Skip to content

Commit b5a0229

Browse files
sean-jcgregkh
authored andcommitted
KVM: x86: Explicitly configure supported XSS from {svm,vmx}_set_cpu_caps()
commit f8ade83 upstream. Explicitly configure KVM's supported XSS as part of each vendor's setup flow to fix a bug where clearing SHSTK and IBT in kvm_cpu_caps, e.g. due to lack of CET XFEATURE support, makes kvm-intel.ko unloadable when nested VMX is enabled, i.e. when nested=1. The late clearing results in nested_vmx_setup_{entry,exit}_ctls() clearing VM_{ENTRY,EXIT}_LOAD_CET_STATE when nested_vmx_setup_ctls_msrs() runs during the CPU compatibility checks, ultimately leading to a mismatched VMCS config due to the reference config having the CET bits set, but every CPU's "local" config having the bits cleared. Note, kvm_caps.supported_{xcr0,xss} are unconditionally initialized by kvm_x86_vendor_init(), before calling into vendor code, and not referenced between ops->hardware_setup() and their current/old location. Fixes: 69cc3e8 ("KVM: x86: Add XSS support for CET_KERNEL and CET_USER") Cc: stable@vger.kernel.org Cc: Mathias Krause <minipli@grsecurity.net> Cc: John Allen <john.allen@amd.com> Cc: Rick Edgecombe <rick.p.edgecombe@intel.com> Cc: Chao Gao <chao.gao@intel.com> Cc: Binbin Wu <binbin.wu@linux.intel.com> Cc: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com> Link: https://patch.msgid.link/20260128014310.3255561-2-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 parent a94b956 commit b5a0229

4 files changed

Lines changed: 23 additions & 13 deletions

File tree

arch/x86/kvm/svm/svm.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5285,6 +5285,8 @@ static __init void svm_set_cpu_caps(void)
52855285
*/
52865286
kvm_cpu_cap_clear(X86_FEATURE_BUS_LOCK_DETECT);
52875287
kvm_cpu_cap_clear(X86_FEATURE_MSR_IMM);
5288+
5289+
kvm_setup_xss_caps();
52885290
}
52895291

52905292
static __init int svm_hardware_setup(void)

arch/x86/kvm/vmx/vmx.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8021,6 +8021,8 @@ static __init void vmx_set_cpu_caps(void)
80218021
kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
80228022
kvm_cpu_cap_clear(X86_FEATURE_IBT);
80238023
}
8024+
8025+
kvm_setup_xss_caps();
80248026
}
80258027

80268028
static bool vmx_is_io_intercepted(struct kvm_vcpu *vcpu,

arch/x86/kvm/x86.c

Lines changed: 17 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -9954,6 +9954,23 @@ static struct notifier_block pvclock_gtod_notifier = {
99549954
};
99559955
#endif
99569956

9957+
void kvm_setup_xss_caps(void)
9958+
{
9959+
if (!kvm_cpu_cap_has(X86_FEATURE_XSAVES))
9960+
kvm_caps.supported_xss = 0;
9961+
9962+
if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
9963+
!kvm_cpu_cap_has(X86_FEATURE_IBT))
9964+
kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;
9965+
9966+
if ((kvm_caps.supported_xss & XFEATURE_MASK_CET_ALL) != XFEATURE_MASK_CET_ALL) {
9967+
kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
9968+
kvm_cpu_cap_clear(X86_FEATURE_IBT);
9969+
kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;
9970+
}
9971+
}
9972+
EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_setup_xss_caps);
9973+
99579974
static inline void kvm_ops_update(struct kvm_x86_init_ops *ops)
99589975
{
99599976
memcpy(&kvm_x86_ops, ops->runtime_ops, sizeof(kvm_x86_ops));
@@ -10132,19 +10149,6 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
1013210149
if (!tdp_enabled)
1013310150
kvm_caps.supported_quirks &= ~KVM_X86_QUIRK_IGNORE_GUEST_PAT;
1013410151

10135-
if (!kvm_cpu_cap_has(X86_FEATURE_XSAVES))
10136-
kvm_caps.supported_xss = 0;
10137-
10138-
if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
10139-
!kvm_cpu_cap_has(X86_FEATURE_IBT))
10140-
kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;
10141-
10142-
if ((kvm_caps.supported_xss & XFEATURE_MASK_CET_ALL) != XFEATURE_MASK_CET_ALL) {
10143-
kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
10144-
kvm_cpu_cap_clear(X86_FEATURE_IBT);
10145-
kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;
10146-
}
10147-
1014810152
if (kvm_caps.has_tsc_control) {
1014910153
/*
1015010154
* Make sure the user can only configure tsc_khz values that

arch/x86/kvm/x86.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -457,6 +457,8 @@ extern struct kvm_host_values kvm_host;
457457

458458
extern bool enable_pmu;
459459

460+
void kvm_setup_xss_caps(void);
461+
460462
/*
461463
* Get a filtered version of KVM's supported XCR0 that strips out dynamic
462464
* features for which the current process doesn't (yet) have permission to use.

0 commit comments

Comments
 (0)