linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-22 18:41:06 +00:00

No description

Find a file

Sean Christopherson 2a117667f3 KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 commit `c7d855c2af` upstream. Inject a #UD if L1 attempts VMXON with a CR0 or CR4 that is disallowed per the associated nested VMX MSRs' fixed0/1 settings. KVM cannot rely on hardware to perform the checks, even for the few checks that have higher priority than VM-Exit, as (a) KVM may have forced CR0/CR4 bits in hardware while running the guest, (b) there may incompatible CR0/CR4 bits that have lower priority than VM-Exit, e.g. CR0.NE, and (c) userspace may have further restricted the allowed CR0/CR4 values by manipulating the guest's nested VMX MSRs. Note, despite a very strong desire to throw shade at Jim, commit `70f3aac964` ("kvm: nVMX: Remove superfluous VMX instruction fault checks") is not to blame for the buggy behavior (though the comment...). That commit only removed the CR0.PE, EFLAGS.VM, and COMPATIBILITY mode checks (though it did erroneously drop the CPL check, but that has already been remedied). KVM may force CR0.PE=1, but will do so only when also forcing EFLAGS.VM=1 to emulate Real Mode, i.e. hardware will still #UD. Link: https://bugzilla.kernel.org/show_bug.cgi?id=216033 Fixes: `ec378aeef9` ("KVM: nVMX: Implement VMXON and VMXOFF") Reported-by: Eric Li <ercli@ucdavis.edu> Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson <seanjc@google.com> Message-Id: <20220607213604.3346000-4-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2022-08-17 14:22:48 +02:00
arch	KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4	2022-08-17 14:22:48 +02:00
block	block: fix default IO priority handling again	2022-08-11 13:07:50 +02:00
certs	certs/blacklist_hashes.c: fix const confusion in certs blacklist	2022-06-22 14:22:01 +02:00
crypto	crypto: memneq - move into lib/	2022-06-22 14:22:03 +02:00
Documentation	x86/speculation: Add RSB VM Exit protections	2022-08-11 13:07:54 +02:00
drivers	HID: wacom: Don't register pad_input for touch switch	2022-08-17 14:22:47 +02:00
fs	lockd: detect and reject lock arguments that overflow	2022-08-17 14:22:47 +02:00
include	lockd: detect and reject lock arguments that overflow	2022-08-17 14:22:47 +02:00
init	Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug	2022-06-09 10:23:26 +02:00
ipc	ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()	2022-06-09 10:23:10 +02:00
kernel	locking/rwsem: Allow slowpath writer to ignore handoff bit if not set by first waiter	2022-08-03 12:03:56 +02:00
lib	ida: don't use BUG_ON() for debugging	2022-07-12 16:35:18 +02:00
LICENSES	LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes"	2021-07-15 06:31:24 -06:00
mm	page_alloc: fix invalid watermark check on a negative value	2022-08-03 12:03:55 +02:00
net	sctp: leave the err path free in sctp_stream_init to sctp_stream_free	2022-08-03 12:03:54 +02:00
samples	samples/landlock: Format with clang-format	2022-06-09 10:23:23 +02:00
scripts	x86/extable: Rework the exception table mechanics	2022-07-29 17:25:25 +02:00
security	lockdown: Fix kexec lockdown bypass with ima policy	2022-07-29 17:25:05 +02:00
sound	ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx	2022-08-17 14:22:46 +02:00
tools	x86/speculation: Add RSB VM Exit protections	2022-08-11 13:07:54 +02:00
usr	usr/include/Makefile: add linux/nfc.h to the compile-test coverage	2022-02-01 17:27:15 +01:00
virt	KVM: Don't null dereference ops->destroy	2022-07-29 17:25:24 +02:00
.clang-format	clang-format: Update with the latest for_each macro list	2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore	Opt out of scripts/get_maintainer.pl	2019-05-16 10:53:40 -07:00
.gitattributes	.gitattributes: use 'dts' diff driver for dts files	2019-12-04 19:44:11 -08:00
.gitignore	.gitignore: ignore only top-level modules.builtin	2021-05-02 00:43:35 +09:00
.mailmap	mailmap: add Andrej Shadura	2021-10-18 20:22:03 -10:00
COPYING	COPYING: state that all contributions really are covered by this file	2020-02-10 13:32:20 -08:00
CREDITS	MAINTAINERS: Move Daniel Drake to credits	2021-09-21 08:34:58 +03:00
Kbuild	kbuild: rename hostprogs-y/always to hostprogs/always-y	2020-02-04 01:53:07 +09:00
Kconfig	kbuild: ensure full rebuild when the compiler is updated	2020-05-12 13:28:33 +09:00
MAINTAINERS	Input: goodix - add a goodix.h header file	2022-07-12 16:34:51 +02:00
Makefile	Makefile: link with -z noexecstack --no-warn-rwx-segments	2022-08-17 14:22:44 +02:00
README	Drop all 00-INDEX files from Documentation/	2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.