From: Sean Christopherson <seanjc@google.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Thijs Raymakers <thijs@raymakers.nl>,
kvm@vger.kernel.org, stable <stable@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH v2] KVM: x86: use array_index_nospec with indices that come from guest
Date: Mon, 11 Aug 2025 07:35:49 -0700 [thread overview]
Message-ID: <aJn_xYSweEauucGv@google.com> (raw)
In-Reply-To: <2025081151-defiling-badass-c926@gregkh>
On Mon, Aug 11, 2025, Greg Kroah-Hartman wrote:
> On Thu, Jul 24, 2025 at 12:04:15PM -0700, Sean Christopherson wrote:
> > On Thu, Jul 24, 2025, Greg Kroah-Hartman wrote:
> > > On Thu, Jul 24, 2025 at 04:22:27PM +0200, Thijs Raymakers wrote:
> > > > min and dest_id are guest-controlled indices. Using array_index_nospec()
> > > > after the bounds checks clamps these values to mitigate speculative execution
> > > > side-channels.
> > > >
> > > > Signed-off-by: Thijs Raymakers <thijs@raymakers.nl>
> > > > Cc: stable <stable@kernel.org>
> > > > Cc: Sean Christopherson <seanjc@google.com>
> > > > Cc: Paolo Bonzini <pbonzini@redhat.com>
> > > > Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > >
> > > Nit, you shouldn't have added my signed off on a new version, but that's
> > > ok, I'm fine with it.
> >
> > Want me to keep your SoB when applying, or drop it?
> >
> > > > ---
> > > > arch/x86/kvm/lapic.c | 2 ++
> > > > arch/x86/kvm/x86.c | 7 +++++--
> > > > 2 files changed, 7 insertions(+), 2 deletions(-)
> > >
> > > You also forgot to say what changed down here.
> > >
> > > Don't know how strict the KVM maintainers are, I know I require these
> > > things fixed up...
> >
> > I require the same things, but I also don't mind doing fixup when applying if
> > that's the path of least resistance (and it's not a recurring problem).
> >
> > I also strongly dislike using In-Reply-To for new versions, as it tends to confuse
> > b4, and often confuses me as well.
> >
> > But for this, I don't see any reason to send a v3.
>
> Any status on this? I don't see it in linux-next at all, nor in
> 6.17-rc1
I'll get it applied and sent along to Paolo/Linus this week.
next prev parent reply other threads:[~2025-08-11 14:35 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-24 6:00 [PATCH] KVM: x86: use array_index_nospec with indices that come from guest Greg Kroah-Hartman
2025-07-24 13:38 ` Sean Christopherson
2025-07-24 14:22 ` [PATCH v2] " Thijs Raymakers
2025-07-24 18:36 ` Greg Kroah-Hartman
2025-07-24 19:04 ` Sean Christopherson
2025-07-25 4:42 ` Greg Kroah-Hartman
2025-07-25 10:24 ` Thijs Raymakers
2025-08-11 11:34 ` Greg Kroah-Hartman
2025-08-11 14:35 ` Sean Christopherson [this message]
2025-08-11 15:16 ` Greg Kroah-Hartman
2025-08-15 22:23 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aJn_xYSweEauucGv@google.com \
--to=seanjc@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=stable@kernel.org \
--cc=thijs@raymakers.nl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.