Commit 023816bd authored Apr 04, 2025 by Sean Christopherson Committed by Greg Kroah-Hartman May 02, 2025

KVM: x86: Reset IRTE to host control if new route isn't postable



commit 9bcac97d upstream.

Restore an IRTE back to host control (remapped or posted MSI mode) if the
*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of
the GSI routing type.  Updating the IRTE if and only if the new GSI is an
MSI results in KVM leaving an IRTE posting to a vCPU.

The dangling IRTE can result in interrupts being incorrectly delivered to
the guest, and in the worst case scenario can result in use-after-free,
e.g. if the VM is torn down, but the underlying host IRQ isn't freed.

Fixes: efc64404 ("KVM: x86: Update IRTE for posted-interrupts")
Fixes: 411b44ba ("svm: Implements update_pi_irte hook to setup posted interrupt")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-ID: <20250404193923.1413163-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 38cfa866

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit 9e207186
· Nov 05, 2025

mentioned in commit 9e207186

mentioned in commit 9e207186c74578f0ef1872467740ab30f74abe6d

Toggle commit list

Please to comment