Re: [PATCH v2 2/6] KVM/x86: Return -errno instead of "1" for APIC related MSR emulation

[sashiko-bot@kernel.org]

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [Critical] Returning a negative error code (like -EINVAL) from MSR emulation handlers causes KVM to abort the VM instead of injecting a #GP exception into the guest.
--

commit 7f1a730b4cdc6c3d32a0f5e2d9d557acc42efaa6
Author: Juergen Gross <jgross@suse.com>

KVM/x86: Return -errno instead of "1" for APIC related MSR emulation

This commit replaces literal "1" return values with negative errno values
such as -EINVAL in the emulation code for APIC-related MSR registers.

> diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
> index 4078e624ca667..3e7d83db2f7ab 100644
> --- a/arch/x86/kvm/lapic.c
> +++ b/arch/x86/kvm/lapic.c
> @@ -2412,11 +2412,10 @@ static int kvm_lapic_reg_write(struct kvm_lapic *apic, u32 reg, u32 val)
>  
>  	switch (reg) {
>  	case APIC_ID:		/* Local APIC ID */
> -		if (!apic_x2apic_mode(apic)) {
> +		if (!apic_x2apic_mode(apic))
>  			kvm_apic_set_xapic_id(apic, val >> 24);
> -		} else {
> -			ret = 1;
> -		}
> +		else
> +			ret = -EINVAL;

[Severity: Critical]
Does returning a negative error code here bypass the exception injection
logic?

In the KVM MSR emulation framework, functions like __kvm_emulate_wrmsr()
treat a return value greater than 0 as an instruction fault. This allows KVM
to safely inject a General Protection Fault into the guest.

If we return a negative code like -EINVAL, the negative value is propagated
up the call chain instead. This reaches the vcpu_run() loop, causing the
KVM_RUN ioctl to fail and forcing the host VMM to exit and terminate the VM.

Will this change allow a guest OS that probes an unsupported APIC MSR to
inadvertently crash its own virtual machine, instead of receiving and
gracefully handling a General Protection Fault?

[ ... ]

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260528113605.267111-1-jgross@suse.com?part=2