From: Sean Christopherson <seanjc@google.com>
To: Jim Mattson <jmattson@google.com>
Cc: pbonzini@redhat.com, tglx@kernel.org, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org,
hpa@zytor.com, shuah@kernel.org, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
ctpence@google.com
Subject: Re: [PATCH v3 3/4] KVM: x86: Virtualize AMD CPUID faulting
Date: Thu, 14 May 2026 09:20:24 -0700 [thread overview]
Message-ID: <agX2SJF3rJSkIqDe@google.com> (raw)
In-Reply-To: <CALMp9eS831M153QmAgjzJcR2dFY_wCCCzDisd7_T6GyS3-gAFw@mail.gmail.com>
On Thu, May 14, 2026, Jim Mattson wrote:
> On Thu, May 14, 2026 at 7:28 AM Sean Christopherson <seanjc@google.com> wrote:
> >
> > On Thu, May 14, 2026, Jim Mattson wrote:
> > > > diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
> > > > index 95d09ccbf951..fc96ba86c644 100644
> > > > --- a/arch/x86/kvm/cpuid.h
> > > > +++ b/arch/x86/kvm/cpuid.h
> > > > @@ -185,8 +185,9 @@ static inline int guest_cpuid_stepping(struct kvm_vcpu *vcpu)
> > > >
> > > > static inline bool cpuid_fault_enabled(struct kvm_vcpu *vcpu)
> > > > {
> > > > - return vcpu->arch.msr_misc_features_enables &
> > > > - MSR_MISC_FEATURES_ENABLES_CPUID_FAULT;
> > > > + return (vcpu->arch.msr_misc_features_enables &
> > > > + MSR_MISC_FEATURES_ENABLES_CPUID_FAULT) ||
> > > > + (vcpu->arch.msr_hwcr & MSR_K7_HWCR_CPUID_USER_DIS);
> > > > }
> > >
> > > Sashiko raises a good point here about a pre-existing issue that
> >
> > Calling this pre-existing is a bit of a stretch. I'm guessing VMX doesn't check
> > the #GP before the VM-Exit (checking #GP before a VM-Exit is so stupid).
>
> Per the SDM, volume 3, section 27.1.1: Relative Priority of Faults and VM Exits
>
> Certain exceptions have priority over VM exits. These include invalid-opcode
> exceptions, faults based on privilege level,1 and general-protection
> exceptions that are based on checking I/O permission bits in the task- state
> segment (TSS). For example, execution of RDMSR with CPL = 3 generates a
> general-protection exception and not a VM exit.2
...
> > Where in the APM? I can't find anything in the description of CPUID or CpuidUserDis
> > that specifies the priority, and "Table 15-7. Instruction Intercepts" is flat out
> > wrong because it just says:
> >
> > CPUID CPUID No exceptions to check.
>
> APM volume 2, section 15.7: Intercept Operation
>
> > Generally, instruction intercepts are checked after simple exceptions
> (such as #GP—when CPL is incorrect—or #UD) have been checked, but
> before exceptions related to
> memory accesses (such as page faults) and exceptions based on specific
> operand values.
Oooh, this is based on the generic CPL rules. I didn't think about it from that
perspective. So yeah, addressing that does make sense. What a pain.
next prev parent reply other threads:[~2026-05-14 16:20 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 22:46 [PATCH v3 0/4] KVM: x86: Virtualize AMD's "disable CPUID in usermode" Jim Mattson
2026-05-13 22:46 ` [PATCH v3 1/4] KVM: x86: Consolidate CPUID fault handling for emulator and interception logic Jim Mattson
2026-05-14 8:41 ` Binbin Wu
2026-05-13 22:46 ` [PATCH v3 2/4] KVM: x86: Remove supports_cpuid_fault() helper Jim Mattson
2026-05-14 8:51 ` Binbin Wu
2026-05-13 22:46 ` [PATCH v3 3/4] KVM: x86: Virtualize AMD CPUID faulting Jim Mattson
2026-05-14 13:19 ` Jim Mattson
2026-05-14 14:28 ` Sean Christopherson
2026-05-14 14:45 ` Jim Mattson
2026-05-14 16:20 ` Sean Christopherson [this message]
2026-05-14 16:22 ` Jim Mattson
2026-05-14 16:35 ` Sean Christopherson
2026-05-14 18:01 ` Jim Mattson
2026-05-14 18:17 ` Kaplan, David
2026-05-13 22:46 ` [PATCH v3 4/4] KVM: selftests: Update hwcr_msr_test for CPUID faulting bit Jim Mattson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=agX2SJF3rJSkIqDe@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=ctpence@google.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=shuah@kernel.org \
--cc=tglx@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.