github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-06 21:45:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
Linux kernel source tree
984,741 Commits 1 Branch 933 Tags 20 GiB
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%
a7d0b21c6b
Go to file
Sean Christopherson a7d0b21c6b KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 
[ Upstream commit c7d855c2af ]

Inject a #UD if L1 attempts VMXON with a CR0 or CR4 that is disallowed
per the associated nested VMX MSRs' fixed0/1 settings.  KVM cannot rely
on hardware to perform the checks, even for the few checks that have
higher priority than VM-Exit, as (a) KVM may have forced CR0/CR4 bits in
hardware while running the guest, (b) there may incompatible CR0/CR4 bits
that have lower priority than VM-Exit, e.g. CR0.NE, and (c) userspace may
have further restricted the allowed CR0/CR4 values by manipulating the
guest's nested VMX MSRs.

Note, despite a very strong desire to throw shade at Jim, commit
70f3aac964 ("kvm: nVMX: Remove superfluous VMX instruction fault checks")
is not to blame for the buggy behavior (though the comment...).  That
commit only removed the CR0.PE, EFLAGS.VM, and COMPATIBILITY mode checks
(though it did erroneously drop the CPL check, but that has already been
remedied).  KVM may force CR0.PE=1, but will do so only when also
forcing EFLAGS.VM=1 to emulate Real Mode, i.e. hardware will still #UD.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=216033
Fixes: ec378aeef9 ("KVM: nVMX: Implement VMXON and VMXOFF")
Reported-by: Eric Li <ercli@ucdavis.edu>
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220607213604.3346000-4-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-08-21 15:16:21 +02:00
arch KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 2022-08-21 15:16:21 +02:00
block block: remove the request_queue to argument request based tracepoints 2022-08-21 15:15:36 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:13:17 +02:00
crypto crypto: memneq - move into lib/ 2022-06-22 14:13:18 +02:00
Documentation x86/bugs: Enable STIBP for IBPB mitigated RETBleed 2022-08-21 15:16:14 +02:00
drivers ACPI: CPPC: Do not prevent CPPC from working in the future 2022-08-21 15:16:20 +02:00
fs btrfs: reset block group chunk force if we have to wait 2022-08-21 15:16:20 +02:00
include ACPI: CPPC: Do not prevent CPPC from working in the future 2022-08-21 15:16:20 +02:00
init Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug 2022-06-09 10:21:25 +02:00
ipc ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() 2022-06-09 10:21:17 +02:00
kernel timekeeping: contribute wall clock to rng on time change 2022-08-21 15:16:20 +02:00
lib lib/smp_processor_id: fix imbalanced instrumentation_end() call 2022-08-21 15:16:08 +02:00
LICENSES LICENSES/deprecated: add Zlib license text 2020-09-16 14:33:49 +02:00
mm mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region 2022-08-21 15:16:02 +02:00
net dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock 2022-08-21 15:15:52 +02:00
samples x86: Prepare inline-asm for straight-line-speculation 2022-07-25 11:26:29 +02:00
scripts scripts/faddr2line: Fix vmlinux detection on arm64 2022-08-21 15:16:12 +02:00
security selinux: Add boundary check in put_entry() 2022-08-21 15:15:31 +02:00
sound ASoC: mchp-spdifrx: disable end of block interrupt on failures 2022-08-21 15:16:10 +02:00
tools tools/thermal: Fix possible path truncations 2022-08-21 15:16:12 +02:00
usr usr/include/Makefile: add linux/nfc.h to the compile-test coverage 2022-02-01 17:25:48 +01:00
virt KVM: Don't set Accessed/Dirty bits for ZERO_PAGE 2022-08-21 15:15:54 +02:00
.clang-format RDMA 5.10 pull request 2020-10-17 11:18:18 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: generate Module.symvers only when vmlinux exists 2021-05-19 10:12:59 +02:00
.mailmap mailmap: add two more addresses of Uwe Kleine-König 2020-12-06 10:19:07 -08:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Jason Cooper to CREDITS 2020-11-30 10:20:34 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: add Amir as xfs maintainer for 5.10.y 2022-07-02 16:39:22 +02:00
Makefile Makefile: link with -z noexecstack --no-warn-rwx-segments 2022-08-21 15:15:18 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.