From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 768751584F2 for ; Sun, 16 Mar 2025 19:03:08 +0000 (UTC) Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: relay-lists.gentoo.org@gentoo.org) by smtp.gentoo.org (Postfix) with ESMTPSA id 627BE34317E for ; Sun, 16 Mar 2025 19:03:08 +0000 (UTC) Received: from bobolink.gentoo.org (localhost [127.0.0.1]) by bobolink.gentoo.org (Postfix) with ESMTP id 5E15A1102B7; Sun, 16 Mar 2025 19:03:07 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bobolink.gentoo.org (Postfix) with ESMTPS id 554271102B7 for ; Sun, 16 Mar 2025 19:03:07 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id DD44E34317E for ; Sun, 16 Mar 2025 19:03:06 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 4C8811909 for ; Sun, 16 Mar 2025 19:03:05 +0000 (UTC) From: "Mike Pagano" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Pagano" Message-ID: <1742151730.0e9f11b7dacf41f328ae54d39c08aa1819deef40.mpagano@gentoo> Subject: [gentoo-commits] proj/linux-patches:6.13 commit in: / X-VCS-Repository: proj/linux-patches X-VCS-Files: 0000_README 1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch X-VCS-Directories: / X-VCS-Committer: mpagano X-VCS-Committer-Name: Mike Pagano X-VCS-Revision: 0e9f11b7dacf41f328ae54d39c08aa1819deef40 X-VCS-Branch: 6.13 Date: Sun, 16 Mar 2025 19:03:05 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 0b5d8592-d70b-4401-b813-1ed5935da11d X-Archives-Hash: d4ee26c6d6f7daef8e50f96c3009f10c commit: 0e9f11b7dacf41f328ae54d39c08aa1819deef40 Author: Mike Pagano gentoo org> AuthorDate: Sun Mar 16 19:02:10 2025 +0000 Commit: Mike Pagano gentoo org> CommitDate: Sun Mar 16 19:02:10 2025 +0000 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=0e9f11b7 Remove redundant patch Removed: 1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch Bug: https://bugs.gentoo.org/951467 Signed-off-by: Mike Pagano gentoo.org> 0000_README | 4 -- 1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch | 69 ----------------------- 2 files changed, 73 deletions(-) diff --git a/0000_README b/0000_README index 9e76d1c8..78ba59c4 100644 --- a/0000_README +++ b/0000_README @@ -87,10 +87,6 @@ Patch: 1740_x86-insn-decoder-test-allow-longer-symbol-names.patch From: https://gitlab.com/cki-project/kernel-ark/-/commit/8d4a52c3921d278f27241fc0c6949d8fdc13a7f5 Desc: x86/insn_decoder_test: allow longer symbol-names -Patch: 1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch -From: https://bugzilla.kernel.org/show_bug.cgi?id=219787 -Desc: KVM: SVM: Manually zero/restore DEBUGCTL if LBR virtualization is disabled - Patch: 2000_BT-Check-key-sizes-only-if-Secure-Simple-Pairing-enabled.patch From: https://lore.kernel.org/linux-bluetooth/20190522070540.48895-1-marcel@holtmann.org/raw Desc: Bluetooth: Check key sizes only when Secure Simple Pairing is enabled. See bug #686758 diff --git a/1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch b/1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch deleted file mode 100644 index e3ce9fe4..00000000 --- a/1751_KVM-SVM-Manually-zero-restore-DEBUGCTL.patch +++ /dev/null @@ -1,69 +0,0 @@ -From d02de0dfc6fd10f7bc4f7067fb9765c24948c737 Mon Sep 17 00:00:00 2001 -From: Sean Christopherson -Date: Fri, 21 Feb 2025 08:16:36 -0800 -Subject: [PATCH 2/2] KVM: SVM: Manually zero/restore DEBUGCTL if LBR - virtualization is disabled - -Manually zero DEBUGCTL prior to VMRUN if the host's value is non-zero and -LBR virtualization is disabled, as hardware only context switches DEBUGCTL -if LBR virtualization is fully enabled. Running the guest with the host's -value has likely been mildly problematic for quite some time, e.g. it will -result in undesirable behavior if host is running with BTF=1. - -But the bug became fatal with the introduction of Bus Lock Trap ("Detect" -in kernel paralance) support for AMD (commit 408eb7417a92 -("x86/bus_lock: Add support for AMD")), as a bus lock in the guest will -trigger an unexpected #DB. - -Note, KVM could suppress the bus lock #DB, i.e. simply resume the guest -without injecting a #DB, but that wouldn't address things like BTF. And -it appears that AMD CPUs incorrectly clear DR6_BUS_LOCK (it's active low) -when delivering a #DB that is NOT a bus lock trap, and BUS_LOCK_DETECT is -enabled in DEBUGCTL. - -Reported-by: rangemachine@gmail.com -Reported-by: whanos@sergal.fun -Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219787 -Closes: https://lore.kernel.org/all/bug-219787-28872@https.bugzilla.kernel.org%2F -Cc: Ravi Bangoria -Cc: stable@vger.kernel.org -Signed-off-by: Sean Christopherson ---- - arch/x86/kvm/svm/svm.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c -index a713c803a3a3..a50ca1f17e31 100644 ---- a/arch/x86/kvm/svm/svm.c -+++ b/arch/x86/kvm/svm/svm.c -@@ -4253,6 +4253,16 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, - clgi(); - kvm_load_guest_xsave_state(vcpu); - -+ /* -+ * Hardware only context switches DEBUGCTL if LBR virtualization is -+ * enabled. Manually zero DEBUGCTL if necessary (and restore it after) -+ * VM-Exit, as running with the host's DEBUGCTL can negatively affect -+ * guest state and can even be fatal, e.g. due to bus lock detect. -+ */ -+ if (vcpu->arch.host_debugctl && -+ !(svm->vmcb->control.virt_ext & LBR_CTL_ENABLE_MASK)) -+ update_debugctlmsr(0); -+ - kvm_wait_lapic_expire(vcpu); - - /* -@@ -4280,6 +4290,10 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, - if (unlikely(svm->vmcb->control.exit_code == SVM_EXIT_NMI)) - kvm_before_interrupt(vcpu, KVM_HANDLING_NMI); - -+ if (vcpu->arch.host_debugctl && -+ !(svm->vmcb->control.virt_ext & LBR_CTL_ENABLE_MASK)) -+ update_debugctlmsr(vcpu->arch.host_debugctl); -+ - kvm_load_host_xsave_state(vcpu); - stgi(); - --- -2.48.1.658.g4767266eb4-goog -