From nobody Mon Apr 13 03:42:16 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass(p=quarantine dis=none) header.from=amd.com ARC-Seal: i=2; a=rsa-sha256; t=1770983007; cv=pass; d=zohomail.com; s=zohoarc; b=EUXVdEwOWz2dm7ZSWG5OVGVgvcrw+W7N3v215q2G4KFS3Oz0f+js3CddGO0eOjnrfYBJ2DBnPoz1D9nM9w96X1119FDqm6biZTuKNncLj7fBsDXOXi5eMVq1T/vOI98y02joX7Uc8kYaaQJnDB6jK2C+oM7z4il345W+RPQ+bJw= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770983007; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=I0y/jiaWpDpjk0pgHhZt6MHRmsRmszq2JqQEQKmVQpY=; b=LWKSN1jJZyFvq+iiDDNP2qoXybAgV3s2WcrApncNItpbloL9xkVIcuxpwaFLJ1bhCEyRjnpfx79wMZjnk4pj7KhpfTKhn+/n/r/2Np1ruApm/or6Z8VgA2w2DgLyToMi7SizpmIehAvLMVh9TwvMDft07bUCBTItErOP4uXwyQ4= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1770983007884304.2998117890104; Fri, 13 Feb 2026 03:43:27 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1230718.1536162 (Exim 4.92) (envelope-from ) id 1vqrZc-00088w-0L; Fri, 13 Feb 2026 11:43:00 +0000 Received: by outflank-mailman (output) from mailman id 1230718.1536162; Fri, 13 Feb 2026 11:42:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZb-00088k-TB; Fri, 13 Feb 2026 11:42:59 +0000 Received: by outflank-mailman (input) for mailman id 1230718; Fri, 13 Feb 2026 11:42:58 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZa-00084s-Oq for xen-devel@lists.xenproject.org; Fri, 13 Feb 2026 11:42:58 +0000 Received: from SA9PR02CU001.outbound.protection.outlook.com (mail-southcentralusazlp170130001.outbound.protection.outlook.com [2a01:111:f403:c10c::1]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 22bc5ac4-08d1-11f1-9ccf-f158ae23cfc8; Fri, 13 Feb 2026 12:42:56 +0100 (CET) Received: from SJ0PR03CA0337.namprd03.prod.outlook.com (2603:10b6:a03:39c::12) by DS0PR12MB7725.namprd12.prod.outlook.com (2603:10b6:8:136::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.10; Fri, 13 Feb 2026 11:42:50 +0000 Received: from CO1PEPF00012E7D.namprd03.prod.outlook.com (2603:10b6:a03:39c:cafe::c9) by SJ0PR03CA0337.outlook.office365.com (2603:10b6:a03:39c::12) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9611.10 via Frontend Transport; Fri, 13 Feb 2026 11:42:31 +0000 Received: from satlexmb07.amd.com (165.204.84.17) by CO1PEPF00012E7D.mail.protection.outlook.com (10.167.249.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.8 via Frontend Transport; Fri, 13 Feb 2026 11:42:50 +0000 Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Fri, 13 Feb 2026 05:42:47 -0600 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 22bc5ac4-08d1-11f1-9ccf-f158ae23cfc8 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ZvBS7/VPGh25lEb6N7q5LZuBXMt2Z7yRlgXex9OrAr5u6TBxLKvdXx0SPq1oB8Zsfu49r1/bgHxRMoFgzMYEfDnud+oZVqTboHqwowjGKG+SSm5B7OvHxjJqxvaVbKEy3A5Z5ypmaoT8IIb9UWL0W+iCXhZb3ahNBJB4PG5i576LwVqXTCVej+udTBnxdhT9ALEnaF2L+cghb23ynDRGxfW01QnoLHkaoLvNXdC7vm+RROXA3baFLGlSBxO+ASXrfpbJDK+yyAPnjFqiRimZwE+wCHDUCnmtyAbI5cxSK3Jyaf7tVkJZ5EIXCWKWPDc4vggLTgUWosttOkaaTv10Nw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=I0y/jiaWpDpjk0pgHhZt6MHRmsRmszq2JqQEQKmVQpY=; b=d6r6yAroEnWsL5EPZXKZibQbfImuodgG2LTCDEPLJtZlKlczankrBlyljM8HWKP19X4PpAdV8fMoAt7dIODsZPerg2AKnvvkwi5OB1xbDXqohBaaUeHSa7husTA5RnZ2YwvnHY3CPUQdPitcJLTfcd1B2nJuS8G7PbUNYu3twG8k8C0GuXyJyneV4yRAHpyCn79N/hwyf0pw+KIGwq3mFXiVg75DQeoCjtt2hP+6QMMAUR2l6rRwSRpIASviwf3QFjUs/5UNolK096Fn67FAKFxgUaeiabiLwOfZ6i1lP907pjX2+VNObqRMjfc79J2DwG5o8ur0t2XcYh6GpsB2iA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I0y/jiaWpDpjk0pgHhZt6MHRmsRmszq2JqQEQKmVQpY=; b=c337/MvhtjYafSCTd04pyn+U3NGTC05lNgj2VtMrnQA0TT04R3wrwDAx3IACf7J1jTIkHJfEjJ4e/0ejLnQkqoOZ8USgvUetG3Tzu9JiGrAPf2wyozL2WAUBZXfJ7KD7YTq3h7aZlldic6bx/O8MTcqUUoEWm+Kwpoc+C63X7qY= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C From: Alejandro Vallejo To: CC: Alejandro Vallejo , Oleksii Kurochko , Community Manager , Jan Beulich , "Andrew Cooper" , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Anthony PERARD Subject: [PATCH v3 1/4] x86: Reject CPU policies with vendors other than the host's Date: Fri, 13 Feb 2026 12:42:27 +0100 Message-ID: <20260213114232.42996-2-alejandro.garciavallejo@amd.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> References: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com (10.181.42.216) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF00012E7D:EE_|DS0PR12MB7725:EE_ X-MS-Office365-Filtering-Correlation-Id: 6afced65-a829-41f4-25b7-08de6af50436 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|376014|1800799024|13003099007; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?iW7PdIT2vD0IAWOHcqS/D/vJGSvhZ2r3XnMipdKg8BBkvMCf5WV4rWKgCyre?= =?us-ascii?Q?pDpslIjjyETk0SUZWGUtOYZYKKc2RV6Wto/a5MDhvF5VuDa8a76fPao3BI8+?= =?us-ascii?Q?BnqDK1Rbc9abu6JMJkhMSU1XlYYRYz9Hh7NCumMO6Fd3yceP2OBhYch8Z0T/?= =?us-ascii?Q?z0G+joGjGgvxMKEeEQV3d8+CgiZS1eCNhDoE4oJqaY2YCNTrk/fIoejw2cbU?= =?us-ascii?Q?PUn9VZFYc2f4+OsKbZdKym5G3riS5cF9bWrZEOyCGTQcyfyl6y8/JchAA7rF?= =?us-ascii?Q?A/xbLmgJhdf/0bjuQfStbptMrpdETLVi0nAZ2UVTCWowrjHHabvsCsIls67M?= =?us-ascii?Q?DDuGfDyzVYEQTJV8GDAuBxOKUdhHL2khqiV1owEosOc43Bwj3ykbcUBHMAcl?= =?us-ascii?Q?lsY4H4+SZl4NcsiYSGnupPEFcNUxhZ57R6MtWquwz/93zXTAP2uZnENQWZkX?= =?us-ascii?Q?KK17PifsV1NWCfbnSjGkprLuNJgLsWJsBG/935KF91Tirxcf2tBkYkRjLDCx?= =?us-ascii?Q?jL3Nms6ae5YDbuyGjsG084V34ULalV1l/lQcW6Z6TlzJ7IU7yqV6jkKuveYz?= =?us-ascii?Q?faE0pMP8OC4p7my2VxsLKfQOswVOnb6JLCgoR93rQesWSBsF6e8e0wLPaKRF?= =?us-ascii?Q?cXt59uGDhDyyG54MGGXJdfHtWb61fxdKuqy2S0L9ZYFOZZiRJTgWMhVCsPYj?= =?us-ascii?Q?vW3ckSh7YVl5QwAdB47NUukiTplhUBsUChzMhFJ4rh80UzyeixIruC57LKCW?= =?us-ascii?Q?wkL72c97pNLrlY+IdH5CZmzQa78irmLIf55zWuqivPk0EPp2i++lKcFOW1Kf?= =?us-ascii?Q?LazjY+t9sHbOYDo9Q2idStxu/R2wWVDoSu2IPVdcHRj7lwv+ZsiqWknpaVZa?= =?us-ascii?Q?Qwxeip9kT+MRiMGEd2Kn8LMwKDWv3AyzQSBixmFZx4LE3XhvNL3vVqIKYfZH?= =?us-ascii?Q?w6C8R3fssoHi07sNOorRwCgLfMGUmy+V4ByIOIpBE/TkLqFMw9TnwyxnO5SG?= =?us-ascii?Q?9xxTDznsZtNTUP5PKgxyIMXm3k0dDO9P0OPR79FeD8BVFGTPBO2Tm/pju61P?= =?us-ascii?Q?Jz9rz4f39PfgffU211gQAmvWjK01PGOKWsKvxTf85PlRzzDytYf4yANhAf/8?= =?us-ascii?Q?uyncTwouQodAfoOjKRFm4xeX9gzlwKCbg2G9QCZEen3yWa6+7TndVbGWR/g8?= =?us-ascii?Q?PYDrhcnhfrnlg3ebYWFRTWfde3z8IehOsd2pRSNIUKlY6VAW/JI9ts9qaOSQ?= =?us-ascii?Q?yHk3xz3f5VY0kG7ozQwcstXe+oRRDzGtinpKY6/r1PpbSIsJbBkjo4g/Uhns?= =?us-ascii?Q?lZca9cVWviWb/Lu5YzecxrPNdfO0gMksMvTvC+b+iY3QEZWwyvH6aIJL0v4B?= =?us-ascii?Q?XynYJJqO9DBLP/xdWP+pMvphmcSfdMzKhgJikG0r+ZKbqbG4Ey0hYZQI00lk?= =?us-ascii?Q?JfysjztIevyt+62Li2NC6AL4N9Qf7523SnXDBGzPrTlr4ECewxW5w4IPX57+?= =?us-ascii?Q?E4ATK/27pYn9469QTrg/f1SmlBEYc/yKJhRP1WatX1IeWsmOUcn23KWSVHWs?= =?us-ascii?Q?+bHCIFBCFbp0D2/bhXEZjArCgrvDZTLDGFN5JXxKVt/W8usMOOltN69/yGDD?= =?us-ascii?Q?0A=3D=3D?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(376014)(1800799024)(13003099007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Ue+xFcUw8DXj74Btygtxi0LvCGAa/SNvDsWj8bfEA9QK+BmzMxyKuAK2TOmMA7UhJBALQQq47Ep+Be2fMaXI58iGgqmOAECEAjvYT7zBozzHrM2s+0f3OPD8kZgyBcs27+C1bEGFBGIqt6Ze6lCFohGCfa+pgymRgokPJHQpm0Q6HjgvlEegVt8wwqLDJUnq5nHwEIp+AiZHBo2Kl0O8+UZIsXsW41mg8NeLNOBeqjk5GCv7HgI5uoggFrhNNEhmpNqFvmTAn+OJEYMsPKwAw5ENJp0Ejxjrv1p3ToCvyqWrJ9rC+1UPEjtRyznovtnO05FJ2pDksQbpA9r6BKKjbEPOBDoSYXJf00Zp+6ocdYukdezEhtkjHmczBKUGqHjiRX72zNFuUs7uaamG7y9qusqNA9VkQG0zyUpCBeZmUnPu5Zee07Ok90caQsapYZhE X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Feb 2026 11:42:50.2042 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6afced65-a829-41f4-25b7-08de6af50436 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF00012E7D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7725 X-ZohoMail-DKIM: pass (identity @amd.com) X-ZM-MESSAGEID: 1770983010559154100 Content-Type: text/plain; charset="utf-8" While in principle it's possible to have a vendor virtualising another, this is fairly tricky in practice and comes with the world's supply of security issues. Reject any CPU policy with vendors not matching the host's. Signed-off-by: Alejandro Vallejo --- v3: * Check vendor_e{b,c,d}x rather than x86_vendor. * Added unit tests for pass/fail cases. * They cover a success and a failure on a comparison of an unknown vendor. --- CHANGELOG.md | 5 +++++ tools/tests/cpu-policy/test-cpu-policy.c | 27 ++++++++++++++++++++++++ xen/lib/x86/policy.c | 5 ++++- 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 18f3d10f20..426c0bce67 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,11 @@ The format is based on [Keep a Changelog](https://keepac= hangelog.com/en/1.0.0/) - Xenoprofile support. Oprofile themselves removed support for Xen in = 2014 prior to the version 1.0 release, and there has been no development s= ince before then in Xen. + - Domains can no longer run on a CPU vendor if they were initially laun= ched + on a different CPU vendor. This affects live migrations and save/rest= ore + workflows accross mixed-vendor hosts. Cross-vendor emulation has alwa= ys + been unreliable, but since 2017 with the advent of speculation securi= ty it + became unsustainably so. =20 - Removed xenpm tool on non-x86 platforms as it doesn't actually provide anything useful outside of x86. diff --git a/tools/tests/cpu-policy/test-cpu-policy.c b/tools/tests/cpu-pol= icy/test-cpu-policy.c index 301df2c002..88a9a26e8f 100644 --- a/tools/tests/cpu-policy/test-cpu-policy.c +++ b/tools/tests/cpu-policy/test-cpu-policy.c @@ -586,6 +586,19 @@ static void test_is_compatible_success(void) .platform_info.cpuid_faulting =3D true, }, }, + { + .name =3D "Host CPU vendor =3D=3D Guest CPU vendor (both unkno= wn)", + .host =3D { + .basic.vendor_ebx =3D X86_VENDOR_AMD_EBX + 1, + .basic.vendor_ecx =3D X86_VENDOR_AMD_ECX, + .basic.vendor_edx =3D X86_VENDOR_AMD_EDX, + }, + .guest =3D { + .basic.vendor_ebx =3D X86_VENDOR_AMD_EBX + 1, + .basic.vendor_ecx =3D X86_VENDOR_AMD_ECX, + .basic.vendor_edx =3D X86_VENDOR_AMD_EDX, + }, + }, }; struct cpu_policy_errors no_errors =3D INIT_CPU_POLICY_ERRORS; =20 @@ -629,6 +642,20 @@ static void test_is_compatible_failure(void) }, .e =3D { -1, -1, 0xce }, }, + { + .name =3D "Host CPU vendor !=3D Guest CPU vendor (both unknown= )", + .host =3D { + .basic.vendor_ebx =3D X86_VENDOR_AMD_EBX + 1, + .basic.vendor_ecx =3D X86_VENDOR_AMD_ECX, + .basic.vendor_edx =3D X86_VENDOR_AMD_EDX, + }, + .guest =3D { + .basic.vendor_ebx =3D X86_VENDOR_AMD_EBX + 2, + .basic.vendor_ecx =3D X86_VENDOR_AMD_ECX, + .basic.vendor_edx =3D X86_VENDOR_AMD_EDX, + }, + .e =3D { 0, -1, -1 }, + }, }; =20 printf("Testing policy compatibility failure:\n"); diff --git a/xen/lib/x86/policy.c b/xen/lib/x86/policy.c index f033d22785..f991b1f3a9 100644 --- a/xen/lib/x86/policy.c +++ b/xen/lib/x86/policy.c @@ -15,7 +15,10 @@ int x86_cpu_policies_are_compatible(const struct cpu_pol= icy *host, #define FAIL_MSR(m) \ do { e.msr =3D (m); goto out; } while ( 0 ) =20 - if ( guest->basic.max_leaf > host->basic.max_leaf ) + if ( (guest->basic.vendor_ebx !=3D host->basic.vendor_ebx) || + (guest->basic.vendor_ecx !=3D host->basic.vendor_ecx) || + (guest->basic.vendor_edx !=3D host->basic.vendor_edx) || + (guest->basic.max_leaf > host->basic.max_leaf) ) FAIL_CPUID(0, NA); =20 if ( guest->feat.max_subleaf > host->feat.max_subleaf ) --=20 2.43.0 From nobody Mon Apr 13 03:42:16 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass(p=quarantine dis=none) header.from=amd.com ARC-Seal: i=2; a=rsa-sha256; t=1770983002; cv=pass; d=zohomail.com; s=zohoarc; b=loE12+3teiF/cPoSEOCdTqum0tVYHQAtaLZx+GU3N77ph6H4oguYucG2c4csvo20/vEoSJphnXkxWh7vGuJP5TiAOKlbgabsmhYcT90ZhzHpjgkV/R+A2Lf/6b4Jn+YlM7rpZgMp6xebgjcpzrb8RgKEs8KED1lis1n9gwO3M/s= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770983002; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=/lu82w7S6wWrz5PttTxZC5TBMrjsq6q5LHbbG5LcEEg=; b=foSXRAH+ZuagPTfxnVHObTO8eW5fWBXgD57HIlkIsSieJxcph7nIAo5qjUqL881w9ZvoIivQM6YE1NSyj4zMVBYtevPRLZSyQWsKdvv+e//sk34yDd0NGbw1HdjdJEoWT3YgS4eE67qT/jSnXqJSJ/rlbMhlUvfsioYbe0LRutU= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1770983002369958.8985762140497; Fri, 13 Feb 2026 03:43:22 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1230719.1536172 (Exim 4.92) (envelope-from ) id 1vqrZd-0008Ms-9h; Fri, 13 Feb 2026 11:43:01 +0000 Received: by outflank-mailman (output) from mailman id 1230719.1536172; Fri, 13 Feb 2026 11:43:01 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZd-0008Mf-5P; Fri, 13 Feb 2026 11:43:01 +0000 Received: by outflank-mailman (input) for mailman id 1230719; Fri, 13 Feb 2026 11:42:59 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZb-0007uv-O6 for xen-devel@lists.xenproject.org; Fri, 13 Feb 2026 11:42:59 +0000 Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazlp170120001.outbound.protection.outlook.com [2a01:111:f403:c10d::1]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 2491678a-08d1-11f1-b163-2bf370ae4941; Fri, 13 Feb 2026 12:42:59 +0100 (CET) Received: from SJ0PR03CA0358.namprd03.prod.outlook.com (2603:10b6:a03:39c::33) by MN0PR12MB5740.namprd12.prod.outlook.com (2603:10b6:208:373::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.13; Fri, 13 Feb 2026 11:42:54 +0000 Received: from CO1PEPF00012E7D.namprd03.prod.outlook.com (2603:10b6:a03:39c:cafe::1d) by SJ0PR03CA0358.outlook.office365.com (2603:10b6:a03:39c::33) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9611.13 via Frontend Transport; Fri, 13 Feb 2026 11:42:51 +0000 Received: from satlexmb07.amd.com (165.204.84.17) by CO1PEPF00012E7D.mail.protection.outlook.com (10.167.249.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.8 via Frontend Transport; Fri, 13 Feb 2026 11:42:53 +0000 Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Fri, 13 Feb 2026 05:42:49 -0600 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 2491678a-08d1-11f1-b163-2bf370ae4941 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KVvRRvGvQqi63Cxfu7sQAI1Zfm+qmXWcarrRMvZMqChQBtKHuBxJWgFADtmBqjZFbqz/iD0djwReXglBckcVg5/9MkduW/qRLIqR/mM2m9cD0rbqhlvEbz1raeHifkhpXa+EvHfWh9vGtxphjDlPCkcFnvmkCSJX2PeSlEKN8ZdwOJCBnC+jE9gfopQ8bYTa2kzVoWzlcuPzWiL6jFKJDm0/7voYJQB22S11G9CZMlPr9qFjpQva+rJg+GAfjxyrADjzgC/+DC9iOYzB4JDsBsHo2tRBfWv+iMhjTii4xas72bZeGqZ0Z8hykQTpYhOd2IQ3z51whRoPEW/iM+NuMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/lu82w7S6wWrz5PttTxZC5TBMrjsq6q5LHbbG5LcEEg=; b=vftdS7c5bShAbGkTprfY7ckQ/YelCGklfazE30LB23SwlfvZekoMfbbFDl+V2VT//kG3g8tyrkd4s4CoyC3q8eJFe5ZH5BePewgBQ6C2zOcJRAq1V8leBj0hcA4ngbv+9lM+veHRDQiRByrZzHRZFnTw0YgfAt8zoJO3BEoc1rypiTIFfhrgqDMc8Poi5vkt1eEgiYxzWJcCuOnhOJmDNcLswCrXKDkn8sQfoKmpyWsB96pQUcxNDRbDaYJ0IrauLjmRmADbBRJEsj4IAUW3skkEOZYh126r3dsoZ6T4YHPolIqL/6EQOFn5J56T22VcjmWI1cu7LTcKl/SzH0Imzg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/lu82w7S6wWrz5PttTxZC5TBMrjsq6q5LHbbG5LcEEg=; b=TK3L1QuZHfFoOm01BMwN43fJQeqzzxhEkAwCGTW8BFIqgKYA5+HhdVfhyfstQqlcJQHcqiGACNGgqFimt9t8zyNIz74ZeLcNK3y20gC8MwdTLQD4UNeSQf5O9/Wxlrejlv83EjavbaD4UQU+NEJj3IrbmE2SgQtHpx72iXRdGZo= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C From: Alejandro Vallejo To: CC: Alejandro Vallejo , Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Jason Andryuk Subject: [PATCH v3 2/4] x86/hvm: Disable cross-vendor handling in #UD handler Date: Fri, 13 Feb 2026 12:42:28 +0100 Message-ID: <20260213114232.42996-3-alejandro.garciavallejo@amd.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> References: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com (10.181.42.216) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF00012E7D:EE_|MN0PR12MB5740:EE_ X-MS-Office365-Filtering-Correlation-Id: f446344e-c4ed-4181-5b33-08de6af50663 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|36860700013|82310400026|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?PpnCuENGZC4F2jqMRmXTFuF7YiSfAD1qN/H/OXPCvV22GbKdZMfGQLNfcWRY?= =?us-ascii?Q?YqhfEeRsZzPeSzfQBF84cxi7oKfZHxgzCyCEedAhVN0Tzv+wtedHf6CfElZ2?= =?us-ascii?Q?wA0lvuLJ9bt0p/EBAVfaGfiJav34BvoVrIAE/LiyQnkjmt5oFIpmiiK8GEFp?= =?us-ascii?Q?TGCWRaqP4s4gGBa08m0xk30dYdGXOjXsrAL6I3eoK1b9lZUS+Rb0gzpUnXLW?= =?us-ascii?Q?aKjy/EKLHfqpU3tpCm6TYpvA9M6XIyy3lgY87c420dYyiz0hjB3+YOVz7f3T?= =?us-ascii?Q?YFnwmH+CEtxtEt4GD2piXpV4clpGLeNq5eqhpVatZk1Cb0AeJv/gxkyfOIVd?= =?us-ascii?Q?JlhXPGc7HgBwCqQIdNDZpsYgP6b+iRyY7ZIBtB92FL0W0U9uw97O47vAxwbN?= =?us-ascii?Q?CUIZTOe0oJhPhvmWItM2UVYOpTFvSlkxcGNBhqaXf7XE6WLgYBWagOOkofpO?= =?us-ascii?Q?+o1qhvurXHbjl0d8S4+kzHEcXQ6YnDcHVHXwMciq0yZpigHj5nM7rg3KxOiV?= =?us-ascii?Q?MuPhBM+2fWvrpJFxlEJ1agt1N98mfg9q6pULq1pF2CaeFB1CzhHv+XX4dfZK?= =?us-ascii?Q?+C0AVwtsqzbkH7Ut9de3+TaB23gs973/dV+rQ5wENLDSDy90vC0Licl3I3Ei?= =?us-ascii?Q?lT9T8qepckpcbj+PW5qkiyOPqaZNC2RvfrP9B5AvJks8ujodGINYuWR2XPzZ?= =?us-ascii?Q?vQsZgpJU2Bo5MfM0l7kyPAySPaJY3GOtSczJAeg4sE7vd5u6dASjYmqUtXa/?= =?us-ascii?Q?r2aJSiWKF6a/tJ10VGyBOs5FWFwFgH05y0Zo2WQ/l3l8YPLuib3h4ioKPDkV?= =?us-ascii?Q?FT5wTP1ewxp/9GrDFtVqZzBO3NTiEg7yG7iANqa2H7+Q8o0FBC93tUSN9o/t?= =?us-ascii?Q?pPYSEi1Qvh/FU/j/KStFXEQPbwTS+iP6Bbd9o8iF3aNEA4SKMTCIy6hULEQc?= =?us-ascii?Q?eetlOXECbvpegkarYhwdYqcDoxwvDLU9JLyX6Na1JEZ58UaGD1UAwtOR83Qd?= =?us-ascii?Q?1Ob1c78YZPUWqa94BW8G5MJI3jBYNtqtw0Y33UhoD9LXScws5IRsHUwOzwjM?= =?us-ascii?Q?RWwIiNdyYwmNn+X8KyCySN6VP8Ev259xelaY2KUyy3Z+31Pnsp6u/zg0Wo6Y?= =?us-ascii?Q?NIpzC7XelmmvCuwuKPc04hiv+RH5dGyKSoBn8OQsJ9v2cJA4wwwhaDBSmP2V?= =?us-ascii?Q?ZfXTc2WNYaOkE/gb39YfYgYeX0gDAGULj2uJVaY1SGn3P9pyzZz6w19pGw8a?= =?us-ascii?Q?3HC+W1+ZoQWFvfb7tYo/V4theNlretdTHiCYohuwrmP2Yb/9Si1yyg6lA1ID?= =?us-ascii?Q?LNi7UGOyinxZeGeXbh+SDuiEayZYkG8k2z4m/4Tc8Frqtg0mRDc113EZNsz5?= =?us-ascii?Q?2zKo+xVmM8MxJ8gYIb+/UJSGe3rjpbRcrc2iQerDOTmk9enW4WO4eBMrd30J?= =?us-ascii?Q?RbmOAZIqMxourhvXOFsHEXzA2cZMfxjYZbOZNp9RGyLB18ULjKxHewPbPGby?= =?us-ascii?Q?5OV/QJDMgX+dVYchUsqz3k+qOBLgZRxSlJwtyEEhqmq2C48bDPAB3zNJbMnP?= =?us-ascii?Q?tTNa16oJMxOH8eNE6kNQdgpUHaOZKKyOrzA9NqWyP+HrCXuIOyaXyq+DEGY5?= =?us-ascii?Q?+oMbW9/8Wf7bWClBCSpQ2JDXeSvgFBGT23dJk9eA/Tc7RnCrNI8Rqmp3V+Cj?= =?us-ascii?Q?fuZp4w=3D=3D?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(36860700013)(82310400026)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: AzVue2CWpbtif4aZaTEeMmQqUeZwcePmCUgZQmuHXSkXyaAYaZnnEPcQ2InQHDBvE+nyjjN0yZUvdn9JR7suPWd0f7OWuRV/QfhdR4OD0Fqg5XSi+WiEIvSoaip/e14L85l3UpZqm67hMtIVhSero7OFsRrwKsAXjFZGQ+kf1m6unf2iKzVtExBZbLB4f1QfU6vl/gg/BVJD+QXdDHKeHB+HwoDnvsAlMXiKGD8LHpMzYJ6M17i9fZ9I/dTw+S3mQoyadHyVgkrwP0rTaHZ41gpuOTY/mu/TbEGSDqS9Wfk/w3jxObM7wlNqQG9ckekH7864YaeDutmTgL0HlCE1MEPlIcJEhsv720sNT+q/1o9LEo/P9mxGCcp5yNn89JX1eDwNkDUw+HsgLAo98XUmMEAKEmwlDEdCMrPxQAaoCaa8zRNcuvI68XxUtkPoS2hf X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Feb 2026 11:42:53.8542 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f446344e-c4ed-4181-5b33-08de6af50663 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF00012E7D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB5740 X-ZohoMail-DKIM: pass (identity @amd.com) X-ZM-MESSAGEID: 1770983004923154100 Content-Type: text/plain; charset="utf-8" Remove cross-vendor support now that VMs can no longer have a different vendor than the host. While at it, refactor the function to exit early and skip initialising the emulation context when FEP is not enabled. No functional change intended. Signed-off-by: Alejandro Vallejo --- v3: * No changes v2: * Fix bug introduced in v1: Don't emulate instructions when they shouldn't be emulated. * Refactor the function so it's simpler. --- xen/arch/x86/hvm/hvm.c | 77 +++++++++++++++----------------------- xen/arch/x86/hvm/svm/svm.c | 3 +- xen/arch/x86/hvm/vmx/vmx.c | 3 +- 3 files changed, 32 insertions(+), 51 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 4d37a93c57..8708af9425 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -3832,69 +3832,47 @@ int hvm_descriptor_access_intercept(uint64_t exit_i= nfo, return X86EMUL_OKAY; } =20 -static bool cf_check is_cross_vendor( - const struct x86_emulate_state *state, const struct x86_emulate_ctxt *= ctxt) -{ - switch ( ctxt->opcode ) - { - case X86EMUL_OPC(0x0f, 0x05): /* syscall */ - case X86EMUL_OPC(0x0f, 0x34): /* sysenter */ - case X86EMUL_OPC(0x0f, 0x35): /* sysexit */ - return true; - } - - return false; -} - void hvm_ud_intercept(struct cpu_user_regs *regs) { struct vcpu *cur =3D current; - bool should_emulate =3D - cur->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor; struct hvm_emulate_ctxt ctxt; + const struct segment_register *cs =3D &ctxt.seg_reg[x86_seg_cs]; + uint32_t walk =3D PFEC_insn_fetch; + unsigned long addr; + char sig[5]; /* ud2; .ascii "xen" */ =20 - hvm_emulate_init_once(&ctxt, opt_hvm_fep ? NULL : is_cross_vendor, reg= s); + if ( !opt_hvm_fep ) + goto reinject; =20 - if ( opt_hvm_fep ) - { - const struct segment_register *cs =3D &ctxt.seg_reg[x86_seg_cs]; - uint32_t walk =3D ((ctxt.seg_reg[x86_seg_ss].dpl =3D=3D 3) - ? PFEC_user_mode : 0) | PFEC_insn_fetch; - unsigned long addr; - char sig[5]; /* ud2; .ascii "xen" */ - - if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip, - sizeof(sig), hvm_access_insn_fetch, - cs, &addr) && - (hvm_copy_from_guest_linear(sig, addr, sizeof(sig), - walk, NULL) =3D=3D HVMTRANS_okay)= && - (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) =3D=3D 0) ) - { - regs->rip +=3D sizeof(sig); - regs->eflags &=3D ~X86_EFLAGS_RF; + hvm_emulate_init_once(&ctxt, NULL, regs); =20 - /* Zero the upper 32 bits of %rip if not in 64bit mode. */ - if ( !(hvm_long_mode_active(cur) && cs->l) ) - regs->rip =3D (uint32_t)regs->rip; + if ( ctxt.seg_reg[x86_seg_ss].dpl =3D=3D 3 ) + walk |=3D PFEC_user_mode; =20 - add_taint(TAINT_HVM_FEP); + if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip, + sizeof(sig), hvm_access_insn_fetch, + cs, &addr) && + (hvm_copy_from_guest_linear(sig, addr, sizeof(sig), + walk, NULL) =3D=3D HVMTRANS_okay) && + (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) =3D=3D 0) ) + { + regs->rip +=3D sizeof(sig); + regs->eflags &=3D ~X86_EFLAGS_RF; =20 - should_emulate =3D true; - } - } + /* Zero the upper 32 bits of %rip if not in 64bit mode. */ + if ( !(hvm_long_mode_active(cur) && cs->l) ) + regs->rip =3D (uint32_t)regs->rip; =20 - if ( !should_emulate ) - { - hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC); - return; + add_taint(TAINT_HVM_FEP); } + else + goto reinject; =20 switch ( hvm_emulate_one(&ctxt, VIO_no_completion) ) { case X86EMUL_UNHANDLEABLE: case X86EMUL_UNIMPLEMENTED: - hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC); - break; + goto reinject; case X86EMUL_EXCEPTION: hvm_inject_event(&ctxt.ctxt.event); /* fall through */ @@ -3902,6 +3880,11 @@ void hvm_ud_intercept(struct cpu_user_regs *regs) hvm_emulate_writeback(&ctxt); break; } + + return; + + reinject: + hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC); } =20 enum hvm_intblk hvm_interrupt_blocked(struct vcpu *v, struct hvm_intack in= tack) diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 18ba837738..10d1bf350c 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -589,8 +589,7 @@ static void cf_check svm_cpuid_policy_changed(struct vc= pu *v) const struct cpu_policy *cp =3D v->domain->arch.cpu_policy; u32 bitmap =3D vmcb_get_exception_intercepts(vmcb); =20 - if ( opt_hvm_fep || - (v->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor)= ) + if ( opt_hvm_fep ) bitmap |=3D (1U << X86_EXC_UD); else bitmap &=3D ~(1U << X86_EXC_UD); diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 82c55f49ae..eda99e268d 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -803,8 +803,7 @@ static void cf_check vmx_cpuid_policy_changed(struct vc= pu *v) const struct cpu_policy *cp =3D v->domain->arch.cpu_policy; int rc =3D 0; =20 - if ( opt_hvm_fep || - (v->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor)= ) + if ( opt_hvm_fep ) v->arch.hvm.vmx.exception_bitmap |=3D (1U << X86_EXC_UD); else v->arch.hvm.vmx.exception_bitmap &=3D ~(1U << X86_EXC_UD); --=20 2.43.0 From nobody Mon Apr 13 03:42:16 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass(p=quarantine dis=none) header.from=amd.com ARC-Seal: i=2; a=rsa-sha256; t=1770983012; cv=pass; d=zohomail.com; s=zohoarc; b=hEJuH+yzYyQgyxpkV2PizruSdMGJyohV9FDzN16mzO+Tz02psU9cYqNvFrtuoDLSYJewM2zsbyD+Hxu5SPj++hcLdNFN9kTihCJC5y19hEQjM4V5X353x6XiFtI5fQAijmfAsWR9aP65Q6Pj1EKXlYHa0j19ShxiQznjOr+b1MA= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770983012; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=VBqdjJJWfXtoJEzYSSAEqpJRKMsq/TtKBIgS2SAY1Gc=; b=HU5cXCFwDMTrlNnsaHBFFR6/Mst2jrtftC+2AIlD/1rXvA/b+zO8znrpNHmuH0KJr8SaSozc0K+AvD2x5dWeubMzXk2T/QIQzGerveTwJXq4KEgKpnOIScyVgfA83hAY5vaufjMbER0yk/Qow82jDzsrIHtSGZbqIO9moW6MF+U= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1770983012709687.2393975086816; Fri, 13 Feb 2026 03:43:32 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1230720.1536182 (Exim 4.92) (envelope-from ) id 1vqrZe-0000B7-OT; Fri, 13 Feb 2026 11:43:02 +0000 Received: by outflank-mailman (output) from mailman id 1230720.1536182; Fri, 13 Feb 2026 11:43:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZe-0000Aw-Kc; Fri, 13 Feb 2026 11:43:02 +0000 Received: by outflank-mailman (input) for mailman id 1230720; Fri, 13 Feb 2026 11:43:00 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZc-0007uv-OR for xen-devel@lists.xenproject.org; Fri, 13 Feb 2026 11:43:00 +0000 Received: from CY3PR05CU001.outbound.protection.outlook.com (mail-westcentralusazlp170130007.outbound.protection.outlook.com [2a01:111:f403:c112::7]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 253aa1a6-08d1-11f1-b163-2bf370ae4941; Fri, 13 Feb 2026 12:42:59 +0100 (CET) Received: from SJ0PR03CA0360.namprd03.prod.outlook.com (2603:10b6:a03:39c::35) by SJ5PPFC41ACEE7B.namprd12.prod.outlook.com (2603:10b6:a0f:fc02::9a0) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9587.18; Fri, 13 Feb 2026 11:42:55 +0000 Received: from CO1PEPF00012E7D.namprd03.prod.outlook.com (2603:10b6:a03:39c:cafe::c5) by SJ0PR03CA0360.outlook.office365.com (2603:10b6:a03:39c::35) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9611.12 via Frontend Transport; Fri, 13 Feb 2026 11:42:52 +0000 Received: from satlexmb07.amd.com (165.204.84.17) by CO1PEPF00012E7D.mail.protection.outlook.com (10.167.249.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.8 via Frontend Transport; Fri, 13 Feb 2026 11:42:55 +0000 Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Fri, 13 Feb 2026 05:42:52 -0600 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 253aa1a6-08d1-11f1-b163-2bf370ae4941 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=OMDXjPvVkSKAPuMAZ9QFjCqur+LCwW497svVndSf0hv8AZQu9DntVz3zUdgNk8F/hNsGS0LnKg0I9J6IYkXDIvInKomNQBaqfNJH1mk8dDYPAbLompSp9kDtU2HXt6EDTGAPqIYYa6KiNbJwBKXM47u4P7msFhSfJykuOm2zFmS8Qw5czN5B2YW+RyUGAvikUBvAfHagq8QjPNvQxaTWJvnL08CREQkDx0K3M/Yej4t2zHpXcnKHW79qUwCGdFw2WkfmaXCGWBs99ITeJ3rTpScSeSZQE0SaBamtZPIAb2go3QOWBEHzjI+HFehGlPqO8E8ogR8dqgSl/3h01dNNKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VBqdjJJWfXtoJEzYSSAEqpJRKMsq/TtKBIgS2SAY1Gc=; b=CDE4QIowNieUhDIhAdH7bpJrcPOk8bZZkQMKUtfmAenDpw3R5B0WJFtjOKzZY+weaUG8XPm6YiKmNT8DyAh6RE+vkWA8B/07rhexGT7mqybdJJMEcYMzfsDe2aKHyDtYVCgzf+O7zZV23PNwzS+vcY+pGgmh1Lqh50m6ie46PWnegAMydgqJkL9ckAKmZ8+qmcoiS60oQls2x0PZMtrOLQSXFU8hpGV2yfLNIYGjxGkfGO7mjwaD2qXVg6lVyvkHefMIZ9ayFQenZ0pqjvhw9/6iLX5hUXue4Mo3XULCA01jy7xvDWDQGn0XsL2PLZAlO1om8A2e6CxvW7LnPpEjdw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VBqdjJJWfXtoJEzYSSAEqpJRKMsq/TtKBIgS2SAY1Gc=; b=JITUKlKGOtU5UytyQHlHpSo5UYwPi6J58w0oF69p3RVsA7UM9M1PZHlFTHc5eCSCiNJIXgbfSaHMWrTTGNObFSh4UTKWpyPgI0ajgPLNSYnFT+KFTnpbx/ZSQ7E9ncGM5KoaDZuGqR7bk5VlITiNUa6wPVxN0NnbHrEWqCv5e3U= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C From: Alejandro Vallejo To: CC: Alejandro Vallejo , Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Teddy Astie Subject: [PATCH v3 3/4] x86/hvm: Remove cross-vendor checks from MSR handlers. Date: Fri, 13 Feb 2026 12:42:29 +0100 Message-ID: <20260213114232.42996-4-alejandro.garciavallejo@amd.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> References: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com (10.181.42.216) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF00012E7D:EE_|SJ5PPFC41ACEE7B:EE_ X-MS-Office365-Filtering-Correlation-Id: bf6a3f37-cd52-4d8b-579c-08de6af5072a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|36860700013|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?KDIFz4dgTSzkoY/CmkrDlK0NCkEVkUF2wL39xWEwy7BRRDtWBNDsvT2WKcE0?= =?us-ascii?Q?GZeGReVzsAfsTWt+pdsx2WFHq31CI166z8S7ufnhqOa1Wf4nwa1vO38oh3i4?= =?us-ascii?Q?jbRVSvovv0G0FBhc7spnpFoR66YFWPZXuPRpvXJy8YtKSVn4h3J7P3l+nwPi?= =?us-ascii?Q?sRt+wP4R0TngYv0HPVNegOvbVjlhVcncbuHNLFnWxiebDXNvwhX1PK3CMuBv?= =?us-ascii?Q?fNf9phlPT/iPH2U1dBqPu0c0dN3bvGR8K+B1GXL/RKW90x3RwA26+jZhVG1h?= =?us-ascii?Q?m3g5YuC7U6LZlt/jYfsCH3HIffD9MYe5jB1Jz0TKvAGkYxv8ZC1fEK9VVk8/?= =?us-ascii?Q?zwL7UvBjSlDT8sCVEq0kog2QTjWvWv0jKOVM7C7wKT5nV08G40uK1Duc2yR4?= =?us-ascii?Q?V9tHxlclchIbp2twH/DIAZCv3/nqQl0iEp30XnHEW/4XXyOQ6Sh353LDMjgW?= =?us-ascii?Q?XENCsR3aEVXgJ3dmy2MgM5XimLtIiu6LtqoJogP3Us5vlXJO3da33Ub5+B9U?= =?us-ascii?Q?X2eP4jKC04KRbL+QBlfkJ5AA5rRbJDHbouGURSCiYO5fHgOn9kE5mwcBl7ta?= =?us-ascii?Q?tANzT4LhZwMhfpYzSRFbUI/BZMS1qGxS0XtCnb3RziZ4ar+9gWFWbOXsHS10?= =?us-ascii?Q?tCwyMMI98eionW2qnVZwnYguo0tHXvVvHDoxr2ybyQ5A58ffSGDeLsJGGeZv?= =?us-ascii?Q?KfcykGlY4knCx9gPU2H3li83DiELlMZ2Ai7UEVwXCGoUKRMizBGhM+purohn?= =?us-ascii?Q?H4ecWJOvaNuSfwewtyDBJ7O0HMC05uveUHZaN1kuFC3fykj2G3YwdSJWiXB1?= =?us-ascii?Q?XdODoqVAcn8Vw+rJCh24VVke394d5Nr1heVZ6VDuvpvGJVu+UKR2Ac1uLS0g?= =?us-ascii?Q?Rtjyo2XDbgSj1RJ/KLvU4Jq2RNACfibOwabnVwDQzAoae0em8b4dFDyMCLSn?= =?us-ascii?Q?LNC6livp4tm6HAHk+QKoJn451w88puq8Aco+wWpHBxqVSptQh1HsOOuhMdAt?= =?us-ascii?Q?ZVzs/wk7lLQTVi4XnB0bn5rfhC+HvaKn1Q9Q3uvc+mwbK/3mMQekAhizZ89F?= =?us-ascii?Q?simzACs0elE1M5/9gXTkOeqY5JS6iphlqwLy66sCQkcua71LSxlP4aHpvwC3?= =?us-ascii?Q?FWMKLAGoPW2f7/G3wPAgvvnmdYOGV4cGVhhwUFnrdndPYoNiRHzeGSRkh8KJ?= =?us-ascii?Q?W8YnfcZQB/9kXaZAKOTzNOaEvWi1upift/P1S8XSLsBANt8oRhG79wAMhbOT?= =?us-ascii?Q?Aiva4VnZ8anWsi6+/zcN6TpSHJDpWqHn6mryH4FzTHewa7ThDXY7ccgCzf8F?= =?us-ascii?Q?mcDP9Fe/ywA1kISae0vII7528r30mZH0GIqY3RQ0nhC09pHPNRsVrGzM7vH+?= =?us-ascii?Q?+TmMyAxYjYFNfwivS9AHC7IVQs1vl7/n73LQZF4CAbMQFYLYuWatxAPTVh07?= =?us-ascii?Q?+mzKjWvcEjZGCXvjzKRfaEDtqMqw+1xUUPZEaLTdxGj+P909h93Ffd5txgFE?= =?us-ascii?Q?Auw6YSbT6NbjneC3LUrP/NjzIC556ROo5aAMpWCn6xj8dgLGvOiB1erWWvz/?= =?us-ascii?Q?iAUQTUWWwKIw6RCS4LOBFK4gaqHWesOD3owJtJGkiTG8+1t1TOtjwzbCjz3W?= =?us-ascii?Q?Yv3DYyj9pNZppmTmakLgaadCuqdIoB3/oZRPOGyT1MIX8UCjsw0RUzh3PXVS?= =?us-ascii?Q?YeUnCg=3D=3D?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(82310400026)(36860700013)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: wR6H6nmt6X/lH/ILf6PeoQFyryty2tPWEq670cWvL9tmhTS7vSBClnoN9g1Eho5zzZNfHATtdLGyBKSH/2z57STRfQegAHRUhFhMawksDo26CsSC6TC5N3WLK+VJw/AF7k9wKvfNyTZEWKX5psY7kKx+A1+xrejbRZXqVTKgLp223+AMZ9oyuHJvnzrJD73XoMdlM9lM5st5EbRw5XQDH1QPTKUSuJeJO5Glf2fJsPJdb+UsrNFM/OiQyswQyXX1zfULmCeRrqKcuWkvJwEtQSDLxJtBo3xzdBqG0Q6VKhah4d7A9KQl7ClLnLxLHRAbXStZob/dzylGWrbv9qveUGVapVTtfoGrEobOyrhYsWUH54QnCtEEPr562zsAG5vHizEOQzdS0RnXSlNBXCT7zDnFvVxv4q5xnnpgRIM+A8tbVKWLhPkyo2qjEC7KTuAL X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Feb 2026 11:42:55.1833 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bf6a3f37-cd52-4d8b-579c-08de6af5072a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF00012E7D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ5PPFC41ACEE7B X-ZohoMail-DKIM: pass (identity @amd.com) X-ZM-MESSAGEID: 1770983014747158500 Content-Type: text/plain; charset="utf-8" Not a functional change now that cross-vendor guests are not launchable. Signed-off-by: Alejandro Vallejo Reviewed-by: Teddy Astie Acked-by: Jan Beulich --- v3: * No changes v2: * Use boot_cpu_data rather than policy vendor. --- xen/arch/x86/msr.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index ad75a2e108..d10891dcfc 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -169,9 +169,9 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t = *val) break; =20 case MSR_IA32_PLATFORM_ID: - if ( !(cp->x86_vendor & X86_VENDOR_INTEL) || - !(boot_cpu_data.x86_vendor & X86_VENDOR_INTEL) ) + if ( boot_cpu_data.vendor !=3D X86_VENDOR_INTEL ) goto gp_fault; + rdmsrl(MSR_IA32_PLATFORM_ID, *val); break; =20 @@ -189,9 +189,7 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t = *val) * from Xen's last microcode load, which can be forwarded straight= to * the guest. */ - if ( !(cp->x86_vendor & (X86_VENDOR_INTEL | X86_VENDOR_AMD)) || - !(boot_cpu_data.x86_vendor & - (X86_VENDOR_INTEL | X86_VENDOR_AMD)) || + if ( !(boot_cpu_data.vendor & (X86_VENDOR_INTEL | X86_VENDOR_AMD))= || rdmsr_safe(MSR_AMD_PATCHLEVEL, val) ) goto gp_fault; break; --=20 2.43.0 From nobody Mon Apr 13 03:42:16 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass(p=quarantine dis=none) header.from=amd.com ARC-Seal: i=2; a=rsa-sha256; t=1770983007; cv=pass; d=zohomail.com; s=zohoarc; b=b5dSPGS7MIL6ljOhL2RsSYyugTwUfK8UxS0OySwiteuO1ZBZr5XzOXJYo3evtzmQtIZL4TjRS96uSmgtpKchHpVdxAm+Z9KH6VdgwmR+AH5AvNxzhMKTdvCIqYXakTOCMqghTY2Yja/sQv9xAqw5HgZPShZghQQahrkPBaXGTX0= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770983007; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=vwNv6xSPrv19XcwIK2CSbdmL0zmxGyqcmeUFNv/Ifnk=; b=LekZb2gMr/ThN61Yhc38ckzxPXEuV03wes9hO+g3bu3qGrFrcRM5pKjffKInia1BgBPvJAncWcUOV3vxmZ4U8e0oasXTOSs8LL3oGRSD/RuK1qO2HKcbRGY+510yxXCWbU9xkz02ifFA/aYiDeZcgKMXCSfSIDrZyKioF4QOLQk= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1770983007074292.1242383672012; Fri, 13 Feb 2026 03:43:27 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1230721.1536193 (Exim 4.92) (envelope-from ) id 1vqrZi-0000UL-2t; Fri, 13 Feb 2026 11:43:06 +0000 Received: by outflank-mailman (output) from mailman id 1230721.1536193; Fri, 13 Feb 2026 11:43:06 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZh-0000U3-Tr; Fri, 13 Feb 2026 11:43:05 +0000 Received: by outflank-mailman (input) for mailman id 1230721; Fri, 13 Feb 2026 11:43:05 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vqrZh-00084s-5x for xen-devel@lists.xenproject.org; Fri, 13 Feb 2026 11:43:05 +0000 Received: from PH8PR06CU001.outbound.protection.outlook.com (mail-westus3azlp170120001.outbound.protection.outlook.com [2a01:111:f403:c107::1]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 278aab8d-08d1-11f1-9ccf-f158ae23cfc8; Fri, 13 Feb 2026 12:43:03 +0100 (CET) Received: from SJ0PR03CA0354.namprd03.prod.outlook.com (2603:10b6:a03:39c::29) by SA5PPF0EB7D076B.namprd12.prod.outlook.com (2603:10b6:80f:fc04::8c5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.11; Fri, 13 Feb 2026 11:42:57 +0000 Received: from CO1PEPF00012E7D.namprd03.prod.outlook.com (2603:10b6:a03:39c:cafe::29) by SJ0PR03CA0354.outlook.office365.com (2603:10b6:a03:39c::29) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9611.11 via Frontend Transport; Fri, 13 Feb 2026 11:42:45 +0000 Received: from satlexmb07.amd.com (165.204.84.17) by CO1PEPF00012E7D.mail.protection.outlook.com (10.167.249.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.8 via Frontend Transport; Fri, 13 Feb 2026 11:42:57 +0000 Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Fri, 13 Feb 2026 05:42:54 -0600 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 278aab8d-08d1-11f1-9ccf-f158ae23cfc8 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=BvE8yB7lam9gq9KPY5BNXnND5s2klap48V98nh1U2tqTjf54S+3C4keEoP5nrk02ggWLw8ict2bPWxXM5jXxqMIAyAoDJZtw+kGoJjSjrumxO1iyRicof3ClDZRxHVe4KMg9oJzGTM+ColIfbV+qTAtsmyW1ILldvJ0DhfpGw7xicnsJjZSdqT13zruQJQIEchbFRryDofIjqghHJJqMPTXYP/ujFDzAmjbzamLWA6kMbXTNC4DDGSIevI0KY6sARSBWPjlr3YRBqIxY6kqnYFg7jAg7Teh5S00AXO0iupzHYt/96JZfbSnvKW+AFrS1r0UJrPGAvFzLZPzFQ6z+1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vwNv6xSPrv19XcwIK2CSbdmL0zmxGyqcmeUFNv/Ifnk=; b=HbqJQvtjPF6xMsso/uEudtesqOHTbI+Y0Nb55lN8drYAOIB29KyslUzmadEyGObJhUeaCMDSQ+o4WCo8mDori2sOqBtBeah96FaNFlvrC6yj48HWz1J5+rdH1GIiHgGGUI55oXXLD9sLUwtBAXJdDBUA9LSq5cF6o4lJFCe8ZBP9eK6BkYWgoPHfxWGbF7G6z/RSUDYuis90QiNChe0oZ6JcDbO5ktU5olf5M7nPdYreqT0moyM9Ulg+muxqygavMssNO6NIYY1aR9R7pWtOrQz4zEiVLTQ9YiF4YDnAqCKcHW+sLeyXQgEdDBIV+4ReRO6Oeh6PyVrpNoWu4rGudg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vwNv6xSPrv19XcwIK2CSbdmL0zmxGyqcmeUFNv/Ifnk=; b=BjlDNVbVDP9AF1pARtlVMFTrOL0l/vfAKTkgLDFohRvAlmov64079M29aP3lyqATkKEIaciPyL0n0k7WuCYQ75UDBEeWb5SbvPDKBtlQrAD0TQb6bOuTwEkG/obXzftkl2w+jp6PNNAgqkhr/ZY4KKOXtyOiRaib1m8Gquap5Mo= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C From: Alejandro Vallejo To: CC: Alejandro Vallejo , Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Jason Andryuk , Teddy Astie Subject: [PATCH v3 4/4] x86/svm: Drop emulation of Intel's SYSENTER behaviour on AMD systems Date: Fri, 13 Feb 2026 12:42:30 +0100 Message-ID: <20260213114232.42996-5-alejandro.garciavallejo@amd.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> References: <20260213114232.42996-1-alejandro.garciavallejo@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com (10.181.42.216) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF00012E7D:EE_|SA5PPF0EB7D076B:EE_ X-MS-Office365-Filtering-Correlation-Id: 80dd543e-680a-401d-a7b8-08de6af5085a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?5aGNmZB1IK2VE50v27Oqwk2NcxqNCt6kMO1zL8mUZqipOMkqSRnEKh+AL0S0?= =?us-ascii?Q?GuqQwHPANlzrSfOqH61I/KRCj90sN6xN9HDeF++5IreXSF1FxV67T0uUeiid?= =?us-ascii?Q?Hp6PrEg3oryot1TzFIgNIBkxwI+h4+ZTfQwaWy9mP3IL2IjX92RXsVIjsLE0?= =?us-ascii?Q?+beAuO6TqcNViWyYJ4MAlYgJTfbSFtg/GP1UCSxbEtFYg7171WnEPd7Yd+cw?= =?us-ascii?Q?K7CE7ndnXVGF7wiZbLrmJkzx18yt0VYyEJdmsjM5oAh99mEqk2WcYJKoFc70?= =?us-ascii?Q?U6UFe+6woJQnTBqKI8xdtUf5NG6iFf+Sb00oQkDmJgBwXw1KPUn17WWIuadd?= =?us-ascii?Q?ptExt/OF8zfXRFPfR9xN8ceRXLX1qHTFnSi8LzH6gSopPHweYz++S0XY58hZ?= =?us-ascii?Q?5iibae9UWV4EBc3VSpIED4VduOISOFB6mTBRTDBzed7zrTKcfBeZ4jfF/e5L?= =?us-ascii?Q?nR3nnNVxrMLOF04T/Ww5FhPXJUyidiFEEKhMj2ITHHCUHvPN0XeniVH96n0d?= =?us-ascii?Q?hp+GuBvfy7GQKIXjieuhg7+MsOPfkFnYB0Ebt08cK4PISaPVUj+o5uqccaiv?= =?us-ascii?Q?/b8v5o1PJu7nh1rzDTisn9hgfOKeLmbJYM9Nc6koNMNIvVpXaxy3nbmAWeLC?= =?us-ascii?Q?62bfxzzEOun5LuEsSo+yntZKoUCcM0ldgu90uK9PqPk34xVU7UelCVO3zaoY?= =?us-ascii?Q?cqMmyZsSeS7m6ip5y/OYX1gdCR7ojS7f5gVaXQFU2EOShDRn1WZ5V8fvFs1n?= =?us-ascii?Q?OODLxaReA3ZIRvNBosccDp0f16EfmCkJFnYJsfL8VHAwtEPtlCQ4OtLoxP/v?= =?us-ascii?Q?K0X/IoeBwiOLGvQOGlEEi4MtGlkzmd12BkbdtiDYLj/872vzFa36Y+E2cE/g?= =?us-ascii?Q?pFtNNuXwP0vXM/1BkwT3KnHOQ/PROFWObs5g278BjTiyVrU+fD9KIlCIxXBQ?= =?us-ascii?Q?tzmoUHR4HURvazvfSVI7t63Y1On5uH7zKp7qDb9EfHzEIHyl+48gTi+4E9m5?= =?us-ascii?Q?j8ff2bRLTJh3fX7Iy89oM90TXxa8xgdXQ38hjkI9tR9aNuGtL5/IvQlNeGx8?= =?us-ascii?Q?0ceUkeZLxAT2rfnm4n76sN8wy17cq3DZIsSy9dGHyAhqHGKgTf+86ShbAj+0?= =?us-ascii?Q?6cKlJ0wWeQdWKVIf/j1rYU+GeGy28Wzs+2cT0lN2avnOZcgM3XVjXh0ldN7A?= =?us-ascii?Q?r0oyzIGlOU7ujFJL1ObVFNtwTiX9KknwR+m3Jzh+UyQfI9l9LMyjze9ECl0C?= =?us-ascii?Q?UEQsMhUik9eLzsTp2qDeX5mKRapzJtAdMbFXWJJzkuptPPw3oW5mcHq/3qzH?= =?us-ascii?Q?g8chZrQJ74eKlAnnoj5WkTIwz0jaQARQrK2no4hMsOi/Gdf6Z14VqL0/ZlWN?= =?us-ascii?Q?ItnyA4QJhZMkKviTn6brnn491hZsk1CUUzAsZqylfj8/0TnHBcsYfM7WVgHE?= =?us-ascii?Q?Fv+hzwdX076ByOWBdIKdjjZJIcpWGrxXcC8sUCUY/Jc7NTXDxZMWTz/Ez3Rh?= =?us-ascii?Q?b2Eau9F+eLaNiJRwPo77RQMp32flWvAzRuPu/TIjj73oeGkUB/b/FJeUhKeO?= =?us-ascii?Q?0D3posuKbyWiBBv6Zihi42+vn0FcpdRLOcZ3RRQqsFx4KC887vjh/9ya42vC?= =?us-ascii?Q?WHwCXi0545NOxL6evGAjQybyY1+T+2m5hCF7a74SCdLB?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: CqPuvX1oF2+jNyp8Dcpb/42mpMenePwWtW9P8GRz5ayIU2UigqKYiG+Y8ysO5VyRG1/Mw2p6bU7jP6h8NqwUtsTx7YqkDK1iyxnZdhRs3sOE/yy+GGO+jBzklg6E82bpPs9TGqXoBNsgUiNyo3XSVFT0ai/EOpnP2kryhGn2Ob30PL6HXVqIFny2micwFjjGVDuu5kC8kcguWUSC+tjXhDWCi1vbAs2Td3sjW2S3GBRnC6tlG63UMIJVxcy2Fdt7ATzPUY9Mj2XgKnTgGVpx9lqI2gDz1VK427jOQiuX2xxg22/4JaXlZJBWRMbBVTtrVcle1t4dVS0MWt86QexGRQtzCiLbScd261BS6v4lMZDg0RkfHO1gIN/S4BoE6Hjh/D/fDZHo2yLJekYljjjkuV+I451P90OOkLdL6Ke6xn3QhDxK5QkZWAuj2gLf9F86 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Feb 2026 11:42:57.1537 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 80dd543e-680a-401d-a7b8-08de6af5085a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF00012E7D.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA5PPF0EB7D076B X-ZohoMail-DKIM: pass (identity @amd.com) X-ZM-MESSAGEID: 1770983008873158500 Content-Type: text/plain; charset="utf-8" With cross-vendor support gone, it's no longer needed. AMD CPUs ignore the top 32 bits of the SYSENTER/SYSEXIT MSRs, which is not how this emulation worked due to the need for cross-vendor support. Any AMD VMs storing state in the top 32bits of the SEP MSRs will lose it. It's very unlikely to affect any production VM because having 64bit width just isn't how real AMD CPUs behave. Signed-off-by: Alejandro Vallejo Reviewed-by: Teddy Astie Acked-by: Jan Beulich --- v3: * No changes v2: * Reworded commit message to mention the loss of the top dword for any VM stupid enough to use it. --- xen/arch/x86/hvm/svm/svm.c | 42 +++++++++++------------- xen/arch/x86/hvm/svm/vmcb.c | 3 ++ xen/arch/x86/include/asm/hvm/svm-types.h | 10 ------ 3 files changed, 22 insertions(+), 33 deletions(-) diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 10d1bf350c..329c4446e9 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -401,10 +401,6 @@ static int svm_vmcb_save(struct vcpu *v, struct hvm_hw= _cpu *c) { struct vmcb_struct *vmcb =3D v->arch.hvm.svm.vmcb; =20 - c->sysenter_cs =3D v->arch.hvm.svm.guest_sysenter_cs; - c->sysenter_esp =3D v->arch.hvm.svm.guest_sysenter_esp; - c->sysenter_eip =3D v->arch.hvm.svm.guest_sysenter_eip; - if ( vmcb->event_inj.v && hvm_event_needs_reinjection(vmcb->event_inj.type, vmcb->event_inj.vector) ) @@ -468,11 +464,6 @@ static int svm_vmcb_restore(struct vcpu *v, struct hvm= _hw_cpu *c) svm_update_guest_cr(v, 0, 0); svm_update_guest_cr(v, 4, 0); =20 - /* Load sysenter MSRs into both VMCB save area and VCPU fields. */ - vmcb->sysenter_cs =3D v->arch.hvm.svm.guest_sysenter_cs =3D c->sysente= r_cs; - vmcb->sysenter_esp =3D v->arch.hvm.svm.guest_sysenter_esp =3D c->sysen= ter_esp; - vmcb->sysenter_eip =3D v->arch.hvm.svm.guest_sysenter_eip =3D c->sysen= ter_eip; - if ( paging_mode_hap(v->domain) ) { vmcb_set_np(vmcb, true); @@ -501,6 +492,9 @@ static void svm_save_cpu_state(struct vcpu *v, struct h= vm_hw_cpu *data) { struct vmcb_struct *vmcb =3D v->arch.hvm.svm.vmcb; =20 + data->sysenter_cs =3D vmcb->sysenter_cs; + data->sysenter_esp =3D vmcb->sysenter_esp; + data->sysenter_eip =3D vmcb->sysenter_eip; data->shadow_gs =3D vmcb->kerngsbase; data->msr_lstar =3D vmcb->lstar; data->msr_star =3D vmcb->star; @@ -512,11 +506,14 @@ static void svm_load_cpu_state(struct vcpu *v, struct= hvm_hw_cpu *data) { struct vmcb_struct *vmcb =3D v->arch.hvm.svm.vmcb; =20 - vmcb->kerngsbase =3D data->shadow_gs; - vmcb->lstar =3D data->msr_lstar; - vmcb->star =3D data->msr_star; - vmcb->cstar =3D data->msr_cstar; - vmcb->sfmask =3D data->msr_syscall_mask; + vmcb->sysenter_cs =3D data->sysenter_cs; + vmcb->sysenter_esp =3D data->sysenter_esp; + vmcb->sysenter_eip =3D data->sysenter_eip; + vmcb->kerngsbase =3D data->shadow_gs; + vmcb->lstar =3D data->msr_lstar; + vmcb->star =3D data->msr_star; + vmcb->cstar =3D data->msr_cstar; + vmcb->sfmask =3D data->msr_syscall_mask; v->arch.hvm.guest_efer =3D data->msr_efer; svm_update_guest_efer(v); } @@ -1720,12 +1717,9 @@ static int cf_check svm_msr_read_intercept( =20 switch ( msr ) { - /* - * Sync not needed while the cross-vendor logic is in unilateral e= ffect. case MSR_IA32_SYSENTER_CS: case MSR_IA32_SYSENTER_ESP: case MSR_IA32_SYSENTER_EIP: - */ case MSR_STAR: case MSR_LSTAR: case MSR_CSTAR: @@ -1740,13 +1734,15 @@ static int cf_check svm_msr_read_intercept( switch ( msr ) { case MSR_IA32_SYSENTER_CS: - *msr_content =3D v->arch.hvm.svm.guest_sysenter_cs; + *msr_content =3D vmcb->sysenter_cs; break; + case MSR_IA32_SYSENTER_ESP: - *msr_content =3D v->arch.hvm.svm.guest_sysenter_esp; + *msr_content =3D vmcb->sysenter_esp; break; + case MSR_IA32_SYSENTER_EIP: - *msr_content =3D v->arch.hvm.svm.guest_sysenter_eip; + *msr_content =3D vmcb->sysenter_eip; break; =20 case MSR_STAR: @@ -1940,11 +1936,11 @@ static int cf_check svm_msr_write_intercept( switch ( msr ) { case MSR_IA32_SYSENTER_ESP: - vmcb->sysenter_esp =3D v->arch.hvm.svm.guest_sysenter_esp =3D = msr_content; + vmcb->sysenter_esp =3D msr_content; break; =20 case MSR_IA32_SYSENTER_EIP: - vmcb->sysenter_eip =3D v->arch.hvm.svm.guest_sysenter_eip =3D = msr_content; + vmcb->sysenter_eip =3D msr_content; break; =20 case MSR_LSTAR: @@ -1970,7 +1966,7 @@ static int cf_check svm_msr_write_intercept( break; =20 case MSR_IA32_SYSENTER_CS: - vmcb->sysenter_cs =3D v->arch.hvm.svm.guest_sysenter_cs =3D msr_co= ntent; + vmcb->sysenter_cs =3D msr_content; break; =20 case MSR_STAR: diff --git a/xen/arch/x86/hvm/svm/vmcb.c b/xen/arch/x86/hvm/svm/vmcb.c index e583ef8548..76fcaf15c2 100644 --- a/xen/arch/x86/hvm/svm/vmcb.c +++ b/xen/arch/x86/hvm/svm/vmcb.c @@ -97,6 +97,9 @@ static int construct_vmcb(struct vcpu *v) svm_disable_intercept_for_msr(v, MSR_LSTAR); svm_disable_intercept_for_msr(v, MSR_STAR); svm_disable_intercept_for_msr(v, MSR_SYSCALL_MASK); + svm_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_CS); + svm_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_EIP); + svm_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_ESP); =20 vmcb->_msrpm_base_pa =3D virt_to_maddr(svm->msrpm); vmcb->_iopm_base_pa =3D __pa(v->domain->arch.hvm.io_bitmap); diff --git a/xen/arch/x86/include/asm/hvm/svm-types.h b/xen/arch/x86/includ= e/asm/hvm/svm-types.h index 051b235d8f..aaee91b4b6 100644 --- a/xen/arch/x86/include/asm/hvm/svm-types.h +++ b/xen/arch/x86/include/asm/hvm/svm-types.h @@ -27,16 +27,6 @@ struct svm_vcpu { =20 /* VMCB has a cached instruction from #PF/#NPF Decode Assist? */ uint8_t cached_insn_len; /* Zero if no cached instruction. */ - - /* - * Upper four bytes are undefined in the VMCB, therefore we can't use = the - * fields in the VMCB. Write a 64bit value and then read a 64bit value= is - * fine unless there's a VMRUN/VMEXIT in between which clears the upper - * four bytes. - */ - uint64_t guest_sysenter_cs; - uint64_t guest_sysenter_esp; - uint64_t guest_sysenter_eip; }; =20 struct nestedsvm { --=20 2.43.0