Unverified Commit f6d660bd authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!5477 Fixed CVE-2021-47112 

Merge Pull Request from: @ci-robot 
 
PR sync from: Zheng Zengkai <zhengzengkai@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/754R3SSWHJQC5UERDSJWV7ZY7KERVTPQ/ 
According to https://www.cve.org/CVERecord/?id=CVE-2021-47112 and
https://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47112-339c@gregkh/T/
openEuler-1.0-LTS is also affected by CVE-2021-47112,
backport patch suggested by https://nvd.nist.gov/vuln/detail/CVE-2021-47112
to fix it.

Vitaly Kuznetsov (1):
  x86/kvm: Teardown PV features on boot CPU as well


-- 
2.20.1
 
https://gitee.com/src-openeuler/kernel/issues/I990AA 
 
Link:https://gitee.com/openeuler/kernel/pulls/5477

 

Reviewed-by: default avatarLiu YongQiang <liuyongqiang13@huawei.com>
Reviewed-by: default avatarJason Zeng <jason.zeng@intel.com>
Reviewed-by: default avatarWei Li <liwei391@huawei.com>
Signed-off-by: default avatarZhang Changzhong <zhangchangzhong@huawei.com>
parents 25bf6ba3 127d0b8f

arch/x86/kernel/kvm.c

+41 −16
Original line number Diff line number Diff line
@@ -37,6 +37,7 @@ 
#include <linux/debugfs.h>

#include <linux/nmi.h>

#include <linux/swait.h>

#include <linux/syscore_ops.h>

#include <asm/timer.h>

#include <asm/cpu.h>

#include <asm/traps.h>
@@ -444,6 +445,25 @@ static void __init sev_map_percpu_data(void) 
	}

}



static void kvm_guest_cpu_offline(void)

{

	kvm_disable_steal_time();

	if (kvm_para_has_feature(KVM_FEATURE_PV_EOI))

		wrmsrl(MSR_KVM_PV_EOI_EN, 0);

	kvm_pv_disable_apf();

	apf_task_wake_all();

}



static int kvm_cpu_online(unsigned int cpu)

{

	unsigned long flags;



	local_irq_save(flags);

	kvm_guest_cpu_init();

	local_irq_restore(flags);

	return 0;

}



#ifdef CONFIG_SMP

#define KVM_IPI_CLUSTER_SIZE	(2 * BITS_PER_LONG)
@@ -560,31 +580,34 @@ static void __init kvm_smp_prepare_boot_cpu(void) 
	kvm_spinlock_init();

}



static void kvm_guest_cpu_offline(void)

static int kvm_cpu_down_prepare(unsigned int cpu)

{

	kvm_disable_steal_time();

	if (kvm_para_has_feature(KVM_FEATURE_PV_EOI))

		wrmsrl(MSR_KVM_PV_EOI_EN, 0);

	kvm_pv_disable_apf();

	apf_task_wake_all();

}

	unsigned long flags;



static int kvm_cpu_online(unsigned int cpu)

{

	local_irq_disable();

	kvm_guest_cpu_init();

	local_irq_enable();

	local_irq_save(flags);

	kvm_guest_cpu_offline();

	local_irq_restore(flags);

	return 0;

}



static int kvm_cpu_down_prepare(unsigned int cpu)

#endif



static int kvm_suspend(void)

{

	local_irq_disable();

	kvm_guest_cpu_offline();

	local_irq_enable();



	return 0;

 }

#endif



static void kvm_resume(void)

{

	kvm_cpu_online(raw_smp_processor_id());

}



static struct syscore_ops kvm_syscore_ops = {

	.suspend	= kvm_suspend,

	.resume		= kvm_resume,

};



static void __init kvm_apf_trap_init(void)

{
@@ -659,6 +682,8 @@ static void __init kvm_guest_init(void) 
	kvm_guest_cpu_init();

#endif



	register_syscore_ops(&kvm_syscore_ops);



	/*

	 * Hard lockup detection is enabled by default. Disable it, as guests

	 * can get false positives too easily, for example if the host is