From: Sean Christopherson <seanjc@google.com>
To: Yosry Ahmed <yosry.ahmed@linux.dev>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
"K. Y. Srinivasan" <kys@microsoft.com>,
Haiyang Zhang <haiyangz@microsoft.com>,
Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
kvm@vger.kernel.org, linux-hyperv@vger.kernel.org,
linux-kernel@vger.kernel.org, Jim Mattson <jmattson@google.com>
Subject: Re: [PATCH 3/9] KVM: SVM: Add a helper to detect VMRUN failures
Date: Thu, 13 Nov 2025 15:35:41 -0800 [thread overview]
Message-ID: <aRZrTdgOagDSjrUO@google.com> (raw)
In-Reply-To: <ellmjkhqmgpsbhc4if3emhn3fzbqd3ji4u2dnyvmub6bjgfnti@vtvjhn5cjwrs>
On Thu, Nov 13, 2025, Yosry Ahmed wrote:
> On Thu, Nov 13, 2025 at 02:56:15PM -0800, Sean Christopherson wrote:
> > Add a helper to detect VMRUN failures so that KVM can guard against its
> > own long-standing bug, where KVM neglects to set exitcode[63:32] when
> > synthesizing a nested VMFAIL_INVALID VM-Exit. This will allow fixing
> > KVM's mess of treating exitcode as two separate 32-bit values without
> > breaking KVM-on-KVM when running on an older, unfixed KVM.
> >
> > Cc: Jim Mattson <jmattson@google.com>
> > Cc: Yosry Ahmed <yosry.ahmed@linux.dev>
> > Signed-off-by: Sean Christopherson <seanjc@google.com>
> > ---
> > arch/x86/kvm/svm/nested.c | 16 +++++++---------
> > arch/x86/kvm/svm/svm.c | 4 ++--
> > arch/x86/kvm/svm/svm.h | 5 +++++
> > 3 files changed, 14 insertions(+), 11 deletions(-)
> >
> > diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
> > index ba0f11c68372..8070e20ed5a7 100644
> > --- a/arch/x86/kvm/svm/nested.c
> > +++ b/arch/x86/kvm/svm/nested.c
> > @@ -1134,7 +1134,7 @@ int nested_svm_vmexit(struct vcpu_svm *svm)
> > vmcb12->control.exit_info_1 = vmcb02->control.exit_info_1;
> > vmcb12->control.exit_info_2 = vmcb02->control.exit_info_2;
> >
> > - if (vmcb12->control.exit_code != SVM_EXIT_ERR)
> > + if (svm_is_vmrun_failure(vmcb12->control.exit_code))
>
> This was flipped, wasn't it?
Ugh, yes. Hrm, I'm surprised this wasn't caught by svm_nested_soft_inject_test.c.
Oof. We should probably also extend svm_is_vmrun_failure() (in the future) to
detect any failure, e.g. VMEXIT_INVALID_PMC might be relevant soon?
> > nested_save_pending_event_to_vmcb12(svm, vmcb12);
next prev parent reply other threads:[~2025-11-13 23:35 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-13 22:56 [PATCH 0/9] KVM: SVM: Fix (hilarious) exit_code bugs Sean Christopherson
2025-11-13 22:56 ` [PATCH 1/9] KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits Sean Christopherson
2025-11-13 23:03 ` Yosry Ahmed
2025-11-13 22:56 ` [PATCH 2/9] KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) Sean Christopherson
2025-11-13 23:17 ` Yosry Ahmed
2025-11-13 23:28 ` Yosry Ahmed
2025-11-13 22:56 ` [PATCH 3/9] KVM: SVM: Add a helper to detect VMRUN failures Sean Christopherson
2025-11-13 23:30 ` Yosry Ahmed
2025-11-13 23:35 ` Sean Christopherson [this message]
2025-11-13 22:56 ` [PATCH 4/9] KVM: SVM: Open code handling of unexpected exits in svm_invoke_exit_handler() Sean Christopherson
2025-11-13 23:33 ` Yosry Ahmed
2025-11-13 22:56 ` [PATCH 5/9] KVM: SVM: Check for an unexpected VM-Exit after RETPOLINE "fast" handling Sean Christopherson
2025-11-14 0:04 ` Yosry Ahmed
2025-11-13 22:56 ` [PATCH 6/9] KVM: SVM: Filter out 64-bit exit codes when invoking exit handlers on bare metal Sean Christopherson
2025-11-14 0:06 ` Yosry Ahmed
2025-11-14 23:32 ` Paolo Bonzini
2025-11-19 22:05 ` Sean Christopherson
2025-11-13 22:56 ` [PATCH 7/9] KVM: SVM: Treat exit_code as an unsigned 64-bit value through all of KVM Sean Christopherson
2025-11-14 0:08 ` Yosry Ahmed
2025-11-14 5:26 ` Michael Kelley
2025-11-14 15:22 ` Sean Christopherson
2025-11-14 18:29 ` Wei Liu
2025-11-14 18:35 ` Sean Christopherson
2025-11-14 18:40 ` Wei Liu
2025-11-14 15:27 ` Sean Christopherson
2025-11-14 15:47 ` Sean Christopherson
2025-11-14 23:33 ` Paolo Bonzini
2025-11-13 22:56 ` [PATCH 8/9] KVM: SVM: Limit incorrect check on SVM_EXIT_ERR to running as a VM Sean Christopherson
2025-11-14 0:11 ` Yosry Ahmed
2025-11-13 22:56 ` [PATCH 9/9] KVM: SVM: Harden exit_code against being used in Spectre-like attacks Sean Christopherson
2025-12-05 16:59 ` [PATCH 0/9] KVM: SVM: Fix (hilarious) exit_code bugs Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aRZrTdgOagDSjrUO@google.com \
--to=seanjc@google.com \
--cc=decui@microsoft.com \
--cc=haiyangz@microsoft.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=kys@microsoft.com \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=vkuznets@redhat.com \
--cc=wei.liu@kernel.org \
--cc=yosry.ahmed@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.