Changes in 5.10.44
proc: Track /proc/$pid/attr/ opener mm_struct
ASoC: max98088: fix ni clock divider calculation
ASoC: amd: fix for pcm_read() error
spi: Fix spi device unregister flow
spi: spi-zynq-qspi: Fix stack violation bug
bpf: Forbid trampoline attach for functions with variable arguments
net/nfc/rawsock.c: fix a permission check bug
usb: cdns3: Fix runtime PM imbalance on error
ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
vfio-ccw: Reset FSM state to IDLE inside FSM
vfio-ccw: Serialize FSM IDLE state with I/O completion
ASoC: sti-sas: add missing MODULE_DEVICE_TABLE
spi: sprd: Add missing MODULE_DEVICE_TABLE
usb: chipidea: udc: assign interrupt number to USB gadget structure
isdn: mISDN: netjet: Fix crash in nj_probe:
bonding: init notify_work earlier to avoid uninitialized use
netlink: disable IRQs for netlink_lock_table()
net: mdiobus: get rid of a BUG_ON()
cgroup: disable controllers at parse time
wq: handle VM suspension in stall detection
net/qla3xxx: fix schedule while atomic in ql_sem_spinlock
RDS tcp loopback connection can hang
net:sfc: fix non-freed irq in legacy irq mode
scsi: bnx2fc: Return failure if io_req is already in ABTS processing
scsi: vmw_pvscsi: Set correct residual data length
scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
net: macb: ensure the device is available before accessing GEMGXL control registers
net: appletalk: cops: Fix data race in cops_probe1
net: dsa: microchip: enable phy errata workaround on 9567
nvme-fabrics: decode host pathing error for connect
MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER
dm verity: fix require_signatures module_param permissions
bnx2x: Fix missing error code in bnx2x_iov_init_one()
nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME
nvmet: fix false keep-alive timeout when a controller is torn down
powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers
powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers
spi: Don't have controller clean up spi device before driver unbind
spi: Cleanup on failure of initial setup
i2c: mpc: Make use of i2c_recover_bus()
i2c: mpc: implement erratum A-004447 workaround
ALSA: seq: Fix race of snd_seq_timer_open()
ALSA: firewire-lib: fix the context to call snd_pcm_stop_xrun()
ALSA: hda/realtek: headphone and mic don't work on an Acer laptop
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Elite Dragonfly G2
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP EliteBook x360 1040 G8
ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 840 Aero G8
ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power G8
spi: bcm2835: Fix out-of-bounds access with more than 4 slaves
Revert "ACPI: sleep: Put the FACS table after using it"
drm: Fix use-after-free read in drm_getunique()
drm: Lock pointer access in drm_master_release()
perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server
KVM: X86: MMU: Use the correct inherited permissions to get shadow page
kvm: avoid speculation-based attacks from out-of-range memslot accesses
staging: rtl8723bs: Fix uninitialized variables
async_xor: check src_offs is not NULL before updating it
btrfs: return value from btrfs_mark_extent_written() in case of error
btrfs: promote debugging asserts to full-fledged checks in validate_super
cgroup1: don't allow '\n' in renaming
ftrace: Do not blindly read the ip address in ftrace_bug()
mmc: renesas_sdhi: abort tuning when timeout detected
mmc: renesas_sdhi: Fix HS400 on R-Car M3-W+
USB: f_ncm: ncm_bitrate (speed) is unsigned
usb: f_ncm: only first packet of aggregate needs to start timer
usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms
usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled
usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe
usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL
usb: dwc3: ep0: fix NULL pointer exception
usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling
usb: typec: wcove: Use LE to CPU conversion when accessing msg->header
usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path
usb: typec: intel_pmc_mux: Put fwnode in error case during ->probe()
usb: typec: intel_pmc_mux: Add missed error check for devm_ioremap_resource()
usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
USB: serial: ftdi_sio: add NovaTech OrionMX product ID
USB: serial: omninet: add device id for Zyxel Omni 56K Plus
USB: serial: quatech2: fix control-request directions
USB: serial: cp210x: fix alternate function for CP2102N QFN20
usb: gadget: eem: fix wrong eem header operation
usb: fix various gadgets null ptr deref on 10gbps cabling.
usb: fix various gadget panics on 10gbps cabling
usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port
usb: typec: tcpm: cancel frs hrtimer when unregister tcpm port
regulator: core: resolve supply for boot-on/always-on regulators
regulator: max77620: Use device_set_of_node_from_dev()
regulator: bd718x7: Fix the BUCK7 voltage setting on BD71837
regulator: fan53880: Fix missing n_voltages setting
regulator: bd71828: Fix .n_voltages settings
regulator: rtmv20: Fix .set_current_limit/.get_current_limit callbacks
phy: usb: Fix misuse of IS_ENABLED
usb: dwc3: gadget: Disable gadget IRQ during pullup disable
usb: typec: mux: Fix copy-paste mistake in typec_mux_match
drm/mcde: Fix off by 10^3 in calculation
drm/msm/a6xx: fix incorrectly set uavflagprd_inv field for A650
drm/msm/a6xx: update/fix CP_PROTECT initialization
drm/msm/a6xx: avoid shadow NULL reference in failure path
RDMA/ipoib: Fix warning caused by destroying non-initial netns
RDMA/mlx4: Do not map the core_clock page to user space unless enabled
ARM: cpuidle: Avoid orphan section warning
vmlinux.lds.h: Avoid orphan section with !SMP
tools/bootconfig: Fix error return code in apply_xbc()
phy: cadence: Sierra: Fix error return code in cdns_sierra_phy_probe()
ASoC: core: Fix Null-point-dereference in fmt_single_name()
ASoC: meson: gx-card: fix sound-dai dt schema
phy: ti: Fix an error code in wiz_probe()
gpio: wcd934x: Fix shift-out-of-bounds error
perf: Fix data race between pin_count increment/decrement
sched/fair: Keep load_avg and load_sum synced
sched/fair: Make sure to update tg contrib for blocked load
sched/fair: Fix util_est UTIL_AVG_UNCHANGED handling
x86/nmi_watchdog: Fix old-style NMI watchdog regression on old Intel CPUs
KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message
IB/mlx5: Fix initializing CQ fragments buffer
NFS: Fix a potential NULL dereference in nfs_get_client()
NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode()
perf session: Correct buffer copying when peeking events
kvm: fix previous commit for 32-bit builds
NFS: Fix use-after-free in nfs4_init_client()
NFSv4: Fix second deadlock in nfs4_evict_inode()
NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error.
scsi: core: Fix error handling of scsi_host_alloc()
scsi: core: Fix failure handling of scsi_add_host_with_dma()
scsi: core: Put .shost_dev in failure path if host state changes to RUNNING
scsi: core: Only put parent device if host state differs from SHOST_CREATED
tracing: Correct the length check which causes memory corruption
proc: only require mm_struct for writing
Linux 5.10.44
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic64172b4e72ccb54d96000b3065dd8b33aa9fef5
commit b1bd5cba3306691c771d558e94baa73e8b0b96b7 upstream.
When computing the access permissions of a shadow page, use the effective
permissions of the walk up to that point, i.e. the logic AND of its parents'
permissions. Two guest PxE entries that point at the same table gfn need to
be shadowed with different shadow pages if their parents' permissions are
different. KVM currently uses the effective permissions of the last
non-leaf entry for all non-leaf entries. Because all non-leaf SPTEs have
full ("uwx") permissions, and the effective permissions are recorded only
in role.access and merged into the leaves, this can lead to incorrect
reuse of a shadow page and eventually to a missing guest protection page
fault.
For example, here is a shared pagetable:
pgd[] pud[] pmd[] virtual address pointers
/->pmd1(u--)->pte1(uw-)->page1 <- ptr1 (u--)
/->pud1(uw-)--->pmd2(uw-)->pte2(uw-)->page2 <- ptr2 (uw-)
pgd-| (shared pmd[] as above)
\->pud2(u--)--->pmd1(u--)->pte1(uw-)->page1 <- ptr3 (u--)
\->pmd2(uw-)->pte2(uw-)->page2 <- ptr4 (u--)
pud1 and pud2 point to the same pmd table, so:
- ptr1 and ptr3 points to the same page.
- ptr2 and ptr4 points to the same page.
(pud1 and pud2 here are pud entries, while pmd1 and pmd2 here are pmd entries)
- First, the guest reads from ptr1 first and KVM prepares a shadow
page table with role.access=u--, from ptr1's pud1 and ptr1's pmd1.
"u--" comes from the effective permissions of pgd, pud1 and
pmd1, which are stored in pt->access. "u--" is used also to get
the pagetable for pud1, instead of "uw-".
- Then the guest writes to ptr2 and KVM reuses pud1 which is present.
The hypervisor set up a shadow page for ptr2 with pt->access is "uw-"
even though the pud1 pmd (because of the incorrect argument to
kvm_mmu_get_page in the previous step) has role.access="u--".
- Then the guest reads from ptr3. The hypervisor reuses pud1's
shadow pmd for pud2, because both use "u--" for their permissions.
Thus, the shadow pmd already includes entries for both pmd1 and pmd2.
- At last, the guest writes to ptr4. This causes no vmexit or pagefault,
because pud1's shadow page structures included an "uw-" page even though
its role.access was "u--".
Any kind of shared pagetable might have the similar problem when in
virtual machine without TDP enabled if the permissions are different
from different ancestors.
In order to fix the problem, we change pt->access to be an array, and
any access in it will not include permissions ANDed from child ptes.
The test code is: https://lore.kernel.org/kvm/20210603050537.19605-1-jiangshanlai@gmail.com/
Remember to test it with TDP disabled.
The problem had existed long before the commit 41074d07c7 ("KVM: MMU:
Fix inherited permissions for emulated guest pte updates"), and it
is hard to find which is the culprit. So there is no fixes tag here.
Signed-off-by: Lai Jiangshan <laijs@linux.alibaba.com>
Message-Id: <20210603052455.21023-1-jiangshanlai@gmail.com>
Cc: stable@vger.kernel.org
Fixes: cea0f0e7ea ("[PATCH] KVM: MMU: Shadow page table caching")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Changes in 5.10.27
mm/memcg: rename mem_cgroup_split_huge_fixup to split_page_memcg and add nr_pages argument
mm/memcg: set memcg when splitting page
mt76: fix tx skb error handling in mt76_dma_tx_queue_skb
net: stmmac: fix dma physical address of descriptor when display ring
net: fec: ptp: avoid register access when ipg clock is disabled
powerpc/4xx: Fix build errors from mfdcr()
atm: eni: dont release is never initialized
atm: lanai: dont run lanai_dev_close if not open
Revert "r8152: adjust the settings about MAC clock speed down for RTL8153"
ALSA: hda: ignore invalid NHLT table
ixgbe: Fix memleak in ixgbe_configure_clsu32
scsi: ufs: ufs-qcom: Disable interrupt in reset path
blk-cgroup: Fix the recursive blkg rwstat
net: tehuti: fix error return code in bdx_probe()
net: intel: iavf: fix error return code of iavf_init_get_resources()
sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count
gianfar: fix jumbo packets+napi+rx overrun crash
cifs: ask for more credit on async read/write code paths
gfs2: fix use-after-free in trans_drain
cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev
gpiolib: acpi: Add missing IRQF_ONESHOT
nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default
NFS: Correct size calculation for create reply length
net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch()
net: wan: fix error return code of uhdlc_init()
net: davicom: Use platform_get_irq_optional()
net: enetc: set MAC RX FIFO to recommended value
atm: uPD98402: fix incorrect allocation
atm: idt77252: fix null-ptr-dereference
cifs: change noisy error message to FYI
irqchip/ingenic: Add support for the JZ4760
kbuild: add image_name to no-sync-config-targets
kbuild: dummy-tools: fix inverted tests for gcc
umem: fix error return code in mm_pci_probe()
sparc64: Fix opcode filtering in handling of no fault loads
habanalabs: Call put_pid() when releasing control device
staging: rtl8192e: fix kconfig dependency on CRYPTO
u64_stats,lockdep: Fix u64_stats_init() vs lockdep
kselftest: arm64: Fix exit code of sve-ptrace
regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck
block: Fix REQ_OP_ZONE_RESET_ALL handling
drm/amd/display: Revert dram_clock_change_latency for DCN2.1
drm/amdgpu: fb BO should be ttm_bo_type_device
drm/radeon: fix AGP dependency
nvme: simplify error logic in nvme_validate_ns()
nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request()
nvme-fc: set NVME_REQ_CANCELLED in nvme_fc_terminate_exchange()
nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted
nvme-core: check ctrl css before setting up zns
nvme-rdma: Fix a use after free in nvmet_rdma_write_data_done
nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a
nfs: we don't support removing system.nfs4_acl
block: Suppress uevent for hidden device when removed
mm/fork: clear PASID for new mm
ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls
ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign
static_call: Pull some static_call declarations to the type headers
static_call: Allow module use without exposing static_call_key
static_call: Fix the module key fixup
static_call: Fix static_call_set_init()
KVM: x86: Protect userspace MSR filter with SRCU, and set atomically-ish
btrfs: fix sleep while in non-sleep context during qgroup removal
selinux: don't log MAC_POLICY_LOAD record on failed policy load
selinux: fix variable scope issue in live sidtab conversion
netsec: restore phy power state after controller reset
platform/x86: intel-vbtn: Stop reporting SW_DOCK events
psample: Fix user API breakage
z3fold: prevent reclaim/free race for headless pages
squashfs: fix inode lookup sanity checks
squashfs: fix xattr id and id lookup sanity checks
hugetlb_cgroup: fix imbalanced css_get and css_put pair for shared mappings
kasan: fix per-page tags for non-page_alloc pages
gcov: fix clang-11+ support
ACPI: video: Add missing callback back for Sony VPCEH3U1E
ACPICA: Always create namespace nodes using acpi_ns_create_node()
arm64: stacktrace: don't trace arch_stack_walk()
arm64: dts: ls1046a: mark crypto engine dma coherent
arm64: dts: ls1012a: mark crypto engine dma coherent
arm64: dts: ls1043a: mark crypto engine dma coherent
ARM: dts: at91: sam9x60: fix mux-mask for PA7 so it can be set to A, B and C
ARM: dts: at91: sam9x60: fix mux-mask to match product's datasheet
ARM: dts: at91-sama5d27_som1: fix phy address to 7
integrity: double check iint_cache was initialized
drm/etnaviv: Use FOLL_FORCE for userptr
drm/amd/pm: workaround for audio noise issue
drm/amdgpu/display: restore AUX_DPHY_TX_CONTROL for DCN2.x
drm/amdgpu: Add additional Sienna Cichlid PCI ID
drm/i915: Fix the GT fence revocation runtime PM logic
dm verity: fix DM_VERITY_OPTS_MAX value
dm ioctl: fix out of bounds array access when no devices
bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD
ARM: OMAP2+: Fix smartreflex init regression after dropping legacy data
soc: ti: omap-prm: Fix occasional abort on reset deassert for dra7 iva
veth: Store queue_mapping independently of XDP prog presence
bpf: Change inode_storage's lookup_elem return value from NULL to -EBADF
libbpf: Fix INSTALL flag order
net/mlx5e: RX, Mind the MPWQE gaps when calculating offsets
net/mlx5e: When changing XDP program without reset, take refs for XSK RQs
net/mlx5e: Don't match on Geneve options in case option masks are all zero
ipv6: fix suspecious RCU usage warning
drop_monitor: Perform cleanup upon probe registration failure
macvlan: macvlan_count_rx() needs to be aware of preemption
net: sched: validate stab values
net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port
igc: reinit_locked() should be called with rtnl_lock
igc: Fix Pause Frame Advertising
igc: Fix Supported Pause Frame Link Setting
igc: Fix igc_ptp_rx_pktstamp()
e1000e: add rtnl_lock() to e1000_reset_task
e1000e: Fix error handling in e1000_set_d0_lplu_state_82571
net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template
net: phy: broadcom: Add power down exit reset state delay
ftgmac100: Restart MAC HW once
clk: qcom: gcc-sc7180: Use floor ops for the correct sdcc1 clk
net: ipa: terminate message handler arrays
net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()
flow_dissector: fix byteorder of dissected ICMP ID
selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed
netfilter: ctnetlink: fix dump of the expect mask attribute
net: hdlc_x25: Prevent racing between "x25_close" and "x25_xmit"/"x25_rx"
net: phylink: Fix phylink_err() function name error in phylink_major_config
tipc: better validate user input in tipc_nl_retrieve_key()
tcp: relookup sock for RST+ACK packets handled by obsolete req sock
can: isotp: isotp_setsockopt(): only allow to set low level TX flags for CAN-FD
can: isotp: TX-path: ensure that CAN frame flags are initialized
can: peak_usb: add forgotten supported devices
can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate
can: kvaser_pciefd: Always disable bus load reporting
can: c_can_pci: c_can_pci_remove(): fix use-after-free
can: c_can: move runtime PM enable/disable to c_can_platform
can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors
mac80211: fix rate mask reset
mac80211: Allow HE operation to be longer than expected.
selftests/net: fix warnings on reuseaddr_ports_exhausted
nfp: flower: fix unsupported pre_tunnel flows
nfp: flower: add ipv6 bit to pre_tunnel control message
nfp: flower: fix pre_tun mask id allocation
ftrace: Fix modify_ftrace_direct.
drm/msm/dsi: fix check-before-set in the 7nm dsi_pll code
ionic: linearize tso skb with too many frags
net/sched: cls_flower: fix only mask bit check in the validate_ct_state
netfilter: nftables: report EOPNOTSUPP on unsupported flowtable flags
netfilter: nftables: allow to update flowtable flags
netfilter: flowtable: Make sure GC works periodically in idle system
libbpf: Fix error path in bpf_object__elf_init()
libbpf: Use SOCK_CLOEXEC when opening the netlink socket
ARM: dts: imx6ull: fix ubi filesystem mount failed
ipv6: weaken the v4mapped source check
octeontx2-af: Formatting debugfs entry rsrc_alloc.
octeontx2-af: Modify default KEX profile to extract TX packet fields
octeontx2-af: Remove TOS field from MKEX TX
octeontx2-af: Fix irq free in rvu teardown
octeontx2-pf: Clear RSS enable flag on interace down
octeontx2-af: fix infinite loop in unmapping NPC counter
net: check all name nodes in __dev_alloc_name
net: cdc-phonet: fix data-interface release on probe failure
igb: check timestamp validity
r8152: limit the RX buffer size of RTL8153A for USB 2.0
net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes
selinux: vsock: Set SID for socket returned by accept()
selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value
libbpf: Fix BTF dump of pointer-to-array-of-struct
bpf: Fix umd memory leak in copy_process()
can: isotp: tx-path: zero initialize outgoing CAN frames
drm/msm: fix shutdown hook in case GPU components failed to bind
drm/msm: Fix suspend/resume on i.MX5
arm64: kdump: update ppos when reading elfcorehdr
PM: runtime: Defer suspending suppliers
net/mlx5: Add back multicast stats for uplink representor
net/mlx5e: Allow to match on MPLS parameters only for MPLS over UDP
net/mlx5e: Offload tuple rewrite for non-CT flows
net/mlx5e: Fix error path for ethtool set-priv-flag
PM: EM: postpone creating the debugfs dir till fs_initcall
net: bridge: don't notify switchdev for local FDB addresses
octeontx2-af: Fix memory leak of object buf
xen/x86: make XEN_BALLOON_MEMORY_HOTPLUG_LIMIT depend on MEMORY_HOTPLUG
RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server
bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs
net: Consolidate common blackhole dst ops
net, bpf: Fix ip6ip6 crash with collect_md populated skbs
igb: avoid premature Rx buffer reuse
net: axienet: Properly handle PCS/PMA PHY for 1000BaseX mode
net: axienet: Fix probe error cleanup
net: phy: introduce phydev->port
net: phy: broadcom: Avoid forward for bcm54xx_config_clock_delay()
net: phy: broadcom: Set proper 1000BaseX/SGMII interface mode for BCM54616S
net: phy: broadcom: Fix RGMII delays for BCM50160 and BCM50610M
Revert "netfilter: x_tables: Switch synchronization to RCU"
netfilter: x_tables: Use correct memory barriers.
dm table: Fix zoned model check and zone sectors check
mm/mmu_notifiers: ensure range_end() is paired with range_start()
Revert "netfilter: x_tables: Update remaining dereference to RCU"
ACPI: scan: Rearrange memory allocation in acpi_device_add()
ACPI: scan: Use unique number for instance_no
perf auxtrace: Fix auxtrace queue conflict
perf synthetic events: Avoid write of uninitialized memory when generating PERF_RECORD_MMAP* records
io_uring: fix provide_buffers sign extension
block: recalculate segment count for multi-segment discards correctly
scsi: Revert "qla2xxx: Make sure that aborted commands are freed"
scsi: qedi: Fix error return code of qedi_alloc_global_queues()
scsi: mpt3sas: Fix error return code of mpt3sas_base_attach()
smb3: fix cached file size problems in duplicate extents (reflink)
cifs: Adjust key sizes and key generation routines for AES256 encryption
locking/mutex: Fix non debug version of mutex_lock_io_nested()
x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc()
mm/memcg: fix 5.10 backport of splitting page memcg
fs/cachefiles: Remove wait_bit_key layout dependency
ch_ktls: fix enum-conversion warning
can: dev: Move device back to init netns on owning netns delete
r8169: fix DMA being used after buffer free if WoL is enabled
net: dsa: b53: VLAN filtering is global to all users
mac80211: fix double free in ibss_leave
ext4: add reclaim checks to xattr code
fs/ext4: fix integer overflow in s_log_groups_per_flex
Revert "xen: fix p2m size in dom0 for disabled memory hotplug case"
Revert "net: bonding: fix error return code of bond_neigh_init()"
nvme: fix the nsid value to print in nvme_validate_or_alloc_ns
can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
xen-blkback: don't leak persistent grants from xen_blkbk_map()
Linux 5.10.27
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7eafe976fd6bf33db6db4adb8ebf2ff087294a23
[ Upstream commit b318e8decf6b9ef1bcf4ca06fae6d6a2cb5d5c5c ]
Fix a plethora of issues with MSR filtering by installing the resulting
filter as an atomic bundle instead of updating the live filter one range
at a time. The KVM_X86_SET_MSR_FILTER ioctl() isn't truly atomic, as
the hardware MSR bitmaps won't be updated until the next VM-Enter, but
the relevant software struct is atomically updated, which is what KVM
really needs.
Similar to the approach used for modifying memslots, make arch.msr_filter
a SRCU-protected pointer, do all the work configuring the new filter
outside of kvm->lock, and then acquire kvm->lock only when the new filter
has been vetted and created. That way vCPU readers either see the old
filter or the new filter in their entirety, not some half-baked state.
Yuan Yao pointed out a use-after-free in ksm_msr_allowed() due to a
TOCTOU bug, but that's just the tip of the iceberg...
- Nothing is __rcu annotated, making it nigh impossible to audit the
code for correctness.
- kvm_add_msr_filter() has an unpaired smp_wmb(). Violation of kernel
coding style aside, the lack of a smb_rmb() anywhere casts all code
into doubt.
- kvm_clear_msr_filter() has a double free TOCTOU bug, as it grabs
count before taking the lock.
- kvm_clear_msr_filter() also has memory leak due to the same TOCTOU bug.
The entire approach of updating the live filter is also flawed. While
installing a new filter is inherently racy if vCPUs are running, fixing
the above issues also makes it trivial to ensure certain behavior is
deterministic, e.g. KVM can provide deterministic behavior for MSRs with
identical settings in the old and new filters. An atomic update of the
filter also prevents KVM from getting into a half-baked state, e.g. if
installing a filter fails, the existing approach would leave the filter
in a half-baked state, having already committed whatever bits of the
filter were already processed.
[*] https://lkml.kernel.org/r/20210312083157.25403-1-yaoyuan0329os@gmail.com
Fixes: 1a155254ff ("KVM: x86: Introduce MSR filtering")
Cc: stable@vger.kernel.org
Cc: Alexander Graf <graf@amazon.com>
Reported-by: Yuan Yao <yaoyuan0329os@gmail.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20210316184436.2544875-2-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 7d717558dd5ef10d28866750d5c24ff892ea3778 upstream.
KVM/arm64 has forever used a 40bit default IPA space, partially
due to its 32bit heritage (where the only choice is 40bit).
However, there are implementations in the wild that have a *cough*
much smaller *cough* IPA space, which leads to a misprogramming of
VTCR_EL2, and a guest that is stuck on its first memory access
if userspace dares to ask for the default IPA setting (which most
VMMs do).
Instead, blundly reject the creation of such VM, as we can't
satisfy the requirements from userspace (with a one-off warning).
Also clarify the boot warning, and document that the VM creation
will fail when an unsupported IPA size is provided.
Although this is an ABI change, it doesn't really change much
for userspace:
- the guest couldn't run before this change, but no error was
returned. At least userspace knows what is happening.
- a memory slot that was accepted because it did fit the default
IPA space now doesn't even get a chance to be registered.
The other thing that is left doing is to convince userspace to
actually use the IPA space setting instead of relying on the
antiquated default.
Fixes: 233a7cb235 ("kvm: arm64: Allow tuning the physical address size for VM")
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Link: https://lore.kernel.org/r/20210311100016.3830038-2-maz@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
KVM/arm64 has forever used a 40bit default IPA space, partially
due to its 32bit heritage (where the only choice is 40bit).
However, there are implementations in the wild that have a *cough*
much smaller *cough* IPA space, which leads to a misprogramming of
VTCR_EL2, and a guest that is stuck on its first memory access
if userspace dares to ask for the default IPA setting (which most
VMMs do).
Instead, blundly reject the creation of such VM, as we can't
satisfy the requirements from userspace (with a one-off warning).
Also clarify the boot warning, and document that the VM creation
will fail when an unsupported IPA size is provided.
Although this is an ABI change, it doesn't really change much
for userspace:
- the guest couldn't run before this change, but no error was
returned. At least userspace knows what is happening.
- a memory slot that was accepted because it did fit the default
IPA space now doesn't even get a chance to be registered.
The other thing that is left doing is to convince userspace to
actually use the IPA space setting instead of relying on the
antiquated default.
Fixes: 233a7cb235 ("kvm: arm64: Allow tuning the physical address size for VM")
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Link: https://lore.kernel.org/r/20210311100016.3830038-2-maz@kernel.org
(cherry picked from commit 7d717558dd5ef10d28866750d5c24ff892ea3778)
Signed-off-by: Will Deacon <willdeacon@google.com>
Bug: 178098380
Test: atest VirtualizationHostTestCases on an EL2-enabled device
Change-Id: I36332fbe5606affd151976a6354f3e9c45fc214a
Changes in 5.10.13
iwlwifi: provide gso_type to GSO packets
nbd: freeze the queue while we're adding connections
tty: avoid using vfs_iocb_iter_write() for redirected console writes
ACPI: sysfs: Prefer "compatible" modalias
ACPI: thermal: Do not call acpi_thermal_check() directly
kernel: kexec: remove the lock operation of system_transition_mutex
ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256
ALSA: hda/via: Apply the workaround generically for Clevo machines
parisc: Enable -mlong-calls gcc option by default when !CONFIG_MODULES
media: cec: add stm32 driver
media: cedrus: Fix H264 decoding
media: hantro: Fix reset_raw_fmt initialization
media: rc: fix timeout handling after switch to microsecond durations
media: rc: ite-cir: fix min_timeout calculation
media: rc: ensure that uevent can be read directly after rc device register
ARM: dts: tbs2910: rename MMC node aliases
ARM: dts: ux500: Reserve memory carveouts
ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
x86/xen: avoid warning in Xen pv guest with CONFIG_AMD_MEM_ENCRYPT enabled
ASoC: AMD Renoir - refine DMI entries for some Lenovo products
Revert "drm/amdgpu/swsmu: drop set_fan_speed_percent (v2)"
drm/nouveau/kms/gk104-gp1xx: Fix > 64x64 cursors
drm/i915: Always flush the active worker before returning from the wait
drm/i915/gt: Always try to reserve GGTT address 0x0
drivers/nouveau/kms/nv50-: Reject format modifiers for cursor planes
bcache: only check feature sets when sb->version >= BCACHE_SB_VERSION_CDEV_WITH_FEATURES
net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
s390: uv: Fix sysfs max number of VCPUs reporting
s390/vfio-ap: No need to disable IRQ after queue reset
PM: hibernate: flush swap writer after marking
x86/entry: Emit a symbol for register restoring thunk
efi/apple-properties: Reinstate support for boolean properties
crypto: marvel/cesa - Fix tdma descriptor on 64-bit
drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
btrfs: fix lockdep warning due to seqcount_mutex on 32bit arch
btrfs: fix possible free space tree corruption with online conversion
KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[]
KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh()
KVM: arm64: Filter out v8.1+ events on v8.0 HW
KVM: nSVM: cancel KVM_REQ_GET_NESTED_STATE_PAGES on nested vmexit
KVM: x86: allow KVM_REQ_GET_NESTED_STATE_PAGES outside guest mode for VMX
KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
KVM: x86: get smi pending status correctly
KVM: Forbid the use of tagged userspace addresses for memslots
io_uring: fix wqe->lock/completion_lock deadlock
xen: Fix XenStore initialisation for XS_LOCAL
leds: trigger: fix potential deadlock with libata
arm64: dts: broadcom: Fix USB DMA address translation for Stingray
mt7601u: fix kernel crash unplugging the device
mt76: mt7663s: fix rx buffer refcounting
mt7601u: fix rx buffer refcounting
iwlwifi: Fix IWL_SUBDEVICE_NO_160 macro to use the correct bit.
drm/i915/gt: Clear CACHE_MODE prior to clearing residuals
drm/i915/pmu: Don't grab wakeref when enabling events
net/mlx5e: Fix IPSEC stats
ARM: dts: imx6qdl-kontron-samx6i: fix pwms for lcd-backlight
drm/nouveau/svm: fail NOUVEAU_SVM_INIT ioctl on unsupported devices
drm/vc4: Correct lbm size and calculation
drm/vc4: Correct POS1_SCL for hvs5
drm/nouveau/dispnv50: Restore pushing of all data.
drm/i915: Check for all subplatform bits
drm/i915/selftest: Fix potential memory leak
uapi: fix big endian definition of ipv6_rpl_sr_hdr
KVM: Documentation: Fix spec for KVM_CAP_ENABLE_CAP_VM
tee: optee: replace might_sleep with cond_resched
xen-blkfront: allow discard-* nodes to be optional
blk-mq: test QUEUE_FLAG_HCTX_ACTIVE for sbitmap_shared in hctx_may_queue
clk: imx: fix Kconfig warning for i.MX SCU clk
clk: mmp2: fix build without CONFIG_PM
clk: qcom: gcc-sm250: Use floor ops for sdcc clks
ARM: imx: build suspend-imx6.S with arm instruction set
ARM: zImage: atags_to_fdt: Fix node names on added root nodes
netfilter: nft_dynset: add timeout extension to template
Revert "RDMA/mlx5: Fix devlink deadlock on net namespace deletion"
Revert "block: simplify set_init_blocksize" to regain lost performance
xfrm: Fix oops in xfrm_replay_advance_bmp
xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
selftests: xfrm: fix test return value override issue in xfrm_policy.sh
xfrm: Fix wraparound in xfrm_policy_addr_delta()
arm64: dts: ls1028a: fix the offset of the reset register
ARM: imx: fix imx8m dependencies
ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
ARM: dts: imx6qdl-sr-som: fix some cubox-i platforms
arm64: dts: imx8mp: Correct the gpio ranges of gpio3
firmware: imx: select SOC_BUS to fix firmware build
RDMA/cxgb4: Fix the reported max_recv_sge value
ASoC: dt-bindings: lpass: Fix and common up lpass dai ids
ASoC: qcom: Fix incorrect volatile registers
ASoC: qcom: Fix broken support to MI2S TERTIARY and QUATERNARY
ASoC: qcom: lpass-ipq806x: fix bitwidth regmap field
spi: altera: Fix memory leak on error path
ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete
powerpc/64s: prevent recursive replay_soft_interrupts causing superfluous interrupt
pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
pNFS/NFSv4: Update the layout barrier when we schedule a layoutreturn
ASoC: SOF: Intel: soundwire: fix select/depend unmet dependencies
ASoC: qcom: lpass: Fix out-of-bounds DAI ID lookup
iwlwifi: pcie: avoid potential PNVM leaks
iwlwifi: pnvm: don't skip everything when not reloading
iwlwifi: pnvm: don't try to load after failures
iwlwifi: pcie: set LTR on more devices
iwlwifi: pcie: use jiffies for memory read spin time limit
iwlwifi: pcie: reschedule in long-running memory reads
mac80211: pause TX while changing interface type
ice: fix FDir IPv6 flexbyte
ice: Implement flow for IPv6 next header (extension header)
ice: update dev_addr in ice_set_mac_address even if HW filter exists
ice: Don't allow more channels than LAN MSI-X available
ice: Fix MSI-X vector fallback logic
i40e: acquire VSI pointer only after VF is initialized
igc: fix link speed advertising
net/mlx5: Fix memory leak on flow table creation error flow
net/mlx5e: E-switch, Fix rate calculation for overflow
net/mlx5e: free page before return
net/mlx5e: Reduce tc unsupported key print level
net/mlx5: Maintain separate page trees for ECPF and PF functions
net/mlx5e: Disable hw-tc-offload when MLX5_CLS_ACT config is disabled
net/mlx5e: Fix CT rule + encap slow path offload and deletion
net/mlx5e: Correctly handle changing the number of queues when the interface is down
net/mlx5e: Revert parameters on errors when changing trust state without reset
net/mlx5e: Revert parameters on errors when changing MTU and LRO state without reset
net/mlx5: CT: Fix incorrect removal of tuple_nat_node from nat rhashtable
can: dev: prevent potential information leak in can_fill_info()
ACPI/IORT: Do not blindly trust DMA masks from firmware
of/device: Update dma_range_map only when dev has valid dma-ranges
iommu/amd: Use IVHD EFR for early initialization of IOMMU features
iommu/vt-d: Correctly check addr alignment in qi_flush_dev_iotlb_pasid()
nvme-multipath: Early exit if no path is available
selftests: forwarding: Specify interface when invoking mausezahn
rxrpc: Fix memory leak in rxrpc_lookup_local
NFC: fix resource leak when target index is invalid
NFC: fix possible resource leak
ASoC: mediatek: mt8183-da7219: ignore TDM DAI link by default
ASoC: mediatek: mt8183-mt6358: ignore TDM DAI link by default
ASoC: topology: Properly unregister DAI on removal
ASoC: topology: Fix memory corruption in soc_tplg_denum_create_values()
scsi: qla2xxx: Fix description for parameter ql2xenforce_iocb_limit
team: protect features update by RCU to avoid deadlock
tcp: make TCP_USER_TIMEOUT accurate for zero window probes
tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
vsock: fix the race conditions in multi-transport support
Linux 5.10.13
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I75f419b25f24da559e446d62f75ce6bb9b0a5396
commit a10f373ad3c760dd40b41e2f69a800ee7b8da15e upstream.
The documentation classifies KVM_ENABLE_CAP with KVM_CAP_ENABLE_CAP_VM
as a vcpu ioctl, which is incorrect. Fix it by specifying it as a VM
ioctl.
Fixes: e5d83c74a5 ("kvm: make KVM_CAP_ENABLE_CAP_VM architecture agnostic")
Signed-off-by: Quentin Perret <qperret@google.com>
Message-Id: <20210108165349.747359-1-qperret@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 139bc8a6146d92822c866cf2fd410159c56b3648 upstream.
The use of a tagged address could be pretty confusing for the
whole memslot infrastructure as well as the MMU notifiers.
Forbid it altogether, as it never quite worked the first place.
Cc: stable@vger.kernel.org
Reported-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The use of a tagged address could be pretty confusing for the
whole memslot infrastructure as well as the MMU notifiers.
Forbid it altogether, as it never quite worked the first place.
Cc: stable@vger.kernel.org
Reported-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
(cherry picked from commit 139bc8a6146d92822c866cf2fd410159c56b3648
git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fixes)
Signed-off-by: Will Deacon <willdeacon@google.com>
Change-Id: I5a04c24948e1fc78c4d34cca514f348a0e7d9bc3
Bug: 178098380
Test: atest VirtualizationHostTestCases on an EL2-enabled device
The API documentation states that general error codes are not detailed, but
errors with specific meanings are. On arm64, KVM_RUN can return error
numbers with a different meaning than what is described by POSIX or the C99
standard (as taken from man 3 errno).
Absent from the newly documented error codes is ERANGE which can be
returned when making a change to the EL2 stage 1 tables if the address is
larger than the largest supported input address. Assuming no bugs in the
implementation, that is not possible because the input addresses which are
mapped are the result of applying the macro kern_hyp_va() on kernel virtual
addresses.
CC: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexandru Elisei <alexandru.elisei@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20201201150157.223625-2-alexandru.elisei@arm.com
(cherry picked from commit 3557ae187c32203d1bb8b48ee1e2e7bdb23d98d5)
Signed-off-by: Will Deacon <willdeacon@google.com>
Change-Id: I895cb9efefde65ffdab3c89ea69ae6bba606dc1e
Bug: 178098380
Test: atest VirtualizationHostTestCases on an EL2-enabled device
Commit cae7ed3c2c ("KVM: x86: Refactor the MMIO SPTE generation handling")
cleaned up the computation of MMIO generation SPTE masks, however it
introduced a bug how the upper part was encoded:
SPTE bits 52-61 were supposed to contain bits 10-19 of the current
generation number, however a missing shift encoded bits 1-10 there instead
(mostly duplicating the lower part of the encoded generation number that
then consisted of bits 1-9).
In the meantime, the upper part was shrunk by one bit and moved by
subsequent commits to become an upper half of the encoded generation number
(bits 9-17 of bits 0-17 encoded in a SPTE).
In addition to the above, commit 56871d444b ("KVM: x86: fix overlap between SPTE_MMIO_MASK and generation")
has changed the SPTE bit range assigned to encode the generation number and
the total number of bits encoded but did not update them in the comment
attached to their defines, nor in the KVM MMU doc.
Let's do it here, too, since it is too trivial thing to warrant a separate
commit.
Fixes: cae7ed3c2c ("KVM: x86: Refactor the MMIO SPTE generation handling")
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Message-Id: <156700708db2a5296c5ed7a8b9ac71f1e9765c85.1607129096.git.maciej.szmigiero@oracle.com>
Cc: stable@vger.kernel.org
[Reorganize macros so that everything is computed from the bit ranges. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pull KVM updates from Paolo Bonzini:
"For x86, there is a new alternative and (in the future) more scalable
implementation of extended page tables that does not need a reverse
map from guest physical addresses to host physical addresses.
For now it is disabled by default because it is still lacking a few of
the existing MMU's bells and whistles. However it is a very solid
piece of work and it is already available for people to hammer on it.
Other updates:
ARM:
- New page table code for both hypervisor and guest stage-2
- Introduction of a new EL2-private host context
- Allow EL2 to have its own private per-CPU variables
- Support of PMU event filtering
- Complete rework of the Spectre mitigation
PPC:
- Fix for running nested guests with in-kernel IRQ chip
- Fix race condition causing occasional host hard lockup
- Minor cleanups and bugfixes
x86:
- allow trapping unknown MSRs to userspace
- allow userspace to force #GP on specific MSRs
- INVPCID support on AMD
- nested AMD cleanup, on demand allocation of nested SVM state
- hide PV MSRs and hypercalls for features not enabled in CPUID
- new test for MSR_IA32_TSC writes from host and guest
- cleanups: MMU, CPUID, shared MSRs
- LAPIC latency optimizations ad bugfixes"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (232 commits)
kvm: x86/mmu: NX largepage recovery for TDP MMU
kvm: x86/mmu: Don't clear write flooding count for direct roots
kvm: x86/mmu: Support MMIO in the TDP MMU
kvm: x86/mmu: Support write protection for nesting in tdp MMU
kvm: x86/mmu: Support disabling dirty logging for the tdp MMU
kvm: x86/mmu: Support dirty logging for the TDP MMU
kvm: x86/mmu: Support changed pte notifier in tdp MMU
kvm: x86/mmu: Add access tracking for tdp_mmu
kvm: x86/mmu: Support invalidate range MMU notifier for TDP MMU
kvm: x86/mmu: Allocate struct kvm_mmu_pages for all pages in TDP MMU
kvm: x86/mmu: Add TDP MMU PF handler
kvm: x86/mmu: Remove disallowed_hugepage_adjust shadow_walk_iterator arg
kvm: x86/mmu: Support zapping SPTEs in the TDP MMU
KVM: Cache as_id in kvm_memory_slot
kvm: x86/mmu: Add functions to handle changed TDP SPTEs
kvm: x86/mmu: Allocate and free TDP MMU roots
kvm: x86/mmu: Init / Uninit the TDP MMU
kvm: x86/mmu: Introduce tdp_iter
KVM: mmu: extract spte.h and spte.c
KVM: mmu: Separate updating a PTE from kvm_set_pte_rmapp
...
KVM unconditionally provides PV features to the guest, regardless of the
configured CPUID. An unwitting guest that doesn't check
KVM_CPUID_FEATURES before use could access paravirt features that
userspace did not intend to provide. Fix this by checking the guest's
CPUID before performing any paravirtual operations.
Introduce a capability, KVM_CAP_ENFORCE_PV_FEATURE_CPUID, to gate the
aforementioned enforcement. Migrating a VM from a host w/o this patch to
a host with this patch could silently change the ABI exposed to the
guest, warranting that we default to the old behavior and opt-in for
the new one.
Reviewed-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Signed-off-by: Oliver Upton <oupton@google.com>
Change-Id: I202a0926f65035b872bfe8ad15307c026de59a98
Message-Id: <20200818152429.1923996-4-oupton@google.com>
Reviewed-by: Wanpeng Li <wanpengli@tencent.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Allowing userspace to intercept reads to x2APIC MSRs when APICV is
fully enabled for the guest simply can't work. But more in general,
the LAPIC could be set to in-kernel after the MSR filter is setup
and allowing accesses by userspace would be very confusing.
We could in principle allow userspace to intercept reads and writes to TPR,
and writes to EOI and SELF_IPI, but while that could be made it work, it
would still be silly.
Cc: Alexander Graf <graf@amazon.com>
Cc: Aaron Lewis <aaronlewis@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Rework the resetting of the MSR bitmap for x2APIC MSRs to ignore userspace
filtering. Allowing userspace to intercept reads to x2APIC MSRs when
APICV is fully enabled for the guest simply can't work; the LAPIC and thus
virtual APIC is in-kernel and cannot be directly accessed by userspace.
To keep things simple we will in fact forbid intercepting x2APIC MSRs
altogether, independent of the default_allow setting.
Cc: Alexander Graf <graf@amazon.com>
Cc: Aaron Lewis <aaronlewis@google.com>
Cc: Peter Xu <peterx@redhat.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20201005195532.8674-3-sean.j.christopherson@intel.com>
[Modified to operate even if APICv is disabled, adjust documentation. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
KVM/arm64 updates for Linux 5.10
- New page table code for both hypervisor and guest stage-2
- Introduction of a new EL2-private host context
- Allow EL2 to have its own private per-CPU variables
- Support of PMU event filtering
- Complete rework of the Spectre mitigation
Pull documentation updates from Mauro Carvalho Chehab:
"A series of patches addressing warnings produced by make htmldocs.
This includes:
- kernel-doc markup fixes
- ReST fixes
- Updates at the build system in order to support newer versions of
the docs build toolchain (Sphinx)
After this series, the number of html build warnings should reduce
significantly, and building with Sphinx 3.1 or later should now be
supported (although it is still recommended to use Sphinx 2.4.4).
As agreed with Jon, I should be sending you a late pull request by the
end of the merge window addressing remaining issues with docs build,
as there are a number of warning fixes that depends on pull requests
that should be happening along the merge window.
The end goal is to have a clean htmldocs build on Kernel 5.10.
PS. It should be noticed that Sphinx 3.0 is not currently supported,
as it lacks support for C domain namespaces. Such feature, needed in
order to document uAPI system calls with Sphinx 3.x, was added only on
Sphinx 3.1"
* tag 'docs/v5.10-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (75 commits)
PM / devfreq: remove a duplicated kernel-doc markup
mm/doc: fix a literal block markup
workqueue: fix a kernel-doc warning
docs: virt: user_mode_linux_howto_v2.rst: fix a literal block markup
Input: sparse-keymap: add a description for @sw
rcu/tree: docs: document bkvcache new members at struct kfree_rcu_cpu
nl80211: docs: add a description for s1g_cap parameter
usb: docs: document altmode register/unregister functions
kunit: test.h: fix a bad kernel-doc markup
drivers: core: fix kernel-doc markup for dev_err_probe()
docs: bio: fix a kerneldoc markup
kunit: test.h: solve kernel-doc warnings
block: bio: fix a warning at the kernel-doc markups
docs: powerpc: syscall64-abi.rst: fix a malformed table
drivers: net: hamradio: fix document location
net: appletalk: Kconfig: Fix docs location
dt-bindings: fix references to files converted to yaml
memblock: get rid of a :c:type leftover
math64.h: kernel-docs: Convert some markups into normal comments
media: uAPI: buffer.rst: remove a left-over documentation
...
There's a missing new line for a literal block:
.../Documentation/virt/uml/user_mode_linux_howto_v2.rst:682: WARNING: Unexpected indentation.
Fixes: 04301bf5b0 ("docs: replace the old User Mode Linux HowTo with a new one")
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Pull char/misc driver updates from Greg KH:
"Here is the big set of char, misc, and other assorted driver subsystem
patches for 5.10-rc1.
There's a lot of different things in here, all over the drivers/
directory. Some summaries:
- soundwire driver updates
- habanalabs driver updates
- extcon driver updates
- nitro_enclaves new driver
- fsl-mc driver and core updates
- mhi core and bus updates
- nvmem driver updates
- eeprom driver updates
- binder driver updates and fixes
- vbox minor bugfixes
- fsi driver updates
- w1 driver updates
- coresight driver updates
- interconnect driver updates
- misc driver updates
- other minor driver updates
All of these have been in linux-next for a while with no reported
issues"
* tag 'char-misc-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (396 commits)
binder: fix UAF when releasing todo list
docs: w1: w1_therm: Fix broken xref, mistakes, clarify text
misc: Kconfig: fix a HISI_HIKEY_USB dependency
LSM: Fix type of id parameter in kernel_post_load_data prototype
misc: Kconfig: add a new dependency for HISI_HIKEY_USB
firmware_loader: fix a kernel-doc markup
w1: w1_therm: make w1_poll_completion static
binder: simplify the return expression of binder_mmap
test_firmware: Test partial read support
firmware: Add request_partial_firmware_into_buf()
firmware: Store opt_flags in fw_priv
fs/kernel_file_read: Add "offset" arg for partial reads
IMA: Add support for file reads without contents
LSM: Add "contents" flag to kernel_read_file hook
module: Call security_kernel_post_load_data()
firmware_loader: Use security_post_load_data()
LSM: Introduce kernel_post_load_data() hook
fs/kernel_read_file: Add file_size output argument
fs/kernel_read_file: Switch buffer size arg to size_t
fs/kernel_read_file: Remove redundant size argument
...
Pull documentation updates from Jonathan Corbet:
"As hoped, things calmed down for docs this cycle; fewer changes and
almost no conflicts at all. This includes:
- A reworked and expanded user-mode Linux document
- Some simplifications and improvements for submitting-patches.rst
- An emergency fix for (some) problems with Sphinx 3.x
- Some welcome automarkup improvements to automatically generate
cross-references to struct definitions and other documents
- The usual collection of translation updates, typo fixes, etc"
* tag 'docs-5.10' of git://git.lwn.net/linux: (81 commits)
gpiolib: Update indentation in driver.rst for code excerpts
Documentation/admin-guide: tainted-kernels: Fix typo occured
Documentation: better locations for sysfs-pci, sysfs-tagging
docs: programming-languages: refresh blurb on clang support
Documentation: kvm: fix a typo
Documentation: Chinese translation of Documentation/arm64/amu.rst
doc: zh_CN: index files in arm64 subdirectory
mailmap: add entry for <mstarovoitov@marvell.com>
doc: seq_file: clarify role of *pos in ->next()
docs: trace: ring-buffer-design.rst: use the new SPDX tag
Documentation: kernel-parameters: clarify "module." parameters
Fix references to nommu-mmap.rst
docs: rewrite admin-guide/sysctl/abi.rst
docs: fb: Remove vesafb scrollback boot option
docs: fb: Remove sstfb scrollback boot option
docs: fb: Remove matroxfb scrollback boot option
docs: fb: Remove framebuffer scrollback boot option
docs: replace the old User Mode Linux HowTo with a new one
Documentation/admin-guide: blockdev/ramdisk: remove use of "rdev"
Documentation/admin-guide: README & svga: remove use of "rdev"
...
Pull arm64 updates from Will Deacon:
"There's quite a lot of code here, but much of it is due to the
addition of a new PMU driver as well as some arm64-specific selftests
which is an area where we've traditionally been lagging a bit.
In terms of exciting features, this includes support for the Memory
Tagging Extension which narrowly missed 5.9, hopefully allowing
userspace to run with use-after-free detection in production on CPUs
that support it. Work is ongoing to integrate the feature with KASAN
for 5.11.
Another change that I'm excited about (assuming they get the hardware
right) is preparing the ASID allocator for sharing the CPU page-table
with the SMMU. Those changes will also come in via Joerg with the
IOMMU pull.
We do stray outside of our usual directories in a few places, mostly
due to core changes required by MTE. Although much of this has been
Acked, there were a couple of places where we unfortunately didn't get
any review feedback.
Other than that, we ran into a handful of minor conflicts in -next,
but nothing that should post any issues.
Summary:
- Userspace support for the Memory Tagging Extension introduced by
Armv8.5. Kernel support (via KASAN) is likely to follow in 5.11.
- Selftests for MTE, Pointer Authentication and FPSIMD/SVE context
switching.
- Fix and subsequent rewrite of our Spectre mitigations, including
the addition of support for PR_SPEC_DISABLE_NOEXEC.
- Support for the Armv8.3 Pointer Authentication enhancements.
- Support for ASID pinning, which is required when sharing
page-tables with the SMMU.
- MM updates, including treating flush_tlb_fix_spurious_fault() as a
no-op.
- Perf/PMU driver updates, including addition of the ARM CMN PMU
driver and also support to handle CPU PMU IRQs as NMIs.
- Allow prefetchable PCI BARs to be exposed to userspace using normal
non-cacheable mappings.
- Implementation of ARCH_STACKWALK for unwinding.
- Improve reporting of unexpected kernel traps due to BPF JIT
failure.
- Improve robustness of user-visible HWCAP strings and their
corresponding numerical constants.
- Removal of TEXT_OFFSET.
- Removal of some unused functions, parameters and prototypes.
- Removal of MPIDR-based topology detection in favour of firmware
description.
- Cleanups to handling of SVE and FPSIMD register state in
preparation for potential future optimisation of handling across
syscalls.
- Cleanups to the SDEI driver in preparation for support in KVM.
- Miscellaneous cleanups and refactoring work"
* tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (148 commits)
Revert "arm64: initialize per-cpu offsets earlier"
arm64: random: Remove no longer needed prototypes
arm64: initialize per-cpu offsets earlier
kselftest/arm64: Check mte tagged user address in kernel
kselftest/arm64: Verify KSM page merge for MTE pages
kselftest/arm64: Verify all different mmap MTE options
kselftest/arm64: Check forked child mte memory accessibility
kselftest/arm64: Verify mte tag inclusion via prctl
kselftest/arm64: Add utilities and a test to validate mte memory
perf: arm-cmn: Fix conversion specifiers for node type
perf: arm-cmn: Fix unsigned comparison to less than zero
arm64: dbm: Invalidate local TLB when setting TCR_EL1.HD
arm64: mm: Make flush_tlb_fix_spurious_fault() a no-op
arm64: Add support for PR_SPEC_DISABLE_NOEXEC prctl() option
arm64: Pull in task_stack_page() to Spectre-v4 mitigation code
KVM: arm64: Allow patching EL2 vectors even with KASLR is not enabled
arm64: Get rid of arm64_ssbd_state
KVM: arm64: Convert ARCH_WORKAROUND_2 to arm64_get_spectre_v4_state()
KVM: arm64: Get rid of kvm_arm_have_ssbd()
KVM: arm64: Simplify handling of ARCH_WORKAROUND_2
...
As warned with make htmldocs:
.../Documentation/virt/kvm/devices/vcpu.rst:70: WARNING: Malformed table.
Text in column margin in table line 2.
======= ======================================================
-ENODEV: PMUv3 not supported or GIC not initialized
-ENXIO: PMUv3 not properly configured or in-kernel irqchip not
configured as required prior to calling this attribute
-EBUSY: PMUv3 already initialized
-EINVAL: Invalid filter range
======= ======================================================
The ':' character for two lines are above the size of the column.
Besides that, other tables at the file doesn't use ':', so
just drop them.
While here, also fix this warning also introduced at the same patch:
.../Documentation/virt/kvm/devices/vcpu.rst:88: WARNING: Block quote ends without a blank line; unexpected unindent.
By marking the C code as a literal block.
Fixes: 8be86a5eec ("KVM: arm64: Document PMU filtering API")
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Link: https://lore.kernel.org/r/b5385dd0213f1f070667925bf7a807bf5270ba78.1601616399.git.mchehab+huawei@kernel.org
KVM_ARM_VCPU_PMU_V3_IRQ returns -EFAULT if get_user() fails when reading
the interrupt number from kvm_device_attr.addr.
KVM_ARM_VCPU_PMU_V3_INIT returns the error value from kvm_vgic_set_owner().
kvm_arm_pmu_v3_init() checks that the vgic has been initialized and the
interrupt number is valid, but kvm_vgic_set_owner() can still return the
error code -EEXIST if another device has already claimed the interrupt.
Signed-off-by: Alexandru Elisei <alexandru.elisei@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Link: https://lore.kernel.org/r/20200924123731.268177-2-alexandru.elisei@arm.com
Add a small blurb describing how the event filtering API gets used.
Reviewed-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
It's not desireable to have all MSRs always handled by KVM kernel space. Some
MSRs would be useful to handle in user space to either emulate behavior (like
uCode updates) or differentiate whether they are valid based on the CPU model.
To allow user space to specify which MSRs it wants to see handled by KVM,
this patch introduces a new ioctl to push filter rules with bitmaps into
KVM. Based on these bitmaps, KVM can then decide whether to reject MSR access.
With the addition of KVM_CAP_X86_USER_SPACE_MSR it can also deflect the
denied MSR events to user space to operate on.
If no filter is populated, MSR handling stays identical to before.
Signed-off-by: Alexander Graf <graf@amazon.com>
Message-Id: <20200925143422.21718-8-graf@amazon.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
MSRs are weird. Some of them are normal control registers, such as EFER.
Some however are registers that really are model specific, not very
interesting to virtualization workloads, and not performance critical.
Others again are really just windows into package configuration.
Out of these MSRs, only the first category is necessary to implement in
kernel space. Rarely accessed MSRs, MSRs that should be fine tunes against
certain CPU models and MSRs that contain information on the package level
are much better suited for user space to process. However, over time we have
accumulated a lot of MSRs that are not the first category, but still handled
by in-kernel KVM code.
This patch adds a generic interface to handle WRMSR and RDMSR from user
space. With this, any future MSR that is part of the latter categories can
be handled in user space.
Furthermore, it allows us to replace the existing "ignore_msrs" logic with
something that applies per-VM rather than on the full system. That way you
can run productive VMs in parallel to experimental ones where you don't care
about proper MSR handling.
Signed-off-by: Alexander Graf <graf@amazon.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Message-Id: <20200925143422.21718-3-graf@amazon.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
We forgot to update KVM_GET_SUPPORTED_HV_CPUID's documentation in api.rst
when SynDBG leaves were added.
While on it, fix 'KVM_GET_SUPPORTED_CPUID' copy-paste error.
Fixes: f97f5a56f5 ("x86/kvm/hyper-v: Add support for synthetic debugger interface")
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20200924145757.1035782-2-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Add documentation on the overview of Nitro Enclaves. Include it in the
virtualization specific directory.
Changelog
v9 -> v10
* Update commit message to include the changelog before the SoB tag(s).
v8 -> v9
* Move the Nitro Enclaves documentation to the "virt" directory and add
an entry for it in the corresponding index file.
v7 -> v8
* Add info about the primary / parent VM CID value.
* Update reference link for huge pages.
* Add reference link for the x86 boot protocol.
* Add license mention and update doc title / chapter formatting.
v6 -> v7
* No changes.
v5 -> v6
* No changes.
v4 -> v5
* No changes.
v3 -> v4
* Update doc type from .txt to .rst.
* Update documentation based on the changes from v4.
v2 -> v3
* No changes.
v1 -> v2
* New in v2.
Reviewed-by: Alexander Graf <graf@amazon.com>
Signed-off-by: Andra Paraschiv <andraprs@amazon.com>
Link: https://lore.kernel.org/r/20200921121732.44291-18-andraprs@amazon.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
There are some warnings:
Documentation/virt/kvm/api.rst:4354: WARNING: Definition list ends without a blank line; unexpected unindent.
Documentation/virt/kvm/api.rst:4358: WARNING: Definition list ends without a blank line; unexpected unindent.
Documentation/virt/kvm/api.rst:4363: WARNING: Definition list ends without a blank line; unexpected unindent.
Produced by the lack of identation on a single line. That
caused the literal block to end prematurely.
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Link: https://lore.kernel.org/r/b6b3679b6c2329dc9b16d397c289b5ade0184c63.1599660067.git.mchehab+huawei@kernel.org
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
The actual symbol that is exported and usable is
'KVM_MEMORY_ENCRYPT_OP', not 'KVM_MEM_ENCRYPT_OP'
$ git grep -l KVM_MEM_ENCRYPT_OP
Documentation/virt/kvm/amd-memory-encryption.rst
$ git grep -l KVM_MEMORY_ENCRYPT_OP
Documentation/virt/kvm/api.rst
arch/x86/kvm/x86.c
include/uapi/linux/kvm.h
tools/include/uapi/linux/kvm.h
While we're in there, update the KVM API category for
KVM_MEMORY_ENCRYPT_OP. It is called on a VM file descriptor.
Signed-off-by: Connor Kuehl <ckuehl@redhat.com>
Link: https://lore.kernel.org/r/20200819211952.251984-1-ckuehl@redhat.com
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
arm64 requires a vcpu fd (KVM_HAS_DEVICE_ATTR vcpu ioctl) to probe
support for steal-time. However this is unnecessary, as only a KVM
fd is required, and it complicates userspace (userspace may prefer
delaying vcpu creation until after feature probing). Introduce a cap
that can be checked instead. While x86 can already probe steal-time
support with a kvm fd (KVM_GET_SUPPORTED_CPUID), we add the cap there
too for consistency.
Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Reviewed-by: Steven Price <steven.price@arm.com>
Link: https://lore.kernel.org/r/20200804170604.42662-7-drjones@redhat.com
Pull powerpc updates from Michael Ellerman:
- Add support for (optionally) using queued spinlocks & rwlocks.
- Support for a new faster system call ABI using the scv instruction on
Power9 or later.
- Drop support for the PROT_SAO mmap/mprotect flag as it will be
unsupported on Power10 and future processors, leaving us with no way
to implement the functionality it requests. This risks breaking
userspace, though we believe it is unused in practice.
- A bug fix for, and then the removal of, our custom stack expansion
checking. We now allow stack expansion up to the rlimit, like other
architectures.
- Remove the remnants of our (previously disabled) topology update
code, which tried to react to NUMA layout changes on virtualised
systems, but was prone to crashes and other problems.
- Add PMU support for Power10 CPUs.
- A change to our signal trampoline so that we don't unbalance the link
stack (branch return predictor) in the signal delivery path.
- Lots of other cleanups, refactorings, smaller features and so on as
usual.
Thanks to: Abhishek Goel, Alastair D'Silva, Alexander A. Klimov, Alexey
Kardashevskiy, Alistair Popple, Andrew Donnellan, Aneesh Kumar K.V, Anju
T Sudhakar, Anton Blanchard, Arnd Bergmann, Athira Rajeev, Balamuruhan
S, Bharata B Rao, Bill Wendling, Bin Meng, Cédric Le Goater, Chris
Packham, Christophe Leroy, Christoph Hellwig, Daniel Axtens, Dan
Williams, David Lamparter, Desnes A. Nunes do Rosario, Erhard F., Finn
Thain, Frederic Barrat, Ganesh Goudar, Gautham R. Shenoy, Geoff Levand,
Greg Kurz, Gustavo A. R. Silva, Hari Bathini, Harish, Imre Kaloz, Joel
Stanley, Joe Perches, John Crispin, Jordan Niethe, Kajol Jain, Kamalesh
Babulal, Kees Cook, Laurent Dufour, Leonardo Bras, Li RongQing, Madhavan
Srinivasan, Mahesh Salgaonkar, Mark Cave-Ayland, Michal Suchanek, Milton
Miller, Mimi Zohar, Murilo Opsfelder Araujo, Nathan Chancellor, Nathan
Lynch, Naveen N. Rao, Nayna Jain, Nicholas Piggin, Oliver O'Halloran,
Palmer Dabbelt, Pedro Miraglia Franco de Carvalho, Philippe Bergheaud,
Pingfan Liu, Pratik Rajesh Sampat, Qian Cai, Qinglang Miao, Randy
Dunlap, Ravi Bangoria, Sachin Sant, Sam Bobroff, Sandipan Das, Santosh
Sivaraj, Satheesh Rajendran, Shirisha Ganta, Sourabh Jain, Srikar
Dronamraju, Stan Johnson, Stephen Rothwell, Thadeu Lima de Souza
Cascardo, Thiago Jung Bauermann, Tom Lane, Vaibhav Jain, Vladis Dronov,
Wei Yongjun, Wen Xiong, YueHaibing.
* tag 'powerpc-5.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: (337 commits)
selftests/powerpc: Fix pkey syscall redefinitions
powerpc: Fix circular dependency between percpu.h and mmu.h
powerpc/powernv/sriov: Fix use of uninitialised variable
selftests/powerpc: Skip vmx/vsx/tar/etc tests on older CPUs
powerpc/40x: Fix assembler warning about r0
powerpc/papr_scm: Add support for fetching nvdimm 'fuel-gauge' metric
powerpc/papr_scm: Fetch nvdimm performance stats from PHYP
cpuidle: pseries: Fixup exit latency for CEDE(0)
cpuidle: pseries: Add function to parse extended CEDE records
cpuidle: pseries: Set the latency-hint before entering CEDE
selftests/powerpc: Fix online CPU selection
powerpc/perf: Consolidate perf_callchain_user_[64|32]()
powerpc/pseries/hotplug-cpu: Remove double free in error path
powerpc/pseries/mobility: Add pr_debug() for device tree changes
powerpc/pseries/mobility: Set pr_fmt()
powerpc/cacheinfo: Warn if cache object chain becomes unordered
powerpc/cacheinfo: Improve diagnostics about malformed cache lists
powerpc/cacheinfo: Use name@unit instead of full DT path in debug messages
powerpc/cacheinfo: Set pr_fmt()
powerpc: fix function annotations to avoid section mismatch warnings with gcc-10
...
Pull KVM updates from Paolo Bonzini:
"s390:
- implement diag318
x86:
- Report last CPU for debugging
- Emulate smaller MAXPHYADDR in the guest than in the host
- .noinstr and tracing fixes from Thomas
- nested SVM page table switching optimization and fixes
Generic:
- Unify shadow MMU cache data structures across architectures"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (127 commits)
KVM: SVM: Fix sev_pin_memory() error handling
KVM: LAPIC: Set the TDCR settable bits
KVM: x86: Specify max TDP level via kvm_configure_mmu()
KVM: x86/mmu: Rename max_page_level to max_huge_page_level
KVM: x86: Dynamically calculate TDP level from max level and MAXPHYADDR
KVM: VXM: Remove temporary WARN on expected vs. actual EPTP level mismatch
KVM: x86: Pull the PGD's level from the MMU instead of recalculating it
KVM: VMX: Make vmx_load_mmu_pgd() static
KVM: x86/mmu: Add separate helper for shadow NPT root page role calc
KVM: VMX: Drop a duplicate declaration of construct_eptp()
KVM: nSVM: Correctly set the shadow NPT root level in its MMU role
KVM: Using macros instead of magic values
MIPS: KVM: Fix build error caused by 'kvm_run' cleanup
KVM: nSVM: remove nonsensical EXITINFO1 adjustment on nested NPF
KVM: x86: Add a capability for GUEST_MAXPHYADDR < HOST_MAXPHYADDR support
KVM: VMX: optimize #PF injection when MAXPHYADDR does not match
KVM: VMX: Add guest physical address check in EPT violation and misconfig
KVM: VMX: introduce vmx_need_pf_intercept
KVM: x86: update exception bitmap on CPUID changes
KVM: x86: rename update_bp_intercept to update_exception_bitmap
...
Pull documentation updates from Jonathan Corbet:
"It's been a busy cycle for documentation - hopefully the busiest for a
while to come. Changes include:
- Some new Chinese translations
- Progress on the battle against double words words and non-HTTPS
URLs
- Some block-mq documentation
- More RST conversions from Mauro. At this point, that task is
essentially complete, so we shouldn't see this kind of churn again
for a while. Unless we decide to switch to asciidoc or
something...:)
- Lots of typo fixes, warning fixes, and more"
* tag 'docs-5.9' of git://git.lwn.net/linux: (195 commits)
scripts/kernel-doc: optionally treat warnings as errors
docs: ia64: correct typo
mailmap: add entry for <alobakin@marvell.com>
doc/zh_CN: add cpu-load Chinese version
Documentation/admin-guide: tainted-kernels: fix spelling mistake
MAINTAINERS: adjust kprobes.rst entry to new location
devices.txt: document rfkill allocation
PCI: correct flag name
docs: filesystems: vfs: correct flag name
docs: filesystems: vfs: correct sync_mode flag names
docs: path-lookup: markup fixes for emphasis
docs: path-lookup: more markup fixes
docs: path-lookup: fix HTML entity mojibake
CREDITS: Replace HTTP links with HTTPS ones
docs: process: Add an example for creating a fixes tag
doc/zh_CN: add Chinese translation prefer section
doc/zh_CN: add clearing-warn-once Chinese version
doc/zh_CN: add admin-guide index
doc:it_IT: process: coding-style.rst: Correct __maybe_unused compiler label
futex: MAINTAINERS: Re-add selftests directory
...
