From: Sean Christopherson <seanjc@google.com>
To: Yosry Ahmed <yosry.ahmed@linux.dev>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
stable@vger.kernel.org
Subject: Re: [PATCH v4 13/26] KVM: nSVM: Unify handling of VMRUN failures with proper cleanup
Date: Thu, 5 Feb 2026 16:47:59 -0800 [thread overview]
Message-ID: <aYU6P2qNEpRVWllL@google.com> (raw)
In-Reply-To: <20260115011312.3675857-14-yosry.ahmed@linux.dev>
On Thu, Jan 15, 2026, Yosry Ahmed wrote:
> @@ -983,6 +991,8 @@ static void __nested_svm_vmexit(struct vcpu_svm *svm)
> struct vmcb *vmcb01 = svm->vmcb01.ptr;
> struct kvm_vcpu *vcpu = &svm->vcpu;
>
> + WARN_ON_ONCE(is_guest_mode(vcpu));
> +
> svm->nested.vmcb12_gpa = 0;
> svm->nested.ctl.nested_cr3 = 0;
>
> @@ -1006,6 +1016,19 @@ static void __nested_svm_vmexit(struct vcpu_svm *svm)
> kvm_queue_exception(vcpu, DB_VECTOR);
> }
>
> +static void nested_svm_failed_vmrun(struct vcpu_svm *svm, struct vmcb *vmcb12)
I don't love the name. "fail" has very specific meaning in VMX for VMLAUNCH and
VMRESUME, as VM-Fail is not a VM-Exit, e.g. doesn't load host state from the VMCS.
I also don't love that the name doesn't capture that this is synthesizing a #VMEXIT.
Maybe nested_svm_vmrun_error_vmexit()? I suppose nested_svm_failed_vmrun_vmexit()
isn't too bad either, as that at least addresses my concerns about conflating it
with VMX's VM-Fail.
> +{
> + WARN_ON(svm->vmcb == svm->nested.vmcb02.ptr);
WARN_ON_ONCE()
> +
> + leave_guest_mode(vcpu);
Someone didn't test each patch. "vcpu" doesn't exist until
"KVM: nSVM: Restrict mapping VMCB12 on nested VMRUN". Just pass in @vcpu and
@vmcb12, i.e. don't pass @svm and then pull @vcpu back out.
> + vmcb12->control.exit_code = SVM_EXIT_ERR;
> + vmcb12->control.exit_code_hi = -1u;
> + vmcb12->control.exit_info_1 = 0;
> + vmcb12->control.exit_info_2 = 0;
> + __nested_svm_vmexit(svm);
> +}
...
> @@ -1224,6 +1232,8 @@ void nested_svm_vmexit(struct vcpu_svm *svm)
> if (guest_cpu_cap_has(vcpu, X86_FEATURE_ERAPS))
> vmcb01->control.erap_ctl |= ERAP_CONTROL_CLEAR_RAP;
>
> + /* VMRUN failures before switching to VMCB02 are handled by nested_svm_failed_vmrun() */
Please don't add comments that just point elsewhere. They inevitably become
stale, and they don't help the reader understand "why" any of this matters.
E.g. something like
/*
* This helper is intended for use only when KVM synthesizing a #VMEXIT
* after a successful nested VMRUN. All VMRUN consistency checks must
* be performed before loading guest state, and so should use the inner
* helper.
*/
next prev parent reply other threads:[~2026-02-06 0:48 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20260115011312.3675857-1-yosry.ahmed@linux.dev>
2026-01-15 1:12 ` [PATCH v4 01/26] KVM: SVM: Switch svm_copy_lbrs() to a macro Yosry Ahmed
2026-02-06 0:59 ` Sean Christopherson
2026-02-06 1:12 ` Yosry Ahmed
2026-02-06 1:25 ` Sean Christopherson
2026-02-06 15:13 ` Yosry Ahmed
2026-02-06 15:54 ` Sean Christopherson
2026-01-15 1:12 ` [PATCH v4 02/26] KVM: SVM: Add missing save/restore handling of LBR MSRs Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 04/26] KVM: nSVM: Always inject a #GP if mapping VMCB12 fails on nested VMRUN Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 05/26] KVM: nSVM: Triple fault if mapping VMCB12 fails on nested #VMEXIT Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 06/26] KVM: nSVM: Triple fault if restore host CR3 " Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 07/26] KVM: nSVM: Drop nested_vmcb_check_{save/control}() wrappers Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 08/26] KVM: nSVM: Call enter_guest_mode() before switching to VMCB02 Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 09/26] KVM: nSVM: Make nested_svm_merge_msrpm() return an errno Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 10/26] KVM: nSVM: Call nested_svm_merge_msrpm() from enter_svm_guest_mode() Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 11/26] KVM: nSVM: Call nested_svm_init_mmu_context() before switching to VMCB02 Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 12/26] KVM: nSVM: Refactor minimal #VMEXIT handling out of nested_svm_vmexit() Yosry Ahmed
2026-01-15 1:12 ` [PATCH v4 13/26] KVM: nSVM: Unify handling of VMRUN failures with proper cleanup Yosry Ahmed
2026-02-06 0:47 ` Sean Christopherson [this message]
2026-02-06 15:40 ` Yosry Ahmed
2026-02-06 1:20 ` Sean Christopherson
2026-01-15 1:13 ` [PATCH v4 14/26] KVM: nSVM: Clear EVENTINJ field in VMCB12 on nested #VMEXIT Yosry Ahmed
2026-01-15 1:13 ` [PATCH v4 15/26] KVM: nSVM: Drop the non-architectural consistency check for NP_ENABLE Yosry Ahmed
2026-01-15 1:13 ` [PATCH v4 16/26] KVM: nSVM: Add missing consistency check for nCR3 validity Yosry Ahmed
2026-01-22 1:38 ` Yosry Ahmed
2026-01-15 1:13 ` [PATCH v4 17/26] KVM: nSVM: Add missing consistency check for hCR0.PG and NP_ENABLE Yosry Ahmed
2026-01-15 1:13 ` [PATCH v4 18/26] KVM: nSVM: Add missing consistency check for EFER, CR0, CR4, and CS Yosry Ahmed
2026-01-15 1:13 ` [PATCH v4 19/26] KVM: nSVM: Add missing consistency check for event_inj Yosry Ahmed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aYU6P2qNEpRVWllL@google.com \
--to=seanjc@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
--cc=yosry.ahmed@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox