From nobody Fri Dec 19 21:49:29 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C9CCF3081DC for ; Fri, 7 Nov 2025 20:11:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762546321; cv=none; b=DUj8FJCPQehuIELaj9SxmWCUCg6OxKYL2p+AZJiia1L5VvcqE1jHpNcLU3/c34YaSUavhz4iVL+aNu2JIVrLsCaTfAy+IEWRU2kTMQqa5j/BvpteMM6+VOAQ5LLH+JgdFbk5p2d14nAIhhtete6ZubGfsLeiO3rgkthFfgAClRA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762546321; c=relaxed/simple; bh=6mhxmlCkJdMvlQlffB6c92IR/AzJRxNT+9oxiSDNPT0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=lNxTW0FwdctSkSJbjExuPRwPWf427t3SIvkHkB+qDA+gYPNRZQ++9yjLrvTXbAy5kpJbLBd87tMK69wH5iAgXMnglatZk4ENje2IX0HvrFXTrxriAxW/5O0IlYPxhzXNr4MhWDDUknI1hfjHr8TKRWASG8QxFsSFuXZyEFNpBPE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=MUan9kFo; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="MUan9kFo" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-341616a6fb7so1547812a91.0 for ; Fri, 07 Nov 2025 12:11:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1762546319; x=1763151119; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=lhiSMyqm92MMUM5EN3rog8SDMgfsHheSQRcp3hOaMHg=; b=MUan9kFo2st0Pg5KqyUd8n0jRMRsy3eah99ZDUdVM7dzCX8Os5EqU8hMPVf3yz0rnR QuOXnTPQTHws2RrIb5JKHKGupA51x9SjD8KPUeTz/zENHz7CP9LWPKvsPdgL1MKs7RJZ ZfzNWXWbVfxrSQpxqoPx818KIgWsNxFy7xoP1jcazRo5LB8gjan279sLlKQJPphfIXu9 4vjvU7H/k57uArMRN+DS4PT7dn2syO7bREJfWMtyD1CNuhViG/bx+L77qWzbdXemVKPB 9Gxmuz7tjUbaomSSySbnfvzQZNyZ/KWYsZbQ4hvsN7DYDbOJef9lr/y8bKI2aAFwciPJ gA1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762546319; x=1763151119; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=lhiSMyqm92MMUM5EN3rog8SDMgfsHheSQRcp3hOaMHg=; b=pVd28W5eXYT8y+H/hIwiX9f7gkW8zfEkro3ErLMwvJDaxDKcNzxjFE0qtqCVCTcbOg dI6ZVr2QiCXmDiFoxhLt7wzbe5A8maMcAeIfe4lmaeNbLgNfIdGFW5skXVg66bWKChEU 9WiD6KNCFIJ65K7mhOVvKicR84irPoqDY03zBFFrpUk/YkM07uLsTeIh7LIJB0cUMjAe E5br64DNhvao2qToZrZD4aPNh8VvqjNCNXsXQvHqFwXs9BtrUd1LTBU5zOO9Umsdlie/ gQdTkqPKlvbPSJYQqmzkdIboVHfUaHB6Jx/tmW5MRHZuoQDhBaI0+j5e5NcdN7Ku0TVb tn1w== X-Forwarded-Encrypted: i=1; AJvYcCWZVXwtAbGTMz5AtNBLiDl0xDgjiIO5sFk2bJ5uyq8lOTIvuzdxQSdAlZvKEbw6X8QD2oJyjuHVvf0+7nA=@vger.kernel.org X-Gm-Message-State: AOJu0YxF4qDst21U7Q8UYY4jPgxkHH08+exLBBeF8qLTr3DDFjcz2Pyp o23pPLVDluR1NoS5ni83kW6oo5g96SwLEqwwlqNVbd5PNb5q7/NZ9gH5lGsm3jw/xEcFYkyLpkV 5BJMvXxRU5RTxmg== X-Google-Smtp-Source: AGHT+IFpJp+VwLKq8k0TLxsmj++3hUzm6S2CN12G8usM3ikhh4AiSOVq9alb1RG6mNKwrtTVoiHTzNlX1lqs3Q== X-Received: from pjof5.prod.google.com ([2002:a17:90a:8e85:b0:330:7dd8:2dc2]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:e710:b0:339:f09b:d36f with SMTP id 98e67ed59e1d1-3436cbab88emr348383a91.28.1762546319147; Fri, 07 Nov 2025 12:11:59 -0800 (PST) Date: Fri, 7 Nov 2025 12:11:24 -0800 In-Reply-To: <20251107201151.3303170-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20251107201151.3303170-1-jmattson@google.com> X-Mailer: git-send-email 2.51.2.1041.gc1ab5b90ca-goog Message-ID: <20251107201151.3303170-2-jmattson@google.com> Subject: [RFC PATCH 1/6] KVM: x86: nSVM: Shuffle guest PAT and PAT MSR in svm_set_nested_state() From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Alexander Graf , Joerg Roedel , Avi Kivity , "=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?=" , David Hildenbrand , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When L2 is active and using nested paging, accesses to the PAT MSR should be redirected to the Guest PAT register. As a result, KVM_GET_MSRS will save the Guest PAT register rather than the PAT MSR. However, on restore, KVM_SET_MSRS is called before KVM_SET_NESTED_STATE, so the Guest PAT register will be restored to the PAT MSR. To fix the serialization of the Guest PAT register and the PAT MSR, copy the PAT MSR to the Guest PAT register (vmcb02->save.g_pat) and copy vmcb01->save.g_pat to the PAT MSR in svm_set_nested_state() under the right conditions. One of these conditions is a new SVM nested state flag, which will be set in the commit that modifies the KVM_{GET,SET}_MSRS semantics. Signed-off-by: Jim Mattson --- arch/x86/include/uapi/asm/kvm.h | 2 ++ arch/x86/kvm/svm/nested.c | 15 +++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kv= m.h index d420c9c066d4..df8ae68f56f7 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -494,6 +494,7 @@ struct kvm_sync_regs { #define KVM_STATE_NESTED_SVM_VMCB_SIZE 0x1000 =20 #define KVM_STATE_VMX_PREEMPTION_TIMER_DEADLINE 0x00000001 +#define KVM_STATE_SVM_VALID_GPAT 0x00000001 =20 /* vendor-independent attributes for system fd (group 0) */ #define KVM_X86_GRP_SYSTEM 0 @@ -529,6 +530,7 @@ struct kvm_svm_nested_state_data { =20 struct kvm_svm_nested_state_hdr { __u64 vmcb_pa; + __u32 flags; }; =20 /* for KVM_CAP_NESTED_STATE */ diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index a6443feab252..ad11b11f482e 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1052,6 +1052,7 @@ void svm_copy_vmrun_state(struct vmcb_save_area *to_s= ave, to_save->rsp =3D from_save->rsp; to_save->rip =3D from_save->rip; to_save->cpl =3D 0; + to_save->g_pat =3D from_save->g_pat; =20 if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) { to_save->s_cet =3D from_save->s_cet; @@ -1890,6 +1891,20 @@ static int svm_set_nested_state(struct kvm_vcpu *vcp= u, if (WARN_ON_ONCE(ret)) goto out_free; =20 + /* + * If nested paging is enabled in vmcb12, then KVM_SET_MSRS restored + * the guest PAT register to the PAT MSR. Move this to the guest PAT + * register (svm->vmcb->save.g_pat) and restore the PAT MSR from + * svm->vmcb01.ptr->save.g_pat). + */ + if ((kvm_state->hdr.svm.flags & KVM_STATE_SVM_VALID_GPAT) && + nested_npt_enabled(svm)) { + ret =3D -EINVAL; + svm->vmcb->save.g_pat =3D vcpu->arch.pat; + if (!kvm_pat_valid(svm->vmcb01.ptr->save.g_pat)) + goto out_free; + vcpu->arch.pat =3D svm->vmcb01.ptr->save.g_pat; + } svm->nested.force_msr_bitmap_recalc =3D true; =20 kvm_make_request(KVM_REQ_GET_NESTED_STATE_PAGES, vcpu); --=20 2.51.2.1041.gc1ab5b90ca-goog