[PATCH v2 0/4] KVM: arm64: Fix guest feature sanitization and pKVM state synchronization
Marc Zyngier
maz at kernel.org
Fri Feb 13 06:58:24 PST 2026
On Fri, 13 Feb 2026 14:38:11 +0000, Fuad Tabba wrote:
> This series addresses state management and feature synchronization
> vulnerabilities in both standard KVM and pKVM implementations on arm64.
> The primary focus is ensuring that the hypervisor correctly handles
> architectural extensions during context switches to prevent state
> corruption.
>
> Changes since v1 [1]:
> - Moved optimising away S1POE handling when not supported by host to a
> separate patch.
> - Fixed clearing, checking and setting KVM_ARCH_FLAG_ID_REGS_INITIALIZED
>
> [...]
Applied to fixes, thanks!
[1/4] KVM: arm64: Hide S1POE from guests when not supported by the host
commit: f66857bafd4f151c5cc6856e47be2e12c1721e43
[2/4] KVM: arm64: Optimise away S1POE handling when not supported by host
commit: 9cb0468d0b335ccf769bd8e161cc96195e82d8b1
[3/4] KVM: arm64: Fix ID register initialization for non-protected pKVM guests
commit: 7e7c2cf0024d89443a7af52e09e47b1fe634ab17
[4/4] KVM: arm64: Remove redundant kern_hyp_va() in unpin_host_sve_state()
commit: 02471a78a052b631204aed051ab718e4d14ae687
Cheers,
M.
--
Without deviation from the norm, progress is not possible.
More information about the linux-arm-kernel
mailing list