Patch "KVM: x86: Mask off reserved bits in CPUID.80000008H" has been added to the 6.0-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Tue, 08 Nov 2022 09:11:11 +0100

This is a note to let you know that I've just added the patch titled

    KVM: x86: Mask off reserved bits in CPUID.80000008H

to the 6.0-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     kvm-x86-mask-off-reserved-bits-in-cpuid.80000008h.patch
and it can be found in the queue-6.0 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 7030d8530e533844e2f4b0e7476498afcd324634 Mon Sep 17 00:00:00 2001
From: Jim Mattson <jmattson@xxxxxxxxxx>
Date: Thu, 29 Sep 2022 15:52:00 -0700
Subject: KVM: x86: Mask off reserved bits in CPUID.80000008H

From: Jim Mattson <jmattson@xxxxxxxxxx>

commit 7030d8530e533844e2f4b0e7476498afcd324634 upstream.

KVM_GET_SUPPORTED_CPUID should only enumerate features that KVM
actually supports. The following ranges of CPUID.80000008H are reserved
and should be masked off:
    ECX[31:18]
    ECX[11:8]

In addition, the PerfTscSize field at ECX[17:16] should also be zero
because KVM does not set the PERFTSC bit at CPUID.80000001H.ECX[27].

Fixes: 24c82e576b78 ("KVM: Sanitize cpuid")
Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx>
Message-Id: <20220929225203.2234702-3-jmattson@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 arch/x86/kvm/cpuid.c |    1 +
 1 file changed, 1 insertion(+)

--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -1152,6 +1152,7 @@ static inline int __do_cpuid_func(struct
 			g_phys_as = phys_as;
 
 		entry->eax = g_phys_as | (virt_as << 8);
+		entry->ecx &= ~(GENMASK(31, 16) | GENMASK(11, 8));
 		entry->edx = 0;
 		cpuid_entry_override(entry, CPUID_8000_0008_EBX);
 		break;


Patches currently in stable-queue which might be from jmattson@xxxxxxxxxx are

queue-6.0/kvm-x86-mask-off-reserved-bits-in-cpuid.80000008h.patch
queue-6.0/kvm-x86-mask-off-reserved-bits-in-cpuid.80000006h.patch
queue-6.0/kvm-x86-mask-off-reserved-bits-in-cpuid.80000001h.patch
queue-6.0/kvm-x86-mask-off-reserved-bits-in-cpuid.8000001ah.patch
queue-6.0/kvm-x86-mask-off-reserved-bits-in-cpuid.8000001fh.patch






