Re: [PATCH] KVM: x86: Fix a 4.14 backport regression related to userspace/guest FPU

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 28/01/19 23:14, Sasha Levin wrote:
> On Mon, Jan 28, 2019 at 12:51:02PM -0800, Sean Christopherson wrote:
>> Upstream commit:
>>
>>    f775b13eedee ("x86,kvm: move qemu/guest FPU switching out to
>> vcpu_run")
>>
>> introduced a bug, which was later fixed by upstream commit:
>>
>>    5663d8f9bbe4 ("kvm: x86: fix WARN due to uninitialized guest FPU
>> state")
>>
>> For reasons unknown, both commits were initially passed-over for
>> inclusion in the 4.14 stable branch despite being tagged for stable.
>> Eventually, someone noticed that the fixup, commit 5663d8f9bbe4, was
>> missing from stable[1], and so it was queued up for 4.14 and included in
>> release v4.14.79.
>>
>> Even later, the original buggy patch, commit f775b13eedee, was also
>> applied to the 4.14 stable branch.  Through an unlucky coincidence, the
>> incorrect ordering did not generate a conflict between the two patches,
>> and led to v4.14.94 and later releases containing a spurious call to
>> kvm_load_guest_fpu() in kvm_arch_vcpu_ioctl_run().  As a result, KVM may
>> reload stale guest FPU state, e.g. after accepting in INIT event.  This
>> can manifest as crashes during boot, segfaults, failed checksums and so
>> on and so forth.
>>
>> Remove the unwanted kvm_{load,put}_guest_fpu() calls, i.e. make
>> kvm_arch_vcpu_ioctl_run() look like commit 5663d8f9bbe4 was backported
>> after commit f775b13eedee.
>>
>> [1] https://www.spinics.net/lists/stable/msg263931.html
>>
>> Fixes: 4124a4cff344 ("x86,kvm: move qemu/guest FPU switching out to
>> vcpu_run")
>> Cc: stable@xxxxxxxxxxxxxxx
>> Cc: Sasha Levin <sashal@xxxxxxxxxx>
>> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>> Cc: Peter Xu <peterx@xxxxxxxxxx>
>> Cc: Rik van Riel <riel@xxxxxxxxxx>
>> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>> Cc: Radim Krčmář <rkrcmar@xxxxxxxxxx>
>> Reported-by: Roman Mamedov
>> Reported-by: Thomas Lindroth <thomas.lindroth@xxxxxxxxx>
>> Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
> 
> I agree with your analysis and the patch makes sense. Hopefully one of
> the KVM folks can Ack.
Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>

Paolo
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux