[PATCH v3 0/3] x86/fred: Fix SEV-ES/SNP guest boot failures

[PATCH v3 0/3] x86/fred: Fix SEV-ES/SNP guest boot failures

[Nikunj A Dadhania]

SEV-ES and SNP guests fail to boot when FRED is enabled due to missing #VC
exception handling and a CR-pinning issue that prematurely enables FRED before
its MSRs are configured.

Patch 1 fixes the implicit FSGSBASE dependency by moving FSGSBASE enablement
to cpu_init_exception_handling(), ensuring it's enabled before exception
handling infrastructure is set up on both boot and secondary CPUs.

Patch 2 fixes the CR-pinning issue by deferring enforcement during secondary
CPU bringup, preventing FRED from being enabled before it is configured and
able to handle exceptions.

Patch 3 adds #VC exception handling to FRED and fixes early GHCB access to
use boot_ghcb before per-CPU GHCBs are initialized.

These fixes enable SEV-ES/SNP guests to boot successfully with FRED enabled.

Changelog:
v2 -> v3:
* Fix SNP guest boot failure reported by Borislav Petkov - the CR pinning
  disable patch exposed an implicit FSGSBASE dependency that is now fixed
  by moving FSGSBASE enablement to cpu_init_exception_handling() (Boris/Sohil)

v1 -> v2:
https://lore.kernel.org/kvm/20260226092349.803491-1-nikunj@amd.com/
* Instead of moving pr_info(), fix the root cause by disabling CR pinning
  during secondary CPU bringup (Dave Hansen)
* Use unified #VC exception handler in fred_hwexc() (Dave Hansen)
* Collect RoB (Sohil Mehta)

v1: https://lore.kernel.org/kvm/20260205051030.1225975-1-nikunj@amd.com/

Dave Hansen (1):
  x86/cpu: Disable CR pinning during CPU bringup

Nikunj A Dadhania (2):
  x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()
  x86/fred: Fix early boot failures on SEV-ES/SNP guests

 arch/x86/coco/sev/noinstr.c  |  6 ++++++
 arch/x86/entry/entry_fred.c  | 14 ++++++++++++
 arch/x86/kernel/cpu/common.c | 41 +++++++++++++++++++++++++++---------
 3 files changed, 51 insertions(+), 10 deletions(-)


base-commit: 270b06a2452b0a20b149591ee90e22e3d8d55358
-- 
2.48.1

[PATCH v3 1/3] x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()

[Nikunj A Dadhania]

Move FSGSBASE enablement from identify_cpu() to
cpu_init_exception_handling() to ensure it is enabled before any exceptions
can occur on both boot and secondary CPUs.

== Background ==

Exception entry code (paranoid_entry()) uses ALTERNATIVE patching based on
X86_FEATURE_FSGSBASE to decide whether to use RDGSBASE/WRGSBASE
instructions or the slower RDMSR/SWAPGS sequence for saving/restoring
GSBASE.

For boot CPU, ALTERNATIVE patching happens after enabling FSGSBASE in CR4.
When the feature is available, the code is permanently patched to use
RDGSBASE/WRGSBASE, which require CR4.FSGSBASE=1 to execute without
triggering #UD.

== Boot Sequence ==

Boot CPU (with CR pinning enabled):
  trap_init()
    cpu_init()                   <- Uses unpatched code (RDMSR/SWAPGS)
      x2apic_setup()
  ...
  arch_cpu_finalize_init()
    identify_boot_cpu()
      identify_cpu()
        cr4_set_bits(X86_CR4_FSGSBASE)  # Enables the feature
	# This becomes part of cr4_pinned_bits
    ...
    alternative_instructions()   <- Patches code to use RDGSBASE/WRGSBASE

Secondary CPUs (with CR pinning enabled):
  start_secondary()
    cr4_init()                   <- Code already patched, CR4.FSGSBASE=1
                                    set implicitly via cr4_pinned_bits

    cpu_init()                   <- exceptions work because FSGSBASE is
                                    already enabled

Secondary CPU (with CR pinning disabled):
  start_secondary()
    cr4_init()                   <- Code already patched, CR4.FSGSBASE=0
    cpu_init()
      x2apic_setup()
        rdmsrq(MSR_IA32_APICBASE)  <- Triggers #VC in SNP guests
          exc_vmm_communication()
            paranoid_entry()       <- Uses RDGSBASE with CR4.FSGSBASE=0
                                      (patched code)
    ...
    ap_starting()
      identify_secondary_cpu()
        identify_cpu()
	  cr4_set_bits(X86_CR4_FSGSBASE)  <- Enables the feature, which is
                                             too late

== CR Pinning ==

Currently, for secondary CPUs, CR4.FSGSBASE is set implicitly through
CR-pinning: the boot CPU sets it during identify_cpu(), it becomes part of
cr4_pinned_bits, and cr4_init() applies those pinned bits to secondary
CPUs. This works but creates an undocumented dependency between cr4_init()
and the pinning mechanism.

== Problem ==

Secondary CPUs boot after alternatives have been applied globally. They
execute already-patched paranoid_entry() code that uses RDGSBASE/WRGSBASE
instructions, which require CR4.FSGSBASE=1. Upcoming changes to CR pinning
behavior will break the implicit dependency, causing secondary CPUs to
generate #UD.

This issue manifests on AMD SEV-SNP guests, where the rdmsrq() in
x2apic_setup() triggers a #VC exception early during cpu_init(). The #VC
handler (exc_vmm_communication()) executes the patched paranoid_entry()
path. Without CR4.FSGSBASE enabled, RDGSBASE instructions trigger #UD.

== Fix ==

Enable FSGSBASE explicitly in cpu_init_exception_handling() before loading
exception handlers. This makes the dependency explicit and ensures both
boot and secondary CPUs have FSGSBASE enabled before paranoid_entry()
executes.

Fixes: c82965f9e530 ("x86/entry/64: Handle FSGSBASE enabled paranoid entry/exit")
Cc: stable@vger.kernel.org
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Sohil Mehta <sohil.mehta@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Reported-by: Borislav Petkov <bp@alien8.de>
Suggested-by: Sohil Mehta <sohil.mehta@intel.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/kernel/cpu/common.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index bb937bc4b00f..6778ec5846b6 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -2066,12 +2066,6 @@ static void identify_cpu(struct cpuinfo_x86 *c)
 	setup_umip(c);
 	setup_lass(c);
 
-	/* Enable FSGSBASE instructions if available. */
-	if (cpu_has(c, X86_FEATURE_FSGSBASE)) {
-		cr4_set_bits(X86_CR4_FSGSBASE);
-		elf_hwcap2 |= HWCAP2_FSGSBASE;
-	}
-
 	/*
 	 * The vendor-specific functions might have changed features.
 	 * Now we do "generic changes."
@@ -2432,6 +2426,18 @@ void cpu_init_exception_handling(bool boot_cpu)
 	/* GHCB needs to be setup to handle #VC. */
 	setup_ghcb();
 
+	/*
+	 * On CPUs with FSGSBASE support, paranoid_entry() uses
+	 * ALTERNATIVE-patched RDGSBASE/WRGSBASE instructions. Secondary CPUs
+	 * boot after alternatives are patched globally, so early exceptions
+	 * execute patched code that depends on FSGSBASE. Enable the feature
+	 * before any exceptions occur.
+	 */
+	if (cpu_feature_enabled(X86_FEATURE_FSGSBASE)) {
+		cr4_set_bits(X86_CR4_FSGSBASE);
+		elf_hwcap2 |= HWCAP2_FSGSBASE;
+	}
+
 	if (cpu_feature_enabled(X86_FEATURE_FRED)) {
 		/* The boot CPU has enabled FRED during early boot */
 		if (!boot_cpu)
-- 
2.48.1

[PATCH v3 2/3] x86/cpu: Disable CR pinning during CPU bringup

[Nikunj A Dadhania]

From: Dave Hansen <dave.hansen@linux.intel.com>

== CR Pinning Background ==

Modern CPU hardening features like SMAP/SMEP are enabled by flipping
control register (CR) bits. Attackers find these features inconvenient and
often try to disable them.

CR-pinning is a kernel hardening feature that detects when
security-sensitive control bits are flipped off, complains about it, then
turns them back on. The CR-pinning checks are performed in the CR
manipulation helpers.

X86_CR4_FRED controls FRED enabling and is pinned. There is a single,
system-wide static key that controls CR-pinning behavior. The static key is
enabled by the boot CPU after it has established its CR configuration.

The end result is that CR-pinning is not active while initializing the boot
CPU but it is active while bringing up secondary CPUs.

== FRED Background ==

FRED is a new hardware entry/exit feature for the kernel. It is not on by
default and started out as Intel-only. AMD is just adding support now.

FRED has MSRs for configuration and is enabled by the pinned X86_CR4_FRED
bit. It should not be enabled until after MSRs are properly initialized.

== SEV Background ==

AMD SEV-ES and SEV-SNP use #VC (Virtualization Communication) exceptions to
handle operations that require hypervisor assistance. These exceptions
occur during various operations including MMIO access, CPUID instructions,
and certain memory accesses.

Writes to the console can generate #VC.

== Problem ==

CR-pinning implicitly enables FRED on secondary CPUs at a different point
than the boot CPU. This point is *before* the CPU has done an explicit
cr4_set_bits(X86_CR4_FRED) and before the MSRs are initialized. This means
that there is a window where no exceptions can be handled.

For SEV-ES/SNP and TDX guests, any console output during this window
triggers #VC or #VE exceptions that result in triple faults because the
exception handlers rely on FRED MSRs that aren't yet configured.

== Fix ==

Defer CR-pinning enforcement during secondary CPU bringup. This avoids any
implicit CR changes during CPU bringup, ensuring that FRED is not enabled
before it is configured and able to handle a #VC or #VE.

Drop CR4 pinning logic from cr4_init() as it runs only during early
secondary bring up while the CPU is still offline, so CR4 pinning is never
in effect there. Remove the redundant pinned-mask application and add
WARN_ON_ONCE() to detect any future changes that might violate this
assumption.

This also aligns boot and secondary CPU bringup.

Note: FRED is not on by default anywhere so this is not likely to be
causing many problems. The only reason this was noticed was that AMD
started to enable FRED and was turning it on.

Fixes: 14619d912b65 ("x86/fred: FRED entry/exit and dispatch code")
Reported-by: Nikunj A Dadhania <nikunj@amd.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
[ Nikunj: Updated SEV background section wording ]
Reviewed-by: Sohil Mehta <sohil.mehta@intel.com>
Cc: stable@vger.kernel.org # 6.9+
---
 arch/x86/kernel/cpu/common.c | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 6778ec5846b6..b2a4a506eae9 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -453,6 +453,21 @@ static const unsigned long cr4_pinned_mask = X86_CR4_SMEP | X86_CR4_SMAP | X86_C
 static DEFINE_STATIC_KEY_FALSE_RO(cr_pinning);
 static unsigned long cr4_pinned_bits __ro_after_init;
 
+static bool cr_pinning_enabled(void)
+{
+	if (!static_branch_likely(&cr_pinning))
+		return false;
+
+	/*
+	 * Do not enforce pinning during CPU bringup. It might
+	 * turn on features that are not set up yet, like FRED.
+	 */
+	if (!cpu_online(smp_processor_id()))
+		return false;
+
+	return true;
+}
+
 void native_write_cr0(unsigned long val)
 {
 	unsigned long bits_missing = 0;
@@ -460,7 +475,7 @@ void native_write_cr0(unsigned long val)
 set_register:
 	asm volatile("mov %0,%%cr0": "+r" (val) : : "memory");
 
-	if (static_branch_likely(&cr_pinning)) {
+	if (cr_pinning_enabled()) {
 		if (unlikely((val & X86_CR0_WP) != X86_CR0_WP)) {
 			bits_missing = X86_CR0_WP;
 			val |= bits_missing;
@@ -479,7 +494,7 @@ void __no_profile native_write_cr4(unsigned long val)
 set_register:
 	asm volatile("mov %0,%%cr4": "+r" (val) : : "memory");
 
-	if (static_branch_likely(&cr_pinning)) {
+	if (cr_pinning_enabled()) {
 		if (unlikely((val & cr4_pinned_mask) != cr4_pinned_bits)) {
 			bits_changed = (val & cr4_pinned_mask) ^ cr4_pinned_bits;
 			val = (val & ~cr4_pinned_mask) | cr4_pinned_bits;
@@ -521,8 +536,8 @@ void cr4_init(void)
 
 	if (boot_cpu_has(X86_FEATURE_PCID))
 		cr4 |= X86_CR4_PCIDE;
-	if (static_branch_likely(&cr_pinning))
-		cr4 = (cr4 & ~cr4_pinned_mask) | cr4_pinned_bits;
+
+	WARN_ON_ONCE(cr_pinning_enabled());
 
 	__write_cr4(cr4);
 
-- 
2.48.1

[PATCH v3 3/3] x86/fred: Fix early boot failures on SEV-ES/SNP guests

[Nikunj A Dadhania]

FRED-enabled SEV-ES and SNP guests fail to boot due to the following issues
in the early boot sequence:

* FRED does not have a #VC exception handler in the dispatch logic

* Early FRED #VC exceptions attempt to use uninitialized per-CPU GHCBs
  instead of boot_ghcb

Add X86_TRAP_VC case to fred_hwexc() with a new exc_vmm_communication()
function that provides the unified entry point FRED requires, dispatching
to existing user/kernel handlers based on privilege level. The function is
already declared via DECLARE_IDTENTRY_VC().

Fix early GHCB access by falling back to boot_ghcb in
__sev_{get,put}_ghcb() when per-CPU GHCBs are not yet initialized.

Fixes: 14619d912b65 ("x86/fred: FRED entry/exit and dispatch code")
Cc: stable@vger.kernel.org # 6.9+
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Nikunj A Dadhania <nikunj@amd.com>
---
 arch/x86/coco/sev/noinstr.c |  6 ++++++
 arch/x86/entry/entry_fred.c | 14 ++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/arch/x86/coco/sev/noinstr.c b/arch/x86/coco/sev/noinstr.c
index 9d94aca4a698..5afd663a1c21 100644
--- a/arch/x86/coco/sev/noinstr.c
+++ b/arch/x86/coco/sev/noinstr.c
@@ -121,6 +121,9 @@ noinstr struct ghcb *__sev_get_ghcb(struct ghcb_state *state)
 
 	WARN_ON(!irqs_disabled());
 
+	if (!sev_cfg.ghcbs_initialized)
+		return boot_ghcb;
+
 	data = this_cpu_read(runtime_data);
 	ghcb = &data->ghcb_page;
 
@@ -164,6 +167,9 @@ noinstr void __sev_put_ghcb(struct ghcb_state *state)
 
 	WARN_ON(!irqs_disabled());
 
+	if (!sev_cfg.ghcbs_initialized)
+		return;
+
 	data = this_cpu_read(runtime_data);
 	ghcb = &data->ghcb_page;
 
diff --git a/arch/x86/entry/entry_fred.c b/arch/x86/entry/entry_fred.c
index 88c757ac8ccd..fbe2d10dd737 100644
--- a/arch/x86/entry/entry_fred.c
+++ b/arch/x86/entry/entry_fred.c
@@ -177,6 +177,16 @@ static noinstr void fred_extint(struct pt_regs *regs)
 	}
 }
 
+#ifdef CONFIG_AMD_MEM_ENCRYPT
+noinstr void exc_vmm_communication(struct pt_regs *regs, unsigned long error_code)
+{
+	if (user_mode(regs))
+		return user_exc_vmm_communication(regs, error_code);
+	else
+		return kernel_exc_vmm_communication(regs, error_code);
+}
+#endif
+
 static noinstr void fred_hwexc(struct pt_regs *regs, unsigned long error_code)
 {
 	/* Optimize for #PF. That's the only exception which matters performance wise */
@@ -207,6 +217,10 @@ static noinstr void fred_hwexc(struct pt_regs *regs, unsigned long error_code)
 #ifdef CONFIG_X86_CET
 	case X86_TRAP_CP: return exc_control_protection(regs, error_code);
 #endif
+#ifdef CONFIG_AMD_MEM_ENCRYPT
+	case X86_TRAP_VC: return exc_vmm_communication(regs, error_code);
+#endif
+
 	default: return fred_bad_type(regs, error_code);
 	}
 
-- 
2.48.1

Re: [PATCH v3 0/3] x86/fred: Fix SEV-ES/SNP guest boot failures

[Borislav Petkov]

On Wed, Mar 18, 2026 at 07:56:51AM +0000, Nikunj A Dadhania wrote:
> Dave Hansen (1):
>   x86/cpu: Disable CR pinning during CPU bringup
> 
> Nikunj A Dadhania (2):
>   x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()
>   x86/fred: Fix early boot failures on SEV-ES/SNP guests
> 
>  arch/x86/coco/sev/noinstr.c  |  6 ++++++
>  arch/x86/entry/entry_fred.c  | 14 ++++++++++++
>  arch/x86/kernel/cpu/common.c | 41 +++++++++++++++++++++++++++---------
>  3 files changed, 51 insertions(+), 10 deletions(-)

Looks good so far in testing, I'll hammer on it some more and then queue it
later.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Re: [PATCH v3 1/3] x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()

[Sohil Mehta]

Hi Nikunj,

The code changes and the commit message looks fine to me. I would
suggest a minor correction to the code comment and the commit log. I
found it slightly misleading. It can probably be fixed up while applying
as well.

On 3/18/2026 12:56 AM, Nikunj A Dadhania wrote:
> Move FSGSBASE enablement from identify_cpu() to
> cpu_init_exception_handling() to ensure it is enabled before any exceptions
> can occur on both boot and secondary CPUs.
> 

It would be more accurate to say ".. before any exceptions that uses
paranoid_entry() can occur.."

I think early exceptions such #VC can still occur and the
bringup_idt_table is set up to handle those.

> == Background ==

...

> +	/*
> +	 * On CPUs with FSGSBASE support, paranoid_entry() uses
> +	 * ALTERNATIVE-patched RDGSBASE/WRGSBASE instructions. Secondary CPUs
> +	 * boot after alternatives are patched globally, so early exceptions
> +	 * execute patched code that depends on FSGSBASE. Enable the feature
> +	 * before any exceptions occur.


On similar lines. I suggest getting rid of the last line: "Enable the
feature before any exceptions occur." The rest looks fine to me.


> +	 */
> +	if (cpu_feature_enabled(X86_FEATURE_FSGSBASE)) {
> +		cr4_set_bits(X86_CR4_FSGSBASE);
> +		elf_hwcap2 |= HWCAP2_FSGSBASE;
> +	}
> +

Reviewed-by: Sohil Mehta <sohil.mehta@intel.com>

Re: [PATCH v3 1/3] x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()

[Borislav Petkov]

On Wed, Mar 18, 2026 at 06:54:46AM -0700, Sohil Mehta wrote:
> It would be more accurate to say ".. before any exceptions that uses
> paranoid_entry() can occur.."
> 
> I think early exceptions such #VC can still occur and the
> bringup_idt_table is set up to handle those.

I really don't understand what the splitting of hairs is supposed to bring
here?!

The commit message is more than clear and overly detailed - I even thought of
shortening it because it went too long...

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Re: [PATCH v3 1/3] x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()

[Dave Hansen]

On 3/18/26 08:39, Borislav Petkov wrote:
> On Wed, Mar 18, 2026 at 06:54:46AM -0700, Sohil Mehta wrote:
>> It would be more accurate to say ".. before any exceptions that uses
>> paranoid_entry() can occur.."
>>
>> I think early exceptions such #VC can still occur and the
>> bringup_idt_table is set up to handle those.
> I really don't understand what the splitting of hairs is supposed to bring
> here?!
> 
> The commit message is more than clear and overly detailed - I even thought of
> shortening it because it went too long...

Yeah, while Sohil's suggested addition is technically correct, the
suggestion is a _bit_ too detailed for my taste. I'm OK leaving it like
Nikunj's original version.

Re: [PATCH v3 1/3] x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling()

[Sohil Mehta]

On 3/18/2026 8:53 AM, Dave Hansen wrote:
> On 3/18/26 08:39, Borislav Petkov wrote:
>> On Wed, Mar 18, 2026 at 06:54:46AM -0700, Sohil Mehta wrote:
>>> It would be more accurate to say ".. before any exceptions that uses
>>> paranoid_entry() can occur.."
>>>
>>> I think early exceptions such #VC can still occur and the
>>> bringup_idt_table is set up to handle those.
>> I really don't understand what the splitting of hairs is supposed to bring
>> here?!
>>
>> The commit message is more than clear and overly detailed - I even thought of
>> shortening it because it went too long...
> 
> Yeah, while Sohil's suggested addition is technically correct, the
> suggestion is a _bit_ too detailed for my taste. I'm OK leaving it like
> Nikunj's original version.


Sorry about the churn.

While reviewing the patch, I was trying to understand the difference
between the early exception handlers and the one setup by
cpu_init_exception_handling() on BSP and APs. It caught my attention
that the code comment said, "Enable the feature (FSGSBASE) before any
exceptions occur."

I got a bit carried away with the technicalities!