mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 07:04:24 +00:00
Code Issues Releases Wiki Activity
No description
1093232 commits 105 branches 5103 tags 5.6 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Sean Christopherson 32298c99a5 KVM: nVMX: Account for KVM reserved CR4 bits in consistency checks 
commit ca58f3aa53 upstream.

Check that the guest (L2) and host (L1) CR4 values that would be loaded
by nested VM-Enter and VM-Exit respectively are valid with respect to
KVM's (L0 host) allowed CR4 bits.  Failure to check KVM reserved bits
would allow L1 to load an illegal CR4 (or trigger hardware VM-Fail or
failed VM-Entry) by massaging guest CPUID to allow features that are not
supported by KVM.  Amusingly, KVM itself is an accomplice in its doom, as
KVM adjusts L1's MSR_IA32_VMX_CR4_FIXED1 to allow L1 to enable bits for
L2 based on L1's CPUID model.

Note, although nested_{guest,host}_cr4_valid() are _currently_ used if
and only if the vCPU is post-VMXON (nested.vmxon == true), that may not
be true in the future, e.g. emulating VMXON has a bug where it doesn't
check the allowed/required CR0/CR4 bits.

Cc: stable@vger.kernel.org
Fixes: 3899152ccb ("KVM: nVMX: fix checks on CR{0,4} during virtual VMX operation")
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220607213604.3346000-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-08-17 14:40:06 +02:00
arch KVM: nVMX: Account for KVM reserved CR4 bits in consistency checks 2022-08-17 14:40:06 +02:00
block block: fix default IO priority handling again 2022-08-11 13:20:39 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:28:03 +02:00
crypto crypto: memneq - move into lib/ 2022-06-22 14:28:06 +02:00
Documentation x86/speculation: Add RSB VM Exit protections 2022-08-11 13:20:44 +02:00
drivers HID: wacom: Don't register pad_input for touch switch 2022-08-17 14:40:04 +02:00
fs lockd: detect and reject lock arguments that overflow 2022-08-17 14:40:04 +02:00
include KVM: Fully serialize gfn=>pfn cache refresh via mutex 2022-08-17 14:40:05 +02:00
init gcc-12: disable '-Warray-bounds' universally for now 2022-06-22 14:27:55 +02:00
ipc ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() 2022-06-09 10:30:30 +02:00
kernel entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set 2022-08-11 13:20:41 +02:00
lib ida: don't use BUG_ON() for debugging 2022-07-12 16:42:25 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm page_alloc: fix invalid watermark check on a negative value 2022-08-03 12:05:28 +02:00
net tcp: Fix data-races around sysctl_tcp_workaround_signed_windows. 2022-08-03 12:05:29 +02:00
samples samples/landlock: Format with clang-format 2022-06-09 10:30:46 +02:00
scripts x86/retbleed: Add fine grained Kconfig knobs 2022-07-23 12:56:56 +02:00
security lockdown: Fix kexec lockdown bypass with ima policy 2022-07-29 17:27:55 +02:00
sound ASoC: amd: yc: Update DMI table entries 2022-08-17 14:40:03 +02:00
tools x86/speculation: Add RSB VM Exit protections 2022-08-11 13:20:44 +02:00
usr Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
virt KVM: Do not incorporate page offset into gfn=>pfn cache user address 2022-08-17 14:40:06 +02:00
.clang-format genirq/msi: Make interrupt allocation less convoluted 2021-12-16 22:22:20 +01:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap hotfixes for 5.18-rc7 2022-05-13 10:22:37 -07:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: replace a Microchip AT91 maintainer 2022-02-09 11:30:01 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: Remove iommu@lists.linux-foundation.org 2022-07-12 16:42:15 +02:00
Makefile Makefile: link with -z noexecstack --no-warn-rwx-segments 2022-08-17 14:40:01 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.