1. Patchew
  2. linux
  3. View series

[PATCH] KVM: x86: Document a virtualization gap for GIF on AMD CPUs

Yosry Ahmed posted 1 patch 3 months, 1 week ago 
Documentation/virt/kvm/x86/errata.rst | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
[PATCH] KVM: x86: Document a virtualization gap for GIF on AMD CPUs
Posted by Yosry Ahmed 3 months, 1 week ago 
According to the APM Volume #2, Section 15.17, Table 15-10 (24593—Rev.
3.42—March 2024), When "GIF==0", an "Debug exception or trap, due to
breakpoint register match" should be "Ignored and discarded".

KVM lacks any handling of this. Even when vGIF is enabled and vGIF==0,
the CPU does not ignore #DBs and relies on the VMM to do so.

Handling this is possible, but the complexity is unjustified given the
rarity of using HW breakpoints when GIF==0 (e.g. near VMRUN). KVM would
need to intercept the #DB, temporarily disable the breakpoint,
singe-step over the instruction (probably reusing NMI singe-stepping),
and re-enable the breakpoint.

Instead, document this as an erratum.

Signed-off-by: Yosry Ahmed <yosry.ahmed@linux.dev>
---
 Documentation/virt/kvm/x86/errata.rst | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/Documentation/virt/kvm/x86/errata.rst b/Documentation/virt/kvm/x86/errata.rst
index 37c79362a48fa..a9cf0e004651a 100644
--- a/Documentation/virt/kvm/x86/errata.rst
+++ b/Documentation/virt/kvm/x86/errata.rst
@@ -48,7 +48,14 @@ versus "has_error_code", i.e. KVM's ABI follows AMD behavior.
 Nested virtualization features
 ------------------------------
 
-TBD
+On AMD CPUs, when GIF is cleared, #DB exceptions or traps due to a breakpoint
+register match are ignored and discarded by the CPU. The CPU relies on the VMM
+to fully virtualize this behavior, even when vGIF is enabled for the guest
+(i.e. vGIF=0 does not cause the CPU to drop #DBs when the guest is running).
+KVM does not virtualize this behavior as the complexity is unjustified given
+the rarity of the use case. One way to handle this would be for KVM to
+intercept the #DB, temporarily disable the breakpoint, single-step over the
+instruction, then re-enable the breakpoint.
 
 x2APIC
 ------
-- 
2.51.1.930.gacf6e81ea2-goog
Re: [PATCH] KVM: x86: Document a virtualization gap for GIF on AMD CPUs
Posted by Sean Christopherson 2 months, 3 weeks ago 
On Thu, 30 Oct 2025 22:37:57 +0000, Yosry Ahmed wrote:
> According to the APM Volume #2, Section 15.17, Table 15-10 (24593—Rev.
> 3.42—March 2024), When "GIF==0", an "Debug exception or trap, due to
> breakpoint register match" should be "Ignored and discarded".
> 
> KVM lacks any handling of this. Even when vGIF is enabled and vGIF==0,
> the CPU does not ignore #DBs and relies on the VMM to do so.
> 
> [...]

Applied to kvm-x86 svm, thanks!

[1/1] KVM: x86: Document a virtualization gap for GIF on AMD CPUs
      https://github.com/kvm-x86/linux/commit/9f4ce4878878

--
https://github.com/kvm-x86/linux/tree/next
Re: [PATCH] KVM: x86: Document a virtualization gap for GIF on AMD CPUs
Posted by Bagas Sanjaya 3 months, 1 week ago 
On Thu, Oct 30, 2025 at 10:37:57PM +0000, Yosry Ahmed wrote:
> -TBD
> +On AMD CPUs, when GIF is cleared, #DB exceptions or traps due to a breakpoint
> +register match are ignored and discarded by the CPU. The CPU relies on the VMM
> +to fully virtualize this behavior, even when vGIF is enabled for the guest
> +(i.e. vGIF=0 does not cause the CPU to drop #DBs when the guest is running).
> +KVM does not virtualize this behavior as the complexity is unjustified given
> +the rarity of the use case. One way to handle this would be for KVM to
> +intercept the #DB, temporarily disable the breakpoint, single-step over the
> +instruction, then re-enable the breakpoint.

The wording LGTM, thanks!

Reviewed-by: Bagas Sanjaya <bagasdotme@gmail.com>

-- 
An old man doll... just what I always wanted! - Clara

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.