diff --git a/patches/kernel/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch b/patches/kernel/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch index 72d991a..9daedb7 100644 --- a/patches/kernel/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch +++ b/patches/kernel/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch @@ -55,10 +55,10 @@ Signed-off-by: Thomas Lamprecht 2 files changed, 111 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt -index fa73bbcb0c8d..4964bb2e931e 100644 +index 9f2bcb8b7f96..a60a4220be95 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt -@@ -4209,6 +4209,15 @@ +@@ -4281,6 +4281,15 @@ Also, it enforces the PCI Local Bus spec rule that those bits should be 0 in system reset events (useful for kexec/kdump cases). @@ -75,10 +75,10 @@ index fa73bbcb0c8d..4964bb2e931e 100644 Safety option to keep boot IRQs enabled. This should never be necessary. diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c -index 592e1c4ae697..aebf6f412203 100644 +index 92302d5749d8..71387b9aca33 100644 --- a/drivers/pci/quirks.c +++ b/drivers/pci/quirks.c -@@ -194,6 +194,106 @@ static int __init pci_apply_final_quirks(void) +@@ -287,6 +287,106 @@ static int __init pci_apply_final_quirks(void) } fs_initcall_sync(pci_apply_final_quirks); @@ -185,7 +185,7 @@ index 592e1c4ae697..aebf6f412203 100644 /* * Decoding should be disabled for a PCI device during BAR sizing to avoid * conflict. But doing so may cause problems on host bridge and perhaps other -@@ -4974,6 +5074,8 @@ static const struct pci_dev_acs_enabled { +@@ -5069,6 +5169,8 @@ static const struct pci_dev_acs_enabled { { PCI_VENDOR_ID_CAVIUM, 0xA060, pci_quirk_mf_endpoint_acs }, /* APM X-Gene */ { PCI_VENDOR_ID_AMCC, 0xE004, pci_quirk_xgene_acs }, diff --git a/patches/kernel/0005-kvm-disable-default-dynamic-halt-polling-growth.patch b/patches/kernel/0005-kvm-disable-default-dynamic-halt-polling-growth.patch index 91bf4a2..4bc4bd3 100644 --- a/patches/kernel/0005-kvm-disable-default-dynamic-halt-polling-growth.patch +++ b/patches/kernel/0005-kvm-disable-default-dynamic-halt-polling-growth.patch @@ -13,10 +13,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 73fad57408f7..99ae3e468ce6 100644 +index 5bbb5612b207..691ce10e7647 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c -@@ -79,7 +79,7 @@ module_param(halt_poll_ns, uint, 0644); +@@ -82,7 +82,7 @@ module_param(halt_poll_ns, uint, 0644); EXPORT_SYMBOL_GPL(halt_poll_ns); /* Default doubles per-vcpu halt_poll_ns. */ diff --git a/patches/kernel/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch b/patches/kernel/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch index 14c716c..3a22864 100644 --- a/patches/kernel/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch +++ b/patches/kernel/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch @@ -14,10 +14,10 @@ Signed-off-by: Fabian Grünbichler 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/dev.c b/net/core/dev.c -index 555bbe774734..de2e0d0185fc 100644 +index 69a3e544676c..56a45b9b602e 100644 --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -10262,7 +10262,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list) +@@ -10269,7 +10269,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list) if (time_after(jiffies, warning_time + READ_ONCE(netdev_unregister_timeout_secs) * HZ)) { list_for_each_entry(dev, list, todo_list) { diff --git a/patches/kernel/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch b/patches/kernel/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch index 192e77e..f420c8f 100644 --- a/patches/kernel/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch +++ b/patches/kernel/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch @@ -10,12 +10,13 @@ This reverts commit 106b7a61c488d2022f44e3531ce33461c7c0685f. Signed-off-by: Thomas Lamprecht Signed-off-by: Fabian Grünbichler +Signed-off-by: Thomas Lamprecht --- include/linux/fortify-string.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h -index 7cad8bb031e9..acc24887db3e 100644 +index da51a83b2829..9d9e7822eddf 100644 --- a/include/linux/fortify-string.h +++ b/include/linux/fortify-string.h @@ -18,7 +18,7 @@ void __write_overflow_field(size_t avail, size_t wanted) __compiletime_warning(" @@ -25,5 +26,5 @@ index 7cad8bb031e9..acc24887db3e 100644 - char *__p = (char *)(p); \ + unsigned char *__p = (unsigned char *)(p); \ size_t __ret = SIZE_MAX; \ - size_t __p_size = __member_size(p); \ + const size_t __p_size = __member_size(p); \ if (__p_size != SIZE_MAX && \ diff --git a/patches/kernel/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch b/patches/kernel/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch index d6053be..f6d8d41 100644 --- a/patches/kernel/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch +++ b/patches/kernel/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch @@ -78,10 +78,10 @@ Signed-off-by: Thomas Lamprecht 3 files changed, 21 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c -index 7ccdf991d18e..61aefeb3fdbc 100644 +index d3432687c9e6..2c20da9aa2ac 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c -@@ -251,6 +251,12 @@ static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent) +@@ -249,6 +249,12 @@ static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent) return (best->eax | ((u64)best->edx << 32)) & kvm_caps.supported_xcr0; } @@ -108,10 +108,10 @@ index b1658c0de847..12a02851ff57 100644 int cpuid_query_maxphyaddr(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index ee603f4edce1..ff92ff41d5ce 100644 +index c381770bcbf1..6690a3722007 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -5342,6 +5342,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, +@@ -5413,6 +5413,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, if (fpstate_is_confidential(&vcpu->arch.guest_fpu)) return 0; diff --git a/patches/kernel/0009-KVM-x86-mmu-Fix-an-sign-extension-bug-with-mmu_seq-t.patch b/patches/kernel/0009-KVM-x86-mmu-Fix-an-sign-extension-bug-with-mmu_seq-t.patch deleted file mode 100644 index 18c268e..0000000 --- a/patches/kernel/0009-KVM-x86-mmu-Fix-an-sign-extension-bug-with-mmu_seq-t.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Sean Christopherson -Date: Wed, 23 Aug 2023 18:01:04 -0700 -Subject: [PATCH] KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that - hangs vCPUs -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream commit ba6e3fe25543 ("KVM: x86/mmu: Grab mmu_invalidate_seq in -kvm_faultin_pfn()") unknowingly fixed the bug in v6.3 when refactoring -how KVM tracks the sequence counter snapshot. - -Take the vCPU's mmu_seq snapshot as an "unsigned long" instead of an "int" -when checking to see if a page fault is stale, as the sequence count is -stored as an "unsigned long" everywhere else in KVM. This fixes a bug -where KVM will effectively hang vCPUs due to always thinking page faults -are stale, which results in KVM refusing to "fix" faults. - -mmu_invalidate_seq (née mmu_notifier_seq) is a sequence counter used when -KVM is handling page faults to detect if userspace mappings relevant to -the guest were invalidated between snapshotting the counter and acquiring -mmu_lock, i.e. to ensure that the userspace mapping KVM is using to -resolve the page fault is fresh. If KVM sees that the counter has -changed, KVM simply resumes the guest without fixing the fault. - -What _should_ happen is that the source of the mmu_notifier invalidations -eventually goes away, mmu_invalidate_seq becomes stable, and KVM can once -again fix guest page fault(s). - -But for a long-lived VM and/or a VM that the host just doesn't particularly -like, it's possible for a VM to be on the receiving end of 2 billion (with -a B) mmu_notifier invalidations. When that happens, bit 31 will be set in -mmu_invalidate_seq. This causes the value to be turned into a 32-bit -negative value when implicitly cast to an "int" by is_page_fault_stale(), -and then sign-extended into a 64-bit unsigned when the signed "int" is -implicitly cast back to an "unsigned long" on the call to -mmu_invalidate_retry_hva(). - -As a result of the casting and sign-extension, given a sequence counter of -e.g. 0x8002dc25, mmu_invalidate_retry_hva() ends up doing - - if (0x8002dc25 != 0xffffffff8002dc25) - -and signals that the page fault is stale and needs to be retried even -though the sequence counter is stable, and KVM effectively hangs any vCPU -that takes a page fault (EPT violation or #NPF when TDP is enabled). - -Reported-by: Brian Rak -Reported-by: Amaan Cheval -Reported-by: Eric Wheeler -Closes: https://lore.kernel.org/all/f023d927-52aa-7e08-2ee5-59a2fbc65953@gameservers.com -Fixes: a955cad84cda ("KVM: x86/mmu: Retry page fault if root is invalidated by memslot update") -Signed-off-by: Sean Christopherson -Signed-off-by: Greg Kroah-Hartman -(cherry-picked from commit 82d811ff566594de3676f35808e8a9e19c5c864c in stable v6.1.51) -Signed-off-by: Fiona Ebner ---- - arch/x86/kvm/mmu/mmu.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c -index 3220c1285984..c42ba5cde7a4 100644 ---- a/arch/x86/kvm/mmu/mmu.c -+++ b/arch/x86/kvm/mmu/mmu.c -@@ -4261,7 +4261,8 @@ static int kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) - * root was invalidated by a memslot update or a relevant mmu_notifier fired. - */ - static bool is_page_fault_stale(struct kvm_vcpu *vcpu, -- struct kvm_page_fault *fault, int mmu_seq) -+ struct kvm_page_fault *fault, -+ unsigned long mmu_seq) - { - struct kvm_mmu_page *sp = to_shadow_page(vcpu->arch.mmu->root.hpa); - diff --git a/patches/kernel/0010-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch b/patches/kernel/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch similarity index 83% rename from patches/kernel/0010-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch rename to patches/kernel/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch index 40b0a15..84d5b22 100644 --- a/patches/kernel/0010-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch +++ b/patches/kernel/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch @@ -4,15 +4,17 @@ Date: Mon, 18 Sep 2023 15:19:26 +0200 Subject: [PATCH] allow opt-in to allow pass-through on broken hardware.. adapted from https://github.com/kiler129/relax-intel-rmrr , licensed under MIT or GPL 2.0+ + +Signed-off-by: Thomas Lamprecht --- drivers/iommu/intel/iommu.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c -index 1c5ba4dbfe78..887667218e3b 100644 +index a377f8e0a414..3be334d34317 100644 --- a/drivers/iommu/intel/iommu.c +++ b/drivers/iommu/intel/iommu.c -@@ -297,6 +297,7 @@ static int dmar_map_gfx = 1; +@@ -298,6 +298,7 @@ static int dmar_map_gfx = 1; static int dmar_map_ipu = 1; static int intel_iommu_superpage = 1; static int iommu_identity_mapping; @@ -20,7 +22,7 @@ index 1c5ba4dbfe78..887667218e3b 100644 static int iommu_skip_te_disable; #define IDENTMAP_GFX 2 -@@ -358,6 +359,9 @@ static int __init intel_iommu_setup(char *str) +@@ -359,6 +360,9 @@ static int __init intel_iommu_setup(char *str) } else if (!strncmp(str, "tboot_noforce", 13)) { pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n"); intel_iommu_tboot_noforce = 1; @@ -30,7 +32,7 @@ index 1c5ba4dbfe78..887667218e3b 100644 } else { pr_notice("Unknown option - '%s'\n", str); } -@@ -2538,7 +2542,7 @@ static bool device_rmrr_is_relaxable(struct device *dev) +@@ -2503,7 +2507,7 @@ static bool device_rmrr_is_relaxable(struct device *dev) return false; pdev = to_pci_dev(dev); diff --git a/patches/kernel/0011-net-thunderbolt-Fix-TCPv6-GSO-checksum-calculation.patch b/patches/kernel/0010-net-thunderbolt-Fix-TCPv6-GSO-checksum-calculation.patch similarity index 85% rename from patches/kernel/0011-net-thunderbolt-Fix-TCPv6-GSO-checksum-calculation.patch rename to patches/kernel/0010-net-thunderbolt-Fix-TCPv6-GSO-checksum-calculation.patch index 4bae939..b3d7a41 100644 --- a/patches/kernel/0011-net-thunderbolt-Fix-TCPv6-GSO-checksum-calculation.patch +++ b/patches/kernel/0010-net-thunderbolt-Fix-TCPv6-GSO-checksum-calculation.patch @@ -19,14 +19,14 @@ Reviewed-by: Jiri Pirko Signed-off-by: David S. Miller Signed-off-by: Thomas Lamprecht --- - drivers/net/thunderbolt.c | 3 +-- + drivers/net/thunderbolt/main.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) -diff --git a/drivers/net/thunderbolt.c b/drivers/net/thunderbolt.c -index 990484776f2d..0c554a7a5ce4 100644 ---- a/drivers/net/thunderbolt.c -+++ b/drivers/net/thunderbolt.c -@@ -1005,12 +1005,11 @@ static bool tbnet_xmit_csum_and_map(struct tbnet *net, struct sk_buff *skb, +diff --git a/drivers/net/thunderbolt/main.c b/drivers/net/thunderbolt/main.c +index 0c1e8970ee58..0a53ec293d04 100644 +--- a/drivers/net/thunderbolt/main.c ++++ b/drivers/net/thunderbolt/main.c +@@ -1049,12 +1049,11 @@ static bool tbnet_xmit_csum_and_map(struct tbnet *net, struct sk_buff *skb, *tucso = ~csum_tcpudp_magic(ip_hdr(skb)->saddr, ip_hdr(skb)->daddr, 0, ip_hdr(skb)->protocol, 0); diff --git a/patches/kernel/0012-thunderbolt-Restart-XDomain-discovery-handshake-afte.patch b/patches/kernel/0011-thunderbolt-Restart-XDomain-discovery-handshake-afte.patch similarity index 89% rename from patches/kernel/0012-thunderbolt-Restart-XDomain-discovery-handshake-afte.patch rename to patches/kernel/0011-thunderbolt-Restart-XDomain-discovery-handshake-afte.patch index d15296e..6af7817 100644 --- a/patches/kernel/0012-thunderbolt-Restart-XDomain-discovery-handshake-afte.patch +++ b/patches/kernel/0011-thunderbolt-Restart-XDomain-discovery-handshake-afte.patch @@ -22,10 +22,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 41 insertions(+), 17 deletions(-) diff --git a/drivers/thunderbolt/xdomain.c b/drivers/thunderbolt/xdomain.c -index 3c51e47dd86b..0b17a4d4e9b9 100644 +index 5b5566862318..9803f0bbf20d 100644 --- a/drivers/thunderbolt/xdomain.c +++ b/drivers/thunderbolt/xdomain.c -@@ -704,6 +704,27 @@ static void update_property_block(struct tb_xdomain *xd) +@@ -703,6 +703,27 @@ static void update_property_block(struct tb_xdomain *xd) mutex_unlock(&xdomain_lock); } @@ -53,7 +53,7 @@ index 3c51e47dd86b..0b17a4d4e9b9 100644 static void tb_xdp_handle_request(struct work_struct *work) { struct xdomain_request_work *xw = container_of(work, typeof(*xw), work); -@@ -766,6 +787,15 @@ static void tb_xdp_handle_request(struct work_struct *work) +@@ -765,6 +786,15 @@ static void tb_xdp_handle_request(struct work_struct *work) case UUID_REQUEST: tb_dbg(tb, "%llx: received XDomain UUID request\n", route); ret = tb_xdp_uuid_response(ctl, route, sequence, uuid); @@ -69,7 +69,7 @@ index 3c51e47dd86b..0b17a4d4e9b9 100644 break; case LINK_STATE_STATUS_REQUEST: -@@ -1522,6 +1552,13 @@ static void tb_xdomain_queue_properties_changed(struct tb_xdomain *xd) +@@ -1521,6 +1551,13 @@ static void tb_xdomain_queue_properties_changed(struct tb_xdomain *xd) msecs_to_jiffies(XDOMAIN_SHORT_TIMEOUT)); } @@ -83,7 +83,7 @@ index 3c51e47dd86b..0b17a4d4e9b9 100644 static void tb_xdomain_state_work(struct work_struct *work) { struct tb_xdomain *xd = container_of(work, typeof(*xd), state_work.work); -@@ -1548,7 +1585,7 @@ static void tb_xdomain_state_work(struct work_struct *work) +@@ -1547,7 +1584,7 @@ static void tb_xdomain_state_work(struct work_struct *work) if (ret) { if (ret == -EAGAIN) goto retry_state; @@ -92,7 +92,7 @@ index 3c51e47dd86b..0b17a4d4e9b9 100644 } else { tb_xdomain_queue_properties_changed(xd); if (xd->bonding_possible) -@@ -1613,7 +1650,7 @@ static void tb_xdomain_state_work(struct work_struct *work) +@@ -1612,7 +1649,7 @@ static void tb_xdomain_state_work(struct work_struct *work) if (ret) { if (ret == -EAGAIN) goto retry_state; @@ -101,7 +101,7 @@ index 3c51e47dd86b..0b17a4d4e9b9 100644 } else { xd->state = XDOMAIN_STATE_ENUMERATED; } -@@ -1624,6 +1661,8 @@ static void tb_xdomain_state_work(struct work_struct *work) +@@ -1623,6 +1660,8 @@ static void tb_xdomain_state_work(struct work_struct *work) break; case XDOMAIN_STATE_ERROR: @@ -110,7 +110,7 @@ index 3c51e47dd86b..0b17a4d4e9b9 100644 break; default: -@@ -1793,21 +1832,6 @@ static void tb_xdomain_release(struct device *dev) +@@ -1833,21 +1872,6 @@ static void tb_xdomain_release(struct device *dev) kfree(xd); } diff --git a/patches/kernel/0013-x86-cpu-Fix-AMD-erratum-1485-on-Zen4-based-CPUs.patch b/patches/kernel/0012-x86-cpu-Fix-AMD-erratum-1485-on-Zen4-based-CPUs.patch similarity index 91% rename from patches/kernel/0013-x86-cpu-Fix-AMD-erratum-1485-on-Zen4-based-CPUs.patch rename to patches/kernel/0012-x86-cpu-Fix-AMD-erratum-1485-on-Zen4-based-CPUs.patch index 9f1201e..a8e9fb0 100644 --- a/patches/kernel/0013-x86-cpu-Fix-AMD-erratum-1485-on-Zen4-based-CPUs.patch +++ b/patches/kernel/0012-x86-cpu-Fix-AMD-erratum-1485-on-Zen4-based-CPUs.patch @@ -21,10 +21,10 @@ Signed-off-by: Thomas Lamprecht 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h -index ebbf80d8b8bd..a79b10e57757 100644 +index 1d111350197f..b37abb55e948 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h -@@ -630,12 +630,17 @@ +@@ -637,12 +637,17 @@ /* AMD Last Branch Record MSRs */ #define MSR_AMD64_LBR_SELECT 0xc000010e @@ -45,10 +45,10 @@ index ebbf80d8b8bd..a79b10e57757 100644 #define MSR_F16H_L2I_PERF_CTL 0xc0010230 #define MSR_F16H_L2I_PERF_CTR 0xc0010231 diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c -index 6daf6a8fa0c7..044e3869620c 100644 +index 7eca6a8abbb1..981bc23665a3 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c -@@ -79,6 +79,10 @@ static const int amd_div0[] = +@@ -80,6 +80,10 @@ static const int amd_div0[] = AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x17, 0x00, 0x0, 0x2f, 0xf), AMD_MODEL_RANGE(0x17, 0x50, 0x0, 0x5f, 0xf)); @@ -59,7 +59,7 @@ index 6daf6a8fa0c7..044e3869620c 100644 static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum) { int osvw_id = *erratum++; -@@ -1124,6 +1128,10 @@ static void init_amd(struct cpuinfo_x86 *c) +@@ -1140,6 +1144,10 @@ static void init_amd(struct cpuinfo_x86 *c) pr_notice_once("AMD Zen1 DIV0 bug detected. Disable SMT for full protection.\n"); setup_force_cpu_bug(X86_BUG_DIV0); } diff --git a/patches/kernel/0013-Revert-nSVM-Check-for-reserved-encodings-of-TLB_CONT.patch b/patches/kernel/0013-Revert-nSVM-Check-for-reserved-encodings-of-TLB_CONT.patch new file mode 100644 index 0000000..a0f8f3a --- /dev/null +++ b/patches/kernel/0013-Revert-nSVM-Check-for-reserved-encodings-of-TLB_CONT.patch @@ -0,0 +1,57 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Sean Christopherson +Date: Wed, 18 Oct 2023 12:41:03 -0700 +Subject: [PATCH] Revert "nSVM: Check for reserved encodings of TLB_CONTROL in + nested VMCB" + +Revert KVM's made-up consistency check on SVM's TLB control. The APM says +that unsupported encodings are reserved, but the APM doesn't state that +VMRUN checks for a supported encoding. Unless something is called out +in "Canonicalization and Consistency Checks" or listed as MBZ (Must Be +Zero), AMD behavior is typically to let software shoot itself in the foot. + +This reverts commit 174a921b6975ef959dd82ee9e8844067a62e3ec1. + +Fixes: 174a921b6975 ("nSVM: Check for reserved encodings of TLB_CONTROL in nested VMCB") +Reported-by: Stefan Sterz +Closes: https://lkml.kernel.org/r/b9915c9c-4cf6-051a-2d91-44cc6380f455%40proxmox.com +Cc: stable@vger.kernel.org +Signed-off-by: Sean Christopherson +Signed-off-by: Thomas Lamprecht +--- + arch/x86/kvm/svm/nested.c | 15 --------------- + 1 file changed, 15 deletions(-) + +diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c +index 96936ddf1b3c..92db000409a9 100644 +--- a/arch/x86/kvm/svm/nested.c ++++ b/arch/x86/kvm/svm/nested.c +@@ -247,18 +247,6 @@ static bool nested_svm_check_bitmap_pa(struct kvm_vcpu *vcpu, u64 pa, u32 size) + kvm_vcpu_is_legal_gpa(vcpu, addr + size - 1); + } + +-static bool nested_svm_check_tlb_ctl(struct kvm_vcpu *vcpu, u8 tlb_ctl) +-{ +- /* Nested FLUSHBYASID is not supported yet. */ +- switch(tlb_ctl) { +- case TLB_CONTROL_DO_NOTHING: +- case TLB_CONTROL_FLUSH_ALL_ASID: +- return true; +- default: +- return false; +- } +-} +- + static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, + struct vmcb_ctrl_area_cached *control) + { +@@ -278,9 +266,6 @@ static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, + IOPM_SIZE))) + return false; + +- if (CC(!nested_svm_check_tlb_ctl(vcpu, control->tlb_ctl))) +- return false; +- + if (CC((control->int_ctl & V_NMI_ENABLE_MASK) && + !vmcb12_is_intercept(control, INTERCEPT_NMI))) { + return false; diff --git a/patches/kernel/0015-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch b/patches/kernel/0014-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch similarity index 89% rename from patches/kernel/0015-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch rename to patches/kernel/0014-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch index e6e4f0e..3592431 100644 --- a/patches/kernel/0015-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch +++ b/patches/kernel/0014-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch @@ -18,15 +18,16 @@ Reported-by: Stefan Sterz Closes: https://lkml.kernel.org/r/b9915c9c-4cf6-051a-2d91-44cc6380f455%40proxmox.com Signed-off-by: Sean Christopherson Signed-off-by: Stefan Sterz +Signed-off-by: Thomas Lamprecht --- arch/x86/kvm/svm/svm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c -index fb9cde86930d..db8028864094 100644 +index 2ec76ab525ea..ef3215286428 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c -@@ -4921,6 +4921,7 @@ static __init void svm_set_cpu_caps(void) +@@ -4969,6 +4969,7 @@ static __init void svm_set_cpu_caps(void) if (nested) { kvm_cpu_cap_set(X86_FEATURE_SVM); kvm_cpu_cap_set(X86_FEATURE_VMCBCLEAN); diff --git a/patches/kernel/0014-Revert-nSVM-Check-for-reserved-encodings-of-TLB_CONT.patch b/patches/kernel/0014-Revert-nSVM-Check-for-reserved-encodings-of-TLB_CONT.patch deleted file mode 100644 index 2ad8c3a..0000000 --- a/patches/kernel/0014-Revert-nSVM-Check-for-reserved-encodings-of-TLB_CONT.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Stefan Sterz -Date: Wed, 18 Oct 2023 10:45:45 +0200 -Subject: [PATCH] Revert "nSVM: Check for reserved encodings of TLB_CONTROL in - nested VMCB" - -This reverts commit 174a921b6975ef959dd82ee9e8844067a62e3ec1. - -Signed-off-by: Stefan Sterz ---- - arch/x86/kvm/svm/nested.c | 15 --------------- - 1 file changed, 15 deletions(-) - -diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c -index add65dd59756..61a6c0235519 100644 ---- a/arch/x86/kvm/svm/nested.c -+++ b/arch/x86/kvm/svm/nested.c -@@ -242,18 +242,6 @@ static bool nested_svm_check_bitmap_pa(struct kvm_vcpu *vcpu, u64 pa, u32 size) - kvm_vcpu_is_legal_gpa(vcpu, addr + size - 1); - } - --static bool nested_svm_check_tlb_ctl(struct kvm_vcpu *vcpu, u8 tlb_ctl) --{ -- /* Nested FLUSHBYASID is not supported yet. */ -- switch(tlb_ctl) { -- case TLB_CONTROL_DO_NOTHING: -- case TLB_CONTROL_FLUSH_ALL_ASID: -- return true; -- default: -- return false; -- } --} -- - static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, - struct vmcb_ctrl_area_cached *control) - { -@@ -273,9 +261,6 @@ static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, - IOPM_SIZE))) - return false; - -- if (CC(!nested_svm_check_tlb_ctl(vcpu, control->tlb_ctl))) -- return false; -- - return true; - } - diff --git a/patches/kernel/0016-x86-fpu-Allow-caller-to-constrain-xfeatures-when-cop.patch b/patches/kernel/0015-x86-fpu-Allow-caller-to-constrain-xfeatures-when-cop.patch similarity index 97% rename from patches/kernel/0016-x86-fpu-Allow-caller-to-constrain-xfeatures-when-cop.patch rename to patches/kernel/0015-x86-fpu-Allow-caller-to-constrain-xfeatures-when-cop.patch index 83a64ce..e4837b9 100644 --- a/patches/kernel/0016-x86-fpu-Allow-caller-to-constrain-xfeatures-when-cop.patch +++ b/patches/kernel/0015-x86-fpu-Allow-caller-to-constrain-xfeatures-when-cop.patch @@ -48,7 +48,7 @@ index b475d9a582b8..e829fa4c6788 100644 static inline void fpstate_set_confidential(struct fpu_guest *gfpu) diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c -index caf33486dc5e..cddd5018e6a4 100644 +index 98e507cc7d34..b582325b9c37 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -369,14 +369,15 @@ int fpu_swap_kvm_fpstate(struct fpu_guest *guest_fpu, bool enter_guest) @@ -123,10 +123,10 @@ index a4ecb04d8d64..3518fb26d06b 100644 enum xstate_copy_mode mode); extern int copy_uabi_from_kernel_to_xstate(struct fpstate *fpstate, const void *kbuf, u32 *pkru); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index ff92ff41d5ce..a43a950d04cb 100644 +index 6690a3722007..394d3a8b4682 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -5314,26 +5314,23 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, +@@ -5385,26 +5385,23 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, return 0; } diff --git a/patches/kernel/0017-KVM-x86-Constrain-guest-supported-xfeatures-only-at-.patch b/patches/kernel/0016-KVM-x86-Constrain-guest-supported-xfeatures-only-at-.patch similarity index 96% rename from patches/kernel/0017-KVM-x86-Constrain-guest-supported-xfeatures-only-at-.patch rename to patches/kernel/0016-KVM-x86-Constrain-guest-supported-xfeatures-only-at-.patch index 9154817..c9d06f5 100644 --- a/patches/kernel/0017-KVM-x86-Constrain-guest-supported-xfeatures-only-at-.patch +++ b/patches/kernel/0016-KVM-x86-Constrain-guest-supported-xfeatures-only-at-.patch @@ -66,10 +66,10 @@ index 463ec0cd0dab..ebe698f8af73 100644 /* Do the final updates within the locked region */ diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c -index 61aefeb3fdbc..e5393ee652ba 100644 +index 2c20da9aa2ac..e2b67975869c 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c -@@ -350,14 +350,6 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) +@@ -332,14 +332,6 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) vcpu->arch.guest_supported_xcr0 = cpuid_get_supported_xcr0(vcpu->arch.cpuid_entries, vcpu->arch.cpuid_nent); @@ -85,10 +85,10 @@ index 61aefeb3fdbc..e5393ee652ba 100644 vcpu->arch.maxphyaddr = cpuid_query_maxphyaddr(vcpu); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index a43a950d04cb..a4a44adf7c72 100644 +index 394d3a8b4682..e0cea0f8380a 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -5318,12 +5318,26 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, +@@ -5389,12 +5389,26 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, static void kvm_vcpu_ioctl_x86_get_xsave2(struct kvm_vcpu *vcpu, u8 *state, unsigned int size) { diff --git a/submodules/ubuntu-kernel b/submodules/ubuntu-kernel index 0b6a250..0f11208 160000 --- a/submodules/ubuntu-kernel +++ b/submodules/ubuntu-kernel @@ -1 +1 @@ -Subproject commit 0b6a250fd5bb058a9965d904b3e6f83b87a0c3b7 +Subproject commit 0f112085de77ffd667df863f7240164da1b8d26f