On Mon, 03 Jun 2024 12:52:54 +0100, Sasha Levin <sashal@xxxxxxxxxx> wrote: > > This is a note to let you know that I've just added the patch titled > > KVM: arm64: nv: Add sanitising to VNCR-backed sysregs > > to the 6.8-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary > > The filename of the patch is: > kvm-arm64-nv-add-sanitising-to-vncr-backed-sysregs.patch > and it can be found in the queue-6.8 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable@xxxxxxxxxxxxxxx> know about it. > > > > commit fbb2bcdc458dd7db3860f85a06e98cc25904d20d > Author: Marc Zyngier <maz@xxxxxxxxxx> > Date: Wed Feb 14 13:18:04 2024 +0000 > > KVM: arm64: nv: Add sanitising to VNCR-backed sysregs > > [ Upstream commit 888f0880702293096619b300150cd7e59fcd9743 ] > > VNCR-backed "registers" are actually only memory. Which means that > there is zero control over what the guest can write, and that it > is the hypervisor's job to actually sanitise the content of the > backing store. Yeah, this is fun. > > In order to preserve some form of sanity, add a repainting mechanism > that makes use of a per-VM set of RES0/RES1 masks, one pair per VNCR > register. These masks get applied on access to the backing store via > __vcpu_sys_reg(), ensuring that the state that is consumed by KVM is > correct. > > So far, nothing populates these masks, but stay tuned. > > Signed-off-by: Marc Zyngier <maz@xxxxxxxxxx> > Reviewed-by: Joey Gouly <joey.gouly@xxxxxxx> > Link: https://lore.kernel.org/r/20240214131827.2856277-4-maz@xxxxxxxxxx > Signed-off-by: Oliver Upton <oliver.upton@xxxxxxxxx> > Stable-dep-of: ce5d2448eb8f ("KVM: arm64: Destroy mpidr_data for 'late' vCPU creation") > Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> Please drop this. It serves no purpose on 6.8 aside from wasting memory. If backporting ce5d2448eb8f is hard due to some conflicts, we'll tackle it ourselves. Thanks, M. -- Without deviation from the norm, progress is not possible.
