KVM: SVM: for the shortlog scope
And my preference is to have the shortlog explain the code change and leave the CVE reference to a line in the changelog. CVE numbers are meaningless without context, e.g. listing the CVE isn't going to be at all helpful for future readers that look at shortlogs.
E.g.
KVM: SVM: Always refresh x2APIC MSR intercepts when x2AVIC is enabled
or
KVM: SVM: Update MSR intercepts for x2AVIC when guest disables x2APIC
On Thu, Sep 28, 2023, Maxim Levitsky wrote:
The following problem exists since the x2avic was enabled in the KVM:
Just "x2avic"
svm_set_x2apic_msr_interception is called to enable the interception of
() after functions
the x2apic msrs.
In particular it is called at the moment the guest resets its apic.
Assuming that the guest's apic was in x2apic mode, the reset will bring it back to the xapic mode.
The svm_set_x2apic_msr_interception however has an erroneous check for '!apic_x2apic_mode()' which prevents it from doing anything in this case.
As a result of this, all x2apic msrs are left unintercepted, and that exposes the bare metal x2apic (if enabled) to the guest. Oops.
Remove the erroneous '!apic_x2apic_mode()' check to fix that.
Cc: stable@vger.kernel.org
Fixes: 4d1d7942e36a ("KVM: SVM: Introduce logic to (de)activate x2AVIC mode")
Signed-off-by: Maxim Levitsky mlevitsk@redhat.com
arch/x86/kvm/svm/svm.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 9507df93f410a63..acdd0b89e4715a3 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -913,8 +913,7 @@ void svm_set_x2apic_msr_interception(struct vcpu_svm *svm, bool intercept) if (intercept == svm->x2avic_msrs_intercepted) return;
- if (!x2avic_enabled ||
!apic_x2apic_mode(svm->vcpu.arch.apic))
- if (!x2avic_enabled) return;
for (i = 0; i < MAX_DIRECT_ACCESS_MSRS; i++) { -- 2.26.3