[GIT PULL] KVM: x86: Xen changes for 6.15

[Sean Christopherson <seanjc@google.com>]

Harden and optimize KVM's handling of the Xen hypercall MSR; syzkaller discovered
that setting the userspace-configurable index to collide with XSS could coerce
KVM into writing guest memory during vCPU creation.

The other change is to fix a flaw related to Xen TSC CPUID emulation.

The following changes since commit a64dcfb451e254085a7daee5fe51bf22959d52d3:

  Linux 6.14-rc2 (2025-02-09 12:45:03 -0800)

are available in the Git repository at:

  https://github.com/kvm-x86/linux.git tags/kvm-x86-xen-6.15

for you to fetch changes up to a2b00f85d7839d74a2f6fcbf547d4bf2e82c34e5:

  KVM: x86: Update Xen TSC leaves during CPUID emulation (2025-02-25 07:09:55 -0800)

----------------------------------------------------------------
KVM Xen changes for 6.15

 - Don't write to the Xen hypercall page on MSR writes that are initiated by
   the host (userspace or KVM) to fix a class of bugs where KVM can write to
   guest memory at unexpected times, e.g. during vCPU creation if userspace has
   set the Xen hypercall MSR index to collide with an MSR that KVM emulates.

 - Restrict the Xen hypercall MSR indx to the unofficial synthetic range to
   reduce the set of possible collisions with MSRs that are emulated by KVM
   (collisions can still happen as KVM emulates Hyper-V MSRs, which also reside
   in the synthetic range).

 - Clean up and optimize KVM's handling of Xen MSR writes and xen_hvm_config.

 - Update Xen TSC leaves during CPUID emulation instead of modifying the CPUID
   entries when updating PV clocks, as there is no guarantee PV clocks will be
   updated between TSC frequency changes and CPUID emulation, and guest reads
   of Xen TSC should be rare, i.e. are not a hot path.

----------------------------------------------------------------
David Woodhouse (1):
      KVM: x86/xen: Only write Xen hypercall page for guest writes to MSR

Fred Griffoul (1):
      KVM: x86: Update Xen TSC leaves during CPUID emulation

Sean Christopherson (5):
      KVM: x86/xen: Restrict hypercall MSR to unofficial synthetic range
      KVM: x86/xen: Add an #ifdef'd helper to detect writes to Xen MSR
      KVM: x86/xen: Consult kvm_xen_enabled when checking for Xen MSR writes
      KVM: x86/xen: Bury xen_hvm_config behind CONFIG_KVM_XEN=y
      KVM: x86/xen: Move kvm_xen_hvm_config field into kvm_xen

 Documentation/virt/kvm/api.rst  |  4 ++++
 arch/x86/include/asm/kvm_host.h |  4 ++--
 arch/x86/include/uapi/asm/kvm.h |  3 +++
 arch/x86/kvm/cpuid.c            | 16 +++++++++++++
 arch/x86/kvm/x86.c              | 13 +++++++----
 arch/x86/kvm/x86.h              |  1 +
 arch/x86/kvm/xen.c              | 52 +++++++++++++++--------------------------
 arch/x86/kvm/xen.h              | 30 ++++++++++++++++++++----
 8 files changed, 80 insertions(+), 43 deletions(-)