Commit 22b2ca02 authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

Merge tag 'kvm-x86-fixes-6.17-rc7' of https://github.com/kvm-x86/linux into HEAD 

KVM x86 fixes and a selftest fix for 6.17-rcN

 - Use array_index_nospec() to sanitize the target vCPU ID when handling PV
   IPIs and yields as the ID is guest-controlled.

 - Drop a superfluous cpumask_empty() check when reclaiming SEV memory, as
   the common case, by far, is that at least one CPU will have entered the
   VM, and wbnoinvd_on_cpus_mask() will naturally handle the rare case where
   the set of have_run_cpus is empty.

 - Rename the is_signed_type() macro in kselftest_harness.h to is_signed_var()
   to fix a collision with linux/overflow.h.  The collision generates compiler
   warnings due to the two macros having different implementations.
parents 1b237f19 dce1b33e

arch/x86/kvm/lapic.c

+2 −0
Original line number Diff line number Diff line
@@ -810,6 +810,8 @@ static int __pv_send_ipi(unsigned long *ipi_bitmap, struct kvm_apic_map *map, 
	if (min > map->max_apic_id)

		return 0;



	min = array_index_nospec(min, map->max_apic_id + 1);



	for_each_set_bit(i, ipi_bitmap,

		min((u32)BITS_PER_LONG, (map->max_apic_id - min + 1))) {

		if (map->phys_map[min + i]) {

arch/x86/kvm/svm/sev.c

+3 −7
Original line number Diff line number Diff line
@@ -718,13 +718,6 @@ static void sev_clflush_pages(struct page *pages[], unsigned long npages) 


static void sev_writeback_caches(struct kvm *kvm)

{

	/*

	 * Note, the caller is responsible for ensuring correctness if the mask

	 * can be modified, e.g. if a CPU could be doing VMRUN.

	 */

	if (cpumask_empty(to_kvm_sev_info(kvm)->have_run_cpus))

		return;



	/*

	 * Ensure that all dirty guest tagged cache entries are written back

	 * before releasing the pages back to the system for use.  CLFLUSH will
@@ -739,6 +732,9 @@ static void sev_writeback_caches(struct kvm *kvm) 
	 * serializing multiple calls and having responding CPUs (to the IPI)

	 * mark themselves as still running if they are running (or about to

	 * run) a vCPU for the VM.

	 *

	 * Note, the caller is responsible for ensuring correctness if the mask

	 * can be modified, e.g. if a CPU could be doing VMRUN.

	 */

	wbnoinvd_on_cpus_mask(to_kvm_sev_info(kvm)->have_run_cpus);

}

arch/x86/kvm/x86.c

+5 −2
Original line number Diff line number Diff line
@@ -9908,8 +9908,11 @@ static void kvm_sched_yield(struct kvm_vcpu *vcpu, unsigned long dest_id) 
	rcu_read_lock();

	map = rcu_dereference(vcpu->kvm->arch.apic_map);



	if (likely(map) && dest_id <= map->max_apic_id && map->phys_map[dest_id])

	if (likely(map) && dest_id <= map->max_apic_id) {

		dest_id = array_index_nospec(dest_id, map->max_apic_id + 1);

		if (map->phys_map[dest_id])

			target = map->phys_map[dest_id]->vcpu;

	}



	rcu_read_unlock();

tools/testing/selftests/kselftest_harness.h

+2 −2
Original line number Diff line number Diff line
@@ -751,7 +751,7 @@ 
	for (; _metadata->trigger; _metadata->trigger = \

			__bail(_assert, _metadata))



#define is_signed_type(var)       (!!(((__typeof__(var))(-1)) < (__typeof__(var))1))

#define is_signed_var(var)	(!!(((__typeof__(var))(-1)) < (__typeof__(var))1))



#define __EXPECT(_expected, _expected_str, _seen, _seen_str, _t, _assert) do { \

	/* Avoid multiple evaluation of the cases */ \
@@ -759,7 +759,7 @@ 
	__typeof__(_seen) __seen = (_seen); \

	if (!(__exp _t __seen)) { \

		/* Report with actual signedness to avoid weird output. */ \

		switch (is_signed_type(__exp) * 2 + is_signed_type(__seen)) { \

		switch (is_signed_var(__exp) * 2 + is_signed_var(__seen)) { \

		case 0: { \

			uintmax_t __exp_print = (uintmax_t)__exp; \

			uintmax_t __seen_print = (uintmax_t)__seen; \