From nobody Sun Feb 8 15:47:59 2026 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 45534482D3 for ; Fri, 2 Aug 2024 20:04:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722629064; cv=none; b=KWymN1LCuDxCg4i5bZ0nmkSiMgzxHRhAiqRbQlu3sjFpBezytueGjGd8aZwsuM6Yg1BHykq+9V3X5woygv+Ky3ucT+7lfeHJ5o4Z3jjQRyQ/c12NR2KAuhXJ4uJ0u0KIB4bweDgC+ncYLnrItw+GZpxq2r6vy/tC/flwE3Qr+sw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722629064; c=relaxed/simple; bh=QKWhYz0UvagZTgqAREtRaLHDQPE2mg4rSmdG2Y/zeNw=; h=Date:Mime-Version:Message-ID:Subject:From:To:Cc:Content-Type; b=FAhgYIxlDeCoW61Nsnrt5qICeKol+LcttHvfGck7GZYB1IlGbH8YLmpVC1CUTGO9KU4vJlSZhmPlLfUEhmCVBjdZauRudIoOOX2x0Q0FGXPs/yaNLoh17BAV19QuCLpeOd+tFCUkq/R+J61IzzbftWFiZ/Dl9vUQ0DblXTQYzAI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3AMonfGW; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3AMonfGW" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1fc60ef3076so79940825ad.1 for ; Fri, 02 Aug 2024 13:04:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722629062; x=1723233862; darn=vger.kernel.org; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc :subject:date:message-id:reply-to; bh=ywJidtx+i69imVBTLQoKHViS/i1c8qwbY9qpH2RYPhY=; b=3AMonfGWwIC7uQTCcMfO+uMJMurcEVRxd4UQot4+iUGPZygau2jzKSy6e8qp1+AAsq GHcHZ3YzhYdmzTSB5u6uSGSmHD0V7Hvo+ZX+Q3N8cSMYOsjEUGMXpR11WjOvP2Wo/73Y 3GT8cLgXk8n0hD1yBu9whJ8rSC5y70yk6j4F1J4bzPF3JSgDaDD2tNCatLStLRCjy4CN YiOSjq4iOxOUUm2gdQLSd1qmXpjg0pBqrRGWzr9ap0nYugbZSr5s6t0Hpfg/KMjZy3vC 7UxLmq0zSFuFMEjOSDnQfHB3dTaPLGZYNuiWhcVFy2WCA7FXnXxqrI36ktdx9FtbPsVG /mOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722629062; x=1723233862; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ywJidtx+i69imVBTLQoKHViS/i1c8qwbY9qpH2RYPhY=; b=v0hgl3Jae9Vk+lXnl9LtjJCpW48iO65uDLlxC4+x249Rj4ebMcr6Pg1yQds8BqkPPl kPA7ya7/Q+jQ4AbGvCVjJ50IO2X6XK/QQsiSRS1rBzJn6VXWTF0iYasgIW/Ar3jHOoP/ QtqpTQZOZg9ZXMoPh4pvOGht6DcF8Iq53n1KsZIr5dNmRCtOoUHrhOMDTjIFkvItvHq9 C/FCZUjdQ5/wRg6P64eYZqPwbAJHQUGBFYArJaU1w1MiKkHUiJSpsaB7P0yu37buWLoR d/4ses81JBlFuWt/t9YR+OYc03+2nypY6pKMlh0Ho8QPVf3it3SV685L9eOWK7rhPu9M +iQQ== X-Forwarded-Encrypted: i=1; AJvYcCWAV/nXxdtVT+OS1sUQfQncaXrjWIS73EQkT0FiPyscUwkT1rXh0g9FosLK5cDbDkv3eWGnaCKJpEDBNwtnc3Wpnd0iomJ9kOA5jf2+ X-Gm-Message-State: AOJu0YyDhtr0h8PkHSvLCH2c8IT6igbYNLsQYXB58mWYHY3OS//quDFK eBMbHWF0d5WjGD19gBue5LWzjwM9AZsQqUTVoMEjVZIGjoSXwobEu76T4YUBtDPswJL63MXRaKr Tbg== X-Google-Smtp-Source: AGHT+IE2pF+g3rRa7FDBgrB2Sw37x7RTKPyzV3G2a0NsUAKnKECEoNESeCZwkH8292lIkcUwB4mlfYp6BNM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:dac5:b0:1ff:4a01:43d1 with SMTP id d9443c01a7336-1ff574efccemr3340415ad.10.1722629062194; Fri, 02 Aug 2024 13:04:22 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 13:04:20 -0700 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802200420.330769-1-seanjc@google.com> Subject: [PATCH] KVM: x86: Document an erratum in KVM_SET_VCPU_EVENTS on Intel CPUs From: Sean Christopherson To: Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Sean Christopherson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Document a flaw in KVM's ABI which lets userspace attempt to inject a "bad" hardware exception event, and thus induce VM-Fail on Intel CPUs. Fixing the flaw is a fool's errand, as AMD doesn't sanity check the validity of the error code, Intel CPUs that support CET relax the check for Protected Mode, userspace can change the mode after queueing an exception, KVM ignores the error code when emulating Real Mode exceptions, and so on and so forth. The VM-Fail itself doesn't harm KVM or the kernel beyond triggering a ratelimited pr_warn(), so just document the oddity. Signed-off-by: Sean Christopherson --- Documentation/virt/kvm/x86/errata.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Documentation/virt/kvm/x86/errata.rst b/Documentation/virt/kvm= /x86/errata.rst index 4116045a8744..37c79362a48f 100644 --- a/Documentation/virt/kvm/x86/errata.rst +++ b/Documentation/virt/kvm/x86/errata.rst @@ -33,6 +33,18 @@ Note however that any software (e.g ``WIN87EM.DLL``) exp= ecting these features to be present likely predates these CPUID feature bits, and therefore doesn't know to check for them anyway. =20 +``KVM_SET_VCPU_EVENTS`` issue +----------------------------- + +Invalid KVM_SET_VCPU_EVENTS input with respect to error codes *may* result= in +failed VM-Entry on Intel CPUs. Pre-CET Intel CPUs require that exception +injection through the VMCS correctly set the "error code valid" flag, e.g. +require the flag be set when injecting a #GP, clear when injecting a #UD, +clear when injecting a soft exception, etc. Intel CPUs that enumerate +IA32_VMX_BASIC[56] as '1' relax VMX's consistency checks, and AMD CPUs hav= e no +restrictions whatsoever. KVM_SET_VCPU_EVENTS doesn't sanity check the vec= tor +versus "has_error_code", i.e. KVM's ABI follows AMD behavior. + Nested virtualization features ------------------------------ =20 base-commit: 332d2c1d713e232e163386c35a3ba0c1b90df83f --=20 2.46.0.rc2.264.g509ed76dc8-goog