[GIT PULL] KVM/arm64 changes for 6.17, round #3

[GIT PULL] KVM/arm64 changes for 6.17, round #3

[Oliver Upton]

Hi Paolo,

This is most likely the final set of KVM/arm64 fixes for 6.17.

Of note, I reverted a couple of fixes we took in 6.17 for RCU stalls when
destroying a stage-2 page table. There appears to be some nasty refcounting /
UAF issues lurking in those patches and the band-aid we tried to apply didn't
hold.

Besides that, random pile of fixes, many involving the usual suspects: nested
and the vgic.

Please pull.

Thanks,
Oliver

The following changes since commit b320789d6883cc00ac78ce83bccbfe7ed58afcf0:

  Linux 6.17-rc4 (2025-08-31 15:33:07 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git/ tags/kvmarm-fixes-6.17-2

for you to fetch changes up to e6157256ee1a6a500da42556e059d4dec2ade871:

  Revert "KVM: arm64: Split kvm_pgtable_stage2_destroy()" (2025-09-10 11:11:22 -0700)

----------------------------------------------------------------
KVM/arm64 changes for 6.17, round #3

 - Invalidate nested MMUs upon freeing the PGD to avoid WARNs when
   visiting from an MMU notifier

 - Fixes to the TLB match process and TLB invalidation range for
   managing the VCNR pseudo-TLB

 - Prevent SPE from erroneously profiling guests due to UNKNOWN reset
   values in PMSCR_EL1

 - Fix save/restore of host MDCR_EL2 to account for eagerly programming
   at vcpu_load() on VHE systems

 - Correct lock ordering when dealing with VGIC LPIs, avoiding scenarios
   where an xarray's spinlock was nested with a *raw* spinlock

 - Permit stage-2 read permission aborts which are possible in the case
   of NV depending on the guest hypervisor's stage-2 translation

 - Call raw_spin_unlock() instead of the internal spinlock API

 - Fix parameter ordering when assigning VBAR_EL1

----------------------------------------------------------------
Alexandru Elisei (2):
      KVM: arm64: Initialize PMSCR_EL1 when in VHE
      KVM: arm64: VHE: Save and restore host MDCR_EL2 value correctly

Alok Tiwari (1):
      KVM: arm64: vgic: fix incorrect spinlock API usage

Dongha Lee (1):
      KVM: arm64: nv: Fix incorrect VNCR invalidation range calculation

Fuad Tabba (1):
      KVM: arm64: Fix parameter ordering for VBAR_EL1 assignment

Geonha Lee (1):
      KVM: arm64: nv: fix VNCR TLB ASID match logic for non-Global entries

Marc Zyngier (1):
      KVM: arm64: Mark freed S2 MMUs as invalid

Oliver Upton (8):
      KVM: arm64: vgic: Drop stale comment on IRQ active state
      KVM: arm64: vgic-v3: Use bare refcount for VGIC LPIs
      KVM: arm64: Spin off release helper from vgic_put_irq()
      KVM: arm64: vgic-v3: Erase LPIs from xarray outside of raw spinlocks
      KVM: arm64: vgic-v3: Don't require IRQs be disabled for LPI xarray lock
      KVM: arm64: vgic-v3: Indicate vgic_put_irq() may take LPI xarray lock
      Revert "KVM: arm64: Reschedule as needed when destroying the stage-2 page-tables"
      Revert "KVM: arm64: Split kvm_pgtable_stage2_destroy()"

Wei-Lin Chang (1):
      KVM: arm64: Remove stage 2 read fault check

 arch/arm64/include/asm/kvm_host.h       |  1 +
 arch/arm64/include/asm/kvm_pgtable.h    | 30 -------------
 arch/arm64/include/asm/kvm_pkvm.h       |  4 +-
 arch/arm64/kvm/arm.c                    |  4 +-
 arch/arm64/kvm/debug.c                  | 13 ++++++
 arch/arm64/kvm/hyp/include/hyp/switch.h |  5 ---
 arch/arm64/kvm/hyp/nvhe/switch.c        |  6 +++
 arch/arm64/kvm/hyp/nvhe/sys_regs.c      |  2 +-
 arch/arm64/kvm/hyp/pgtable.c            | 25 ++---------
 arch/arm64/kvm/mmu.c                    | 45 +++----------------
 arch/arm64/kvm/nested.c                 |  6 +--
 arch/arm64/kvm/pkvm.c                   | 11 +----
 arch/arm64/kvm/vgic/vgic-debug.c        |  2 +-
 arch/arm64/kvm/vgic/vgic-init.c         |  6 +--
 arch/arm64/kvm/vgic/vgic-its.c          | 15 +++----
 arch/arm64/kvm/vgic/vgic-v4.c           |  2 +-
 arch/arm64/kvm/vgic/vgic.c              | 80 ++++++++++++++++++++++++---------
 arch/arm64/kvm/vgic/vgic.h              |  8 ++--
 include/kvm/arm_vgic.h                  |  9 ++--
 19 files changed, 120 insertions(+), 154 deletions(-)

Re: [GIT PULL] KVM/arm64 changes for 6.17, round #3

[Paolo Bonzini]

On 9/10/25 22:25, Oliver Upton wrote:
> Hi Paolo,
> 
> This is most likely the final set of KVM/arm64 fixes for 6.17.
> 
> Of note, I reverted a couple of fixes we took in 6.17 for RCU stalls when
> destroying a stage-2 page table. There appears to be some nasty refcounting /
> UAF issues lurking in those patches and the band-aid we tried to apply didn't
> hold.

Thanks for pointing this out, I will put a note about reverts in my own tag.

Paolo

Re: [GIT PULL] KVM/arm64 changes for 6.17, round #3

[Oliver Upton]

On Wed, Sep 17, 2025 at 07:56:15PM +0200, Paolo Bonzini wrote:
> On 9/10/25 22:25, Oliver Upton wrote:
> > Hi Paolo,
> > 
> > This is most likely the final set of KVM/arm64 fixes for 6.17.
> > 
> > Of note, I reverted a couple of fixes we took in 6.17 for RCU stalls when
> > destroying a stage-2 page table. There appears to be some nasty refcounting /
> > UAF issues lurking in those patches and the band-aid we tried to apply didn't
> > hold.
> 
> Thanks for pointing this out, I will put a note about reverts in my own tag.

Appreciated, seems to have been an unintentional omission from my own
tag.

Best,
Oliver