Date: Thu, 8 Aug 2024 16:52:11 +0200 From: Janosch Frank To: pbonzini@redhat.com Cc: kvm@vger.kernel.org, frankja@linux.ibm.com, david@redhat.com, borntraeger@linux.ibm.com, cohuck@redhat.com, linux-s390@vger.kernel.org, imbrenda@linux.ibm.com Subject: [GIT PULL 0/2] KVM: s390: Fixes for 6.11 Paolo, two fixes for s390. Turning gisa off was making us write an uninitialized value into the SIE control block due to the V!=R changes. Errors when (un)sharing SE memory which were previously unchecked are now resulting in panics since there's nothing that the guest can do to fix the situation. Please pull. The following changes since commit de9c2c66ad8e787abec7c9d7eff4f8c3cdd28aed: Linux 6.11-rc2 (2024-08-04 13:50:53 -0700) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git tags/kvm-s390-master-6.11-1 for you to fetch changes up to cff59d8631e1409ffdd22d9d717e15810181b32c: s390/uv: Panic for set and remove shared access UVC errors (2024-08-07 11:04:43 +0000) ---------------------------------------------------------------- Fix invalid gisa designation value when gisa is not in use. Panic if (un)share fails to maintain security. ---------------------------------------------------------------- Claudio Imbrenda (1): s390/uv: Panic for set and remove shared access UVC errors Michael Mueller (1): KVM: s390: fix validity interception issue when gisa is switched off arch/s390/include/asm/uv.h | 5 ++++- arch/s390/kvm/kvm-s390.h | 7 ++++++- 2 files changed, 10 insertions(+), 2 deletions(-) -- 2.46.0 . Date: Fri, 9 Aug 2024 01:12:19 -0700 From: Oliver Upton To: Paolo Bonzini Cc: Marc Zyngier , Alexander Potapenko , Mark Brown , Fuad Tabba , Zenghui Yu , Takahiro Itazuri , Sebastian Ott , Danilo Krummrich , kvm@vger.kernel.org, kvmarm@lists.linux.dev Subject: [GIT PULL] KVM/arm64 fixes for 6.11, round #1 Hi Paolo, Decent bit of fixes this time around. The most noteworthy among these is probably Marc's vgic fix that closes a race which can precipitate a UAF, as seen w/ syskaller. Please pull. -- Thanks, Oliver The following changes since commit 8400291e289ee6b2bf9779ff1c83a291501f017b: Linux 6.11-rc1 (2024-07-28 14:19:55 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git tags/kvmarm-fixes-6.11-1 for you to fetch changes up to 9eb18136af9fe4dd688724070f2bfba271bd1542: KVM: arm64: vgic: Hold config_lock while tearing down a CPU interface (2024-08-08 16:58:22 +0000) ---------------------------------------------------------------- KVM/arm64 fixes for 6.11, round #1 - Use kvfree() for the kvmalloc'd nested MMUs array - Set of fixes to address warnings in W=1 builds - Make KVM depend on assembler support for ARMv8.4 - Fix for vgic-debug interface for VMs without LPIs - Actually check ID_AA64MMFR3_EL1.S1PIE in get-reg-list selftest - Minor code / comment cleanups for configuring PAuth traps - Take kvm->arch.config_lock to prevent destruction / initialization race for a vCPU's CPUIF which may lead to a UAF ---------------------------------------------------------------- Danilo Krummrich (1): KVM: arm64: free kvm->arch.nested_mmus with kvfree() Fuad Tabba (1): KVM: arm64: Tidying up PAuth code in KVM Marc Zyngier (2): KVM: arm64: Enforce dependency on an ARMv8.4-aware toolchain KVM: arm64: vgic: Hold config_lock while tearing down a CPU interface Mark Brown (1): KVM: selftests: arm64: Correct feature test for S1PIE in get-reg-list Sebastian Ott (3): KVM: arm64: fix override-init warnings in W=1 builds KVM: arm64: fix kdoc warnings in W=1 builds KVM: arm64: vgic: fix unexpected unlock sparse warnings Takahiro Itazuri (1): docs: KVM: Fix register ID of SPSR_FIQ Zenghui Yu (1): KVM: arm64: vgic-debug: Exit the iterator properly w/o LPI Documentation/virt/kvm/api.rst | 2 +- arch/arm64/include/asm/kvm_ptrauth.h | 2 +- arch/arm64/kvm/Kconfig | 1 + arch/arm64/kvm/Makefile | 3 +++ arch/arm64/kvm/arm.c | 15 +++++---------- arch/arm64/kvm/hyp/include/hyp/switch.h | 1 - arch/arm64/kvm/hyp/nvhe/Makefile | 2 ++ arch/arm64/kvm/hyp/nvhe/switch.c | 5 ++--- arch/arm64/kvm/hyp/vhe/Makefile | 2 ++ arch/arm64/kvm/nested.c | 2 +- arch/arm64/kvm/vgic/vgic-debug.c | 5 +++-- arch/arm64/kvm/vgic/vgic-init.c | 3 +-- arch/arm64/kvm/vgic/vgic-irqfd.c | 7 ++++--- arch/arm64/kvm/vgic/vgic-its.c | 18 +++++++++++------- arch/arm64/kvm/vgic/vgic-v3.c | 2 +- arch/arm64/kvm/vgic/vgic.c | 2 +- arch/arm64/kvm/vgic/vgic.h | 2 +- tools/testing/selftests/kvm/aarch64/get-reg-list.c | 4 ++-- 18 files changed, 42 insertions(+), 36 deletions(-) .