[PATCH v3 0/7] KVM: SVM: Fixes for VMCB12 checks and mapping

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Yosry Ahmed <yosry@kernel.org>
To: Sean Christopherson <seanjc@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	Jim Mattson <jmattson@google.com>,
	kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Subject: [PATCH v3 0/7] KVM: SVM: Fixes for VMCB12 checks and mapping
Date: Fri, 13 Mar 2026 00:10:17 +0000	[thread overview]
Message-ID: <20260313001024.136619-1-yosry@kernel.org> (raw)

Jim pointed out that VMRUN/VMLOAD/VMSAVE injecting a #GP when the vmcb12
GPA is valid but not mappable is not architectural [1]. The series
handles them as emulation failures and (mostly) exits to userspace
instead. It also fixes the checks performed on the vmcb12 GPA (i.e. RAX)
in a few places.

v2 -> v3:
- Drop the patch simplifying error handling of
  nested_svm_copy_vmcb12_to_cache() as it was picked up into
  kvm-x86/next.
- Drop the legal GPA check on RAX in the emulator instead of fixing it
  [Sean].
- Fix legal GPA check on RAX in the #GP interception path [Sean].
- Move legal GPA check to VMRUN/VMLOAD/VMSAVE interception handlers
  [Yosry].
- Update the selftest to use the first GPA after memslots, rather than
  the maximum legal GPA, as the unmappable GPA. This is needed because
  the maximum legal GPA sometimes still produces a #GP if it's in a
  reserved area [Yosry].

v2: https://lore.kernel.org/kvm/20260306210900.1933788-1-yosry@kernel.org/


Yosry Ahmed (7):
  KVM: SVM: Drop RAX check for SVM instructions from the emulator
  KVM: SVM: Check that RAX has legal GPA on #GP interception of SVM
    insns
  KVM: SVM: Move RAX legality check to SVM insn interception handlers
  KVM: SVM: Treat mapping failures equally in VMLOAD/VMSAVE emulation
  KVM: nSVM: Fail emulation of VMRUN/VMLOAD/VMSAVE if mapping vmcb12
    fails
  KVM: selftests: Rework svm_nested_invalid_vmcb12_gpa
  KVM: selftests: Drop 'invalid' from svm_nested_invalid_vmcb12_gpa's
    name

 arch/x86/kvm/emulate.c                        |  17 +-
 arch/x86/kvm/svm/nested.c                     |  11 +-
 arch/x86/kvm/svm/svm.c                        |  37 ++--
 tools/testing/selftests/kvm/Makefile.kvm      |   2 +-
 .../kvm/x86/svm_nested_invalid_vmcb12_gpa.c   |  98 ----------
 .../selftests/kvm/x86/svm_nested_vmcb12_gpa.c | 176 ++++++++++++++++++
 6 files changed, 203 insertions(+), 138 deletions(-)
 delete mode 100644 tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.c
 create mode 100644 tools/testing/selftests/kvm/x86/svm_nested_vmcb12_gpa.c


base-commit: bfd7f4adc1230373c25e1b787a6f1ee407eb0656
-- 
2.53.0.851.ga537e3e6e9-goog

next             reply	other threads:[~2026-03-13  0:10 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-03-13  0:10 Yosry Ahmed [this message]
2026-03-13  0:10 ` [PATCH v3 1/7] KVM: SVM: Drop RAX check for SVM instructions from the emulator Yosry Ahmed
2026-03-15 12:55   ` Paolo Bonzini
2026-03-16 13:49     ` Yosry Ahmed
2026-03-16 16:28       ` Yosry Ahmed
2026-03-17 13:15       ` Paolo Bonzini
2026-03-17 14:58         ` Jim Mattson
2026-03-18 15:55           ` Paolo Bonzini
2026-03-13  0:10 ` [PATCH v3 2/7] KVM: SVM: Check that RAX has legal GPA on #GP interception of SVM insns Yosry Ahmed
2026-03-13  0:10 ` [PATCH v3 3/7] KVM: SVM: Move RAX legality check to SVM insn interception handlers Yosry Ahmed
2026-03-13 18:17   ` Yosry Ahmed
2026-03-13 22:44     ` Sean Christopherson
2026-03-13 23:08       ` Yosry Ahmed
2026-03-16 15:25     ` Yosry Ahmed
2026-03-13  0:10 ` [PATCH v3 4/7] KVM: SVM: Treat mapping failures equally in VMLOAD/VMSAVE emulation Yosry Ahmed
2026-03-13  0:10 ` [PATCH v3 5/7] KVM: nSVM: Fail emulation of VMRUN/VMLOAD/VMSAVE if mapping vmcb12 fails Yosry Ahmed
2026-03-13  0:10 ` [PATCH v3 6/7] KVM: selftests: Rework svm_nested_invalid_vmcb12_gpa Yosry Ahmed
2026-03-13  0:10 ` [PATCH v3 7/7] KVM: selftests: Drop 'invalid' from svm_nested_invalid_vmcb12_gpa's name Yosry Ahmed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260313001024.136619-1-yosry@kernel.org \
    --to=yosry@kernel.org \
    --cc=jmattson@google.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=seanjc@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox