Linus, The following changes since commit 6d3085e4d89ad7e6c7f1c6cf929d903393565861: KVM: x86/mmu: Block all page faults during kvm_zap_gfn_range() (2022-11-11 07:19:46 -0500) are available in the Git repository at: https://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus for you to fetch changes up to fe08e36be9ecbf6b38714a77c97b1d25b7a6e4b0: Merge branch 'kvm-dwmw2-fixes' into HEAD (2022-11-23 18:59:45 -0500) ---------------------------------------------------------------- x86: * Fixes for Xen emulation. While nobody should be enabling it in the kernel (the only public users of the feature are the selftests), the bug effectively allows userspace to read arbitrary memory. * Correctness fixes for nested hypervisors that do not intercept INIT or SHUTDOWN on AMD; the subsequent CPU reset can cause a use-after-free when it disables virtualization extensions. While downgrading the panic to a WARN is quite easy, the full fix is a bit more laborious; there are also tests. This is the bulk of the pull request. * Fix race condition due to incorrect mmu_lock use around make_mmu_pages_available(). Generic: * Obey changes to the kvm.halt_poll_ns module parameter in VMs not using KVM_CAP_HALT_POLL, restoring behavior from before the introduction of the capability ---------------------------------------------------------------- David Matlack (3): KVM: Cap vcpu->halt_poll_ns before halting rather than after KVM: Avoid re-reading kvm->max_halt_poll_ns during halt-polling KVM: Obey kvm.halt_poll_ns in VMs not using KVM_CAP_HALT_POLL David Woodhouse (3): KVM: x86/xen: Validate port number in SCHEDOP_poll KVM: x86/xen: Only do in-kernel acceleration of hypercalls for guest CPL0 KVM: Update gfn_to_pfn_cache khva when it moves within the same page Kazuki Takiguchi (1): KVM: x86/mmu: Fix race condition in direct_page_fault Maxim Levitsky (9): KVM: x86: nSVM: leave nested mode on vCPU free KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use KVM: x86: add kvm_leave_nested KVM: x86: forcibly leave nested mode on vCPU reset KVM: selftests: move idt_entry to header kvm: selftests: add svm nested shutdown test KVM: x86: allow L1 to not intercept triple fault KVM: selftests: add svm part to triple_fault_test KVM: x86: remove exit_int_info warning in svm_handle_exit Paolo Bonzini (2): Merge branch 'kvm-svm-harden' into HEAD Merge branch 'kvm-dwmw2-fixes' into HEAD arch/x86/kvm/mmu/mmu.c | 13 ++-- arch/x86/kvm/svm/nested.c | 12 +++- arch/x86/kvm/svm/svm.c | 16 +---- arch/x86/kvm/vmx/nested.c | 4 +- arch/x86/kvm/x86.c | 29 +++++++-- arch/x86/kvm/xen.c | 32 +++++++--- include/linux/kvm_host.h | 1 + tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/x86_64/processor.h | 13 ++++ tools/testing/selftests/kvm/lib/x86_64/processor.c | 13 ---- .../kvm/x86_64/svm_nested_shutdown_test.c | 67 ++++++++++++++++++++ .../selftests/kvm/x86_64/triple_fault_event_test.c | 73 +++++++++++++++++----- virt/kvm/kvm_main.c | 52 ++++++++++++--- virt/kvm/pfncache.c | 7 ++- 15 files changed, 251 insertions(+), 83 deletions(-) create mode 100644 tools/testing/selftests/kvm/x86_64/svm_nested_shutdown_test.c
