On Mon, 24 Mar 2025 22:08:48 +0800, Chao Gao wrote:
> Ensure the shadow VMCS cache is evicted during an emergency reboot to
> prevent potential memory corruption if the cache is evicted after reboot.
>
> This issue was identified through code inspection, as __loaded_vmcs_clear()
> flushes both the normal VMCS and the shadow VMCS.
>
> Avoid checking the "launched" state during an emergency reboot, unlike the
> behavior in __loaded_vmcs_clear(). This is important because reboot NMIs
> can interfere with operations like copy_shadow_to_vmcs12(), where shadow
> VMCSes are loaded directly using VMPTRLD. In such cases, if NMIs occur
> right after the VMCS load, the shadow VMCSes will be active but the
> "launched" state may not be set.
>
> [...]
Applied to kvm-x86 vmx. I tagged it for stable, but it's not urgent (I'm 99%
certain it will never cause problems), so I figure I'd give it a full cycle in
-next.
[1/1] KVM: VMX: Flush shadow VMCS on emergency reboot
https://github.com/kvm-x86/linux/commit/a0ee1d5faff1
--
https://github.com/kvm-x86/linux/tree/next
