30 Sep
2025
30 Sep
'25
9:28 a.m.
On Tue, 30 Sep 2025 01:52:37 -0700, Oliver Upton wrote:
Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of uninitialized garbage for routing / injecting the exception.
In one case the injection code and the hyp disagree on whether the vCPU has a 32bit EL1 and put the vCPU into an illegal mode for AArch64, tripping the BUG() in exception_target_el() during the next injection:
[...]
Applied to fixes, thanks!
[1/1] KVM: arm64: Prevent access to vCPU events before init commit: cc96679f3c0348bf8450a5c84b71bb1351c027f9
Cheers,
M.
--
Without deviation from the norm, progress is not possible.