OS-visible workarounds" handling, where
   KVM could clobber state when enabling virtualization on multiple CPUs in
   parallel, and clean up and optimize the code.

 - Drop a WARN in KVM_MEMORY_ENCRYPT_REG_REGION where KVM complains about a
   "too large" size based purely on user input, and clean up and harden the
   related pinning code.

 - Disallow synchronizing a VMSA of an already-launched/encrypted vCPU, as
   doing so for an SNP guest will trigger an RMP violation #PF and crash the
   host.

 - Protect all of sev_mem_enc_register_region() with kvm->lock to ensure
   sev_guest() is stable for the entire of the function.

 - Lock all vCPUs when synchronizing VMSAs for SNP guests to ensure the VMSA
   page isn't actively being used.

 - Overhaul KVM's APIs for detecting SEV+ guests so that VM-scoped queries are
   required to hold kvm->lock (KVM has had multiple bugs due "is SEV?" checks
   becoming stale), enforced by lockdep.  Add and use vCPU-scoped APIs when
   possible/appropriate, as all checks that originate from a vCPU are
   guaranteed to be stable.

 - Convert a pile of kvm->lock SEV code to guard().
2026-04-13 19:00:43 +02:00
..
acpi
asm-generic
clocksource
crypto crypto: algif_aead - Revert to operating out-of-place 2026-03-31 17:11:47 +09:00
cxl
drm drm/dp: Add definition for Panel Replay full-line granularity 2026-03-04 15:26:08 +02:00
dt-bindings reset: spacemit: k3: Decouple composite reset lines 2026-03-23 12:25:47 +01:00
hyperv mshv: Fix infinite fault loop on permission-denied GPA intercepts 2026-04-04 05:25:53 +00:00
keys
kunit
kvm KVM: arm64: Kill arch_timer_context::direct field 2026-04-01 15:42:26 +01:00
linux KVM SVM changes for 7.1 2026-04-13 19:00:43 +02:00
math-emu
media
memory
misc
net vfs-7.0-rc8.fixes 2026-04-10 08:40:49 -07:00
pcmcia
ras
rdma
rv
scsi
soc
sound ASoC: SDCA: Unregister IRQ handlers on module remove 2026-04-08 16:55:30 +01:00
target
trace KVM/arm64 updates for 7.1 2026-04-13 11:49:54 +02:00
uapi KVM/arm64 updates for 7.1 2026-04-13 11:49:54 +02:00
ufs
vdso
video
xen xen/xenbus: better handle backend crash 2026-03-04 15:31:40 +01:00
Kbuild