From: Sean Christopherson <seanjc@google.com>
To: Yosry Ahmed <yosry.ahmed@linux.dev>
Cc: Kevin Cheng <chengkev@google.com>,
pbonzini@redhat.com, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] KVM: SVM: Raise #UD if VMMCALL instruction is not intercepted
Date: Tue, 6 Jan 2026 15:38:57 -0800 [thread overview]
Message-ID: <aV2dEWVolv2862-D@google.com> (raw)
In-Reply-To: <pbbfdqgd7vu6xknmrlg6ezrbhprnw42ngbkp7f55thxanqgnuf@7l4fkbrk7v76>
On Tue, Jan 06, 2026, Yosry Ahmed wrote:
> On Tue, Jan 06, 2026 at 10:29:59AM -0800, Sean Christopherson wrote:
> > > +static int vmmcall_interception(struct kvm_vcpu *vcpu)
> > > +{
> > > + /*
> > > + * If VMMCALL from L2 is not intercepted by L1, the instruction raises a
> > > + * #UD exception
> > > + */
> >
> > Mentioning L2 and L1 is confusing. It reads like arbitrary KVM behavior. And
> > IMO the most notable thing is what's missing: an intercept check. _That_ is
> > worth commenting, e.g.
> >
> > /*
> > * VMMCALL #UDs if it's not intercepted, and KVM reaches this point if
> > * and only if the VMCALL intercept is not set in vmcb12.
>
> Nit: VMMCALL
>
> > */
> >
>
> Would it be too paranoid to WARN if the L1 intercept is set here?
Yes. At some point we have to rely on not being completely inept :-D, and more
importantly this is something that should be trivial easy to validate via tests.
My hesitation for such a check is that adding a WARN here begs the question of
what makes _this_ particular handler special, i.e. why doesn't every other handler
also check that an exit shouldn't have been routed to L1? At that point we'd be
replicating much of the routing logic into every exit handler.
And it _still_ wouldn't guarantee correctness, e.g. wouldn't detect the case where
KVM incorrectly forwarded a VMMCALL to L1, i.e. we still need the aforementioned
tests, and so I see the WARN as an overall net-negative.
> WARN_ON_ONCE(vmcb12_is_intercept(&svm->nested.ctl, INTERCEPT_VMMCALL));
next prev parent reply other threads:[~2026-01-06 23:38 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-06 4:12 [PATCH 0/2] KVM: SVM: Align SVM with APM defined behaviors Kevin Cheng
2026-01-06 4:12 ` [PATCH 1/2] KVM: SVM: Generate #UD for certain instructions when SVME.EFER is disabled Kevin Cheng
2026-01-06 18:21 ` Sean Christopherson
2026-01-06 20:38 ` Andrew Cooper
2026-01-06 23:42 ` Yosry Ahmed
2026-01-06 23:48 ` Sean Christopherson
2026-01-07 0:04 ` Yosry Ahmed
2026-01-06 4:12 ` [PATCH 2/2] KVM: SVM: Raise #UD if VMMCALL instruction is not intercepted Kevin Cheng
2026-01-06 18:29 ` Sean Christopherson
2026-01-06 18:52 ` Andrew Cooper
2026-01-06 18:57 ` Sean Christopherson
2026-01-06 20:40 ` Andrew Cooper
2026-01-06 23:31 ` Yosry Ahmed
2026-01-06 23:38 ` Sean Christopherson [this message]
2026-01-07 0:02 ` Yosry Ahmed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aV2dEWVolv2862-D@google.com \
--to=seanjc@google.com \
--cc=chengkev@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=yosry.ahmed@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox