From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C4EBDDF59 for ; Tue, 24 Feb 2026 00:55:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894512; cv=none; b=GF1ZYjTPvWtzUoN72u2T92cYkjQt4EOeqBEciM0L0YpoJX8qoNbnwYNGccgT+jACK+KuX5uYJHOqmn1ge8wIiXyBQK2rkop/tTxIlBdeFUdbOtuwhZoHM0mEC/F6Re2aF2kx6rHPhwGRAo7An0R2WzqMbhpmOmLAQDhmYcCmn0Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894512; c=relaxed/simple; bh=hlc3eDYC5CtCx3ysabEqZdPhL0pvMkg0uv2uuQC4boY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=SnwB+I81DMm4ofUogVTReSFUOkDPuRDS1fYqH9CjQTdMAuuuH5bq2yN6khsbmxqV0RH/UEF2WT0LVs7m6VgaMqsdFYKeSWYYJHWWJ3bMteLzRg9bfjS6Pu/xqdlcqtKCIr6XhJ6DavRFsz3Nef1DJ3fb0DK1AmXwaZbxHpdscOo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=4b5kv0ng; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="4b5kv0ng" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2ad7e454f38so211316475ad.0 for ; Mon, 23 Feb 2026 16:55:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894509; x=1772499309; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Oa3pg7vK4S+HyEZf4ju0uKesK2HwwrvHmekpcG0SoGY=; b=4b5kv0ng7PvyzYnPE3wrKCdXMc0Ytu3i7JgrNxgHDoU6ZtimAIOWYiAoLcBM/ljiC1 P7S/XtTU980au6E8+dgKlcLkeXDsNSJuu6zcJMOOQVq/qx0LfuRnQbn55QbkXPqzRXxL kyUTSNWXaEyXKwqmELHqHcjEZjc/gusUohhO5Blq9Xc1G6OvDUAHUlvrNqJfpWyBmStE mr4vD9Pp0XU3ni5uIYB1KqUzalhDhgVITk+fsJQs6uT1ylssCg7OxnlofwTnHCoJuA94 ++T6M9rfkUgpJP1+Gr1iHJU6i9x67Wnc4gPVVuHsK9rQLwHAYz+OkPZquNSBfcEXIOq5 7WxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894509; x=1772499309; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Oa3pg7vK4S+HyEZf4ju0uKesK2HwwrvHmekpcG0SoGY=; b=aY7WPWQ5O+7oDOcIXw9msQyUVsDwEvxfMojOZ4QukYMbJdEu4328F7tnm3gNCf/7Qw yVlfvOE5Dg75Hd0zM0oW2Yv6Q2TZ+IVQULfoq6zcFIArXsE3VwoTYaVT9atd75CyAIoc D1HuqBrgbWF123I1dpbJQkiNvgW2Ot20t7+Aeg80//M6tabwwxjSV64ABVwWe/upk35q ulM1XstAe0jwHdpF/cvbV65Hp9TQJi489og57v4j3hEi5Mwr/I1VSBNWJOU7F8gGwcjV LOeve+ogf2SlGK3GLRocvdDl16+UDencSPi0LK5uzYeeidm8JGbeB/fuyUzfvtEDGQjC qScA== X-Forwarded-Encrypted: i=1; AJvYcCXGwiWDnOlPc17jJWAxtwvmlQRHA7NbB5G0sQq8dUcKJe9WZW00ScQic/CmQtHEODVr/1wcwr92jqUCeHk=@vger.kernel.org X-Gm-Message-State: AOJu0Yw/8GIwTvfHPjcTbVHBUKU6Rd1eGsO9IWxSRW97Rs1I3KFuG4sk SlwdNcrZrzs911AiRqJkida6ew0N6ppzaOjbhS7xWHcKqSbpU+9POJsvTUJdGKWZBVL1AbQR8rR 5b60GpEYCFqb9pg== X-Received: from plblb15.prod.google.com ([2002:a17:902:fa4f:b0:2a9:4c70:1b4b]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:f68a:b0:2a9:62ce:1c18 with SMTP id d9443c01a7336-2ad74449b3emr95053825ad.14.1771894509056; Mon, 23 Feb 2026 16:55:09 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:39 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-2-jmattson@google.com> Subject: [PATCH v5 01/10] KVM: x86: SVM: Remove vmcb_is_dirty() From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" After commit dd26d1b5d6ed ("KVM: nSVM: Cache all used fields from VMCB12"), vmcb_is_dirty() has no callers. Remove the function. Signed-off-by: Jim Mattson --- arch/x86/kvm/svm/svm.h | 5 ----- 1 file changed, 5 deletions(-) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0bb93879abfe..8f9e6a39659c 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -434,11 +434,6 @@ static inline void vmcb_mark_dirty(struct vmcb *vmcb, = int bit) vmcb->control.clean &=3D ~(1 << bit); } =20 -static inline bool vmcb_is_dirty(struct vmcb *vmcb, int bit) -{ - return !test_bit(bit, (unsigned long *)&vmcb->control.clean); -} - static inline bool vmcb12_is_dirty(struct vmcb_ctrl_area_cached *control, = int bit) { return !test_bit(bit, (unsigned long *)&control->clean); --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E0A1F23EA99 for ; Tue, 24 Feb 2026 00:55:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894513; cv=none; b=Us2DHGVt89LScAAsMeE3ZFJqgBbEzZpK0keC5XKa/i2ytGH6h1Khq2qvQPBeECSvAK+ovNscIDNpyEKnkmUtruf86VyDXVhgCSboSiDgzAbt8n4tdc+LxZWi3DdUmknaSACi6byyaqMS/LfAno2i3hdBeyep4UVkxZulKOWAyfE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894513; c=relaxed/simple; bh=TQRcrEIl6abnDAXke8DKVdrifugyEhen44qHWS2JWko=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VSQxN/D+s+1PjX51bsmTvrziC6LMm5Nzm83Kh5W5PPkgu1+CELPtFv8EqS3+xs9FbbzKaLD0rcSITkVgNsGDZMf3CyUiIbUS+NSNJUo6SYRvy0qU38vh8i/KnUWnfOVj24k4VefoVlUFTl+EpF7qfdfeYLl0PhOlBD4krlYqyj0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=LljgwJk6; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="LljgwJk6" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-c6fd07933aaso2892759a12.0 for ; Mon, 23 Feb 2026 16:55:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894511; x=1772499311; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=46KB3RR4mRrf56rBPul9rnuklFPMftSM5I4pNmsZc58=; b=LljgwJk6s7fQtgtV2VRhVCdo68iSoRUJeDQX3XN/Ty3re8A6yMOO9FPG1P0c06uhZB IbUU6QBAhAGoFyXQuwGRHR/RKdbTxCRkmdIFIaz8HLRRIuEBy4NmDlXOzSt5+reetMgk mQKcIO3BDa1g4OrmhIhiE+NJNVNuEvHGlvTeicrmMYBO8s70D6mf+q0Oowk4hhidUFgo 8OK0ns9eS9ggZLFafC+JpJWOeQeRZIGqlRUvua2svE4pmD+XPLkZvnMOYrZIkU/GApZ9 yl5f/Pmip+xPk61Th232XEMkPLN/vYMTCUT39a9nPz76wCzU7auoazorRpnZp7FSqdM4 1JKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894511; x=1772499311; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=46KB3RR4mRrf56rBPul9rnuklFPMftSM5I4pNmsZc58=; b=XLU9HCCO72iqO4OqGnS9VczB9MRXGDKA8eN5TOfLfp79oG5LR984t+8LttyOYXYhvF CJHgsjxAbP65Uo4APGjkYJaz+jcyZPFBuxhT1184R81uqSgP34VANUoYKriUPjiiY9YK NXoJ4ig6OQGLNXfrDW6P5+L2lcQtdeunGk2RVNKQEesSDYG8kyPNbdn5Lrg2gFP7KjLz cgsRS0onI9JSI3cCABRK/D2JnnRPvhfCJE9UgjNgtE4eudPIhMyu+E9f2NFyCMuagK/b krrRswl1uCjMD2utndBenH9HzeEck/2bpSYZQhjSLhqIuXzQ/15Lm9X+yhVZXg8iBbka /GDg== X-Forwarded-Encrypted: i=1; AJvYcCVCcQIV3zjEtrDo97IB//url/WMjL3ePAHecy4nIxnQF1eIlwlcR1hXkfsZjyjAKHtfG8Z+/cr7bVT6J2c=@vger.kernel.org X-Gm-Message-State: AOJu0Yw9oPdC6jwvzbQP4bmM33rjKuJiOtjBYuB6Ui8Hb4RKi6+GD8RP izF/Cp8dQJJ67/MSSAJyMdkIAi2XLs+9rvffzAHDD2wfHY9sL9d5DAisOIwA///poMCLlh2Wz1B TOFCpPkTW5q2ONg== X-Received: from pgww26-n2.prod.google.com ([2002:a05:6a02:2c9a:20b0:c6d:df0e:dbb2]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:6f02:b0:366:14ac:e207 with SMTP id adf61e73a8af0-39545fe3c40mr7926670637.69.1771894511049; Mon, 23 Feb 2026 16:55:11 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:40 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-3-jmattson@google.com> Subject: [PATCH v5 02/10] KVM: x86: nSVM: Clear VMCB_NPT clean bit when updating hPAT from guest mode From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When running an L2 guest and writing to MSR_IA32_CR_PAT, the host PAT value is stored in both vmcb01's g_pat field and vmcb02's g_pat field, but the clean bit was only being cleared for vmcb02. Introduce the helper vmcb_set_gpat() which sets vmcb->save.g_pat and marks the VMCB dirty for VMCB_NPT. Use this helper in both svm_set_msr() for updating vmcb01 and in nested_vmcb02_compute_g_pat() for updating vmcb02, ensuring both VMCBs' NPT fields are properly marked dirty. Fixes: 4995a3685f1b ("KVM: SVM: Use a separate vmcb for the nested L2 guest= ") Signed-off-by: Jim Mattson --- arch/x86/kvm/svm/nested.c | 2 +- arch/x86/kvm/svm/svm.c | 3 +-- arch/x86/kvm/svm/svm.h | 6 ++++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index d80b1bde6630..b72a1f3c4144 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -707,7 +707,7 @@ void nested_vmcb02_compute_g_pat(struct vcpu_svm *svm) return; =20 /* FIXME: merge g_pat from vmcb01 and vmcb12. */ - svm->nested.vmcb02.ptr->save.g_pat =3D svm->vmcb01.ptr->save.g_pat; + vmcb_set_gpat(svm->nested.vmcb02.ptr, svm->vmcb01.ptr->save.g_pat); } =20 static void nested_vmcb02_prepare_save(struct vcpu_svm *svm) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index be9d562fabde..6c41f2317777 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2924,10 +2924,9 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct= msr_data *msr) if (ret) break; =20 - svm->vmcb01.ptr->save.g_pat =3D data; + vmcb_set_gpat(svm->vmcb01.ptr, data); if (is_guest_mode(vcpu)) nested_vmcb02_compute_g_pat(svm); - vmcb_mark_dirty(svm->vmcb, VMCB_NPT); break; case MSR_IA32_SPEC_CTRL: if (!msr->host_initiated && diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 8f9e6a39659c..9850ed01e16e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -439,6 +439,12 @@ static inline bool vmcb12_is_dirty(struct vmcb_ctrl_ar= ea_cached *control, int bi return !test_bit(bit, (unsigned long *)&control->clean); } =20 +static inline void vmcb_set_gpat(struct vmcb *vmcb, u64 data) +{ + vmcb->save.g_pat =3D data; + vmcb_mark_dirty(vmcb, VMCB_NPT); +} + static __always_inline struct vcpu_svm *to_svm(struct kvm_vcpu *vcpu) { return container_of(vcpu, struct vcpu_svm, vcpu); --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A421A23C503 for ; Tue, 24 Feb 2026 00:55:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894515; cv=none; b=hV07UYcX65yf4fMBzlrVgFvc2eACy1n4WCtwjyjt32azTodJ1TN7nASKh0TdqzsZDDKh2ErtSoKItcuqDpHgRdF+G7Ovl0OJpe+64J9MgNOrFf8RrKjTyVMyt6kKf6RaxshuEyXiF7IhJCQKyxRzz2G3RQUdB6M3ZSi7TD6xLfs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894515; c=relaxed/simple; bh=U8dRdtvZcYyWcRaAsd+lFSbNG2mMRb2eHiWi+yh8UNs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=jxdfMNDHss6fg0cRYA4OAOPtUlWvo08S7g2I8LhmMlC+nj4mVbQk7enJ/ihUIQCYlgxc8oRkmwkL3aw+POumvrdCEZpE3yMcItvDcaax87d+57FRINYpedT1JapItSDggwABsyvpMxZVQjkoeSq+9x3ViCl9mxrvuvfF1cGzpdw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=QNgZtgH7; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="QNgZtgH7" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2a7d7b87977so51874935ad.0 for ; Mon, 23 Feb 2026 16:55:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894513; x=1772499313; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=kw54h9TT8085zuh20vf9SBkAnbrWrd9JjgAMyyfoHIE=; b=QNgZtgH7EkSsUYLrS4NcQGLDnYgYZcPKojIQlmta5GD8dlRC149fYW7zJaIVy5pQv2 IdeRRgvO0Kklu1nd1g4Eln3IvIVoqwfdg5k9LyIL1N6H3A1iQTQij36mJWW+BEqcSJto J0qP6NkJqBETtPxNZn9CyjxUvzJU39s6lB9sEFaD1mtPsoIpqgrKq/YegowwL0SK0oTS NUH53RuuTvIxAk9Od6nzwjqXxKjWHO+1dzVObYd/DSqEAKWh7LH0gL3FzbmlUn2ExCi3 pPLwA1vQPPnhETzmagrmDw4elMc22DkIl+++2Ohfz9CyPzMoyRFONEFkL4aIYBBcA+7/ BpQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894513; x=1772499313; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=kw54h9TT8085zuh20vf9SBkAnbrWrd9JjgAMyyfoHIE=; b=pEZXDY3RR3qXkAdmIqf3em9iD61yge7Z0dMfzDVUeiPL28B+MXJ5WGBd1VdrLGapXb sqykK4Rxh/oRqr0LI/Vacn884kw0vdq+1bj86KRTGoXBR7l63fsoCCK2ROpOZKwZq5pI XwFeIy00XH07PWe8dW6xKNl1wOrFQ3aDbCTeuAsnE3zaVSzGfILsm15/dfDibcaht1Hk vvM4qggkosBnMZEoUxlygggG74GZ3wtShADANbOJxCCe/KyD18DL/b4JzX8cj9XYLfb4 yaOw+Yxyf9Urdy/OXXXB6XyjH8w2kVeuccCWGVwypZJ/bIsV6Rg3cuAMbrNcaGLsa849 Imfw== X-Forwarded-Encrypted: i=1; AJvYcCWYvmCctU2sEpXuxLgHKMwfyscSvlvguytD55cKBNQN1kZZZYx9ZAUoeQPA4dNw2gGu0so94PBOxlpA3+g=@vger.kernel.org X-Gm-Message-State: AOJu0Yyyn7TBjxVpjnMFboJDit4XE+63po1jdH1q1ALtGxVxISKFQNVP bTPMrotsAjiG4Qa3Y8vOjXImpTid1u7cKpcpvvZSZQQJpQt0Dk+Q74qbjh6BrQbS0D9YroJ//ha 9kWtOG5JU+O3P/g== X-Received: from pjbev14.prod.google.com ([2002:a17:90a:eace:b0:356:3104:ed7]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:e544:b0:2ad:9421:6136 with SMTP id d9443c01a7336-2ad942166b9mr10617865ad.1.1771894512864; Mon, 23 Feb 2026 16:55:12 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:41 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-4-jmattson@google.com> Subject: [PATCH v5 03/10] KVM: x86: nSVM: Cache and validate vmcb12 g_pat From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Cache g_pat from vmcb12 in vmcb_save_area_cached to avoid TOCTTOU issues, and add a validity check so that when nested paging is enabled for vmcb12, an invalid g_pat at emulated VMRUN causes an immediate VMEXIT with exit code VMEXIT_INVALID, as specified in the APM, volume 2: "Nested Paging and VMRUN/VMEXIT." Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler") Signed-off-by: Jim Mattson --- arch/x86/kvm/svm/nested.c | 17 +++++++++++++---- arch/x86/kvm/svm/svm.h | 1 + 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index b72a1f3c4144..91b35adb83f8 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -426,7 +426,8 @@ static bool nested_vmcb_check_controls(struct kvm_vcpu = *vcpu, =20 /* Common checks that apply to both L1 and L2 state. */ static bool nested_vmcb_check_save(struct kvm_vcpu *vcpu, - struct vmcb_save_area_cached *save) + struct vmcb_save_area_cached *save, + bool check_gpat) { if (CC(!(save->efer & EFER_SVME))) return false; @@ -462,6 +463,9 @@ static bool nested_vmcb_check_save(struct kvm_vcpu *vcp= u, if (CC(!kvm_valid_efer(vcpu, save->efer))) return false; =20 + if (check_gpat && CC(!kvm_pat_valid(save->g_pat))) + return false; + return true; } =20 @@ -573,6 +577,7 @@ static void __nested_copy_vmcb_save_to_cache(struct vmc= b_save_area_cached *to, =20 to->rax =3D from->rax; to->cr2 =3D from->cr2; + to->g_pat =3D from->g_pat; =20 svm_copy_lbrs(to, from); } @@ -1036,7 +1041,8 @@ int enter_svm_guest_mode(struct kvm_vcpu *vcpu, u64 v= mcb12_gpa, bool from_vmrun) =20 enter_guest_mode(vcpu); =20 - if (!nested_vmcb_check_save(vcpu, &svm->nested.save) || + if (!nested_vmcb_check_save(vcpu, &svm->nested.save, + nested_npt_enabled(svm)) || !nested_vmcb_check_controls(vcpu, &svm->nested.ctl, svm->vmcb01.ptr->save.cr0)) return -EINVAL; @@ -2006,13 +2012,16 @@ static int svm_set_nested_state(struct kvm_vcpu *vc= pu, =20 /* * Validate host state saved from before VMRUN (see - * nested_svm_check_permissions). + * nested_svm_check_permissions). Note that the g_pat field is not + * validated, because (a) it may have been clobbered by SMM before + * KVM_GET_NESTED_STATE, and (b) it is not loaded at emulated + * #VMEXIT. */ __nested_copy_vmcb_save_to_cache(&save_cached, save); if (!(save->cr0 & X86_CR0_PG) || !(save->cr0 & X86_CR0_PE) || (save->rflags & X86_EFLAGS_VM) || - !nested_vmcb_check_save(vcpu, &save_cached)) + !nested_vmcb_check_save(vcpu, &save_cached, false)) goto out_free; =20 =20 diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 9850ed01e16e..a49c48459e0b 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -161,6 +161,7 @@ struct vmcb_save_area_cached { u64 isst_addr; u64 rax; u64 cr2; + u64 g_pat; u64 dbgctl; u64 br_from; u64 br_to; --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E7C8923ABB9 for ; Tue, 24 Feb 2026 00:55:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894521; cv=none; b=Xgx0HCn5RlLzPmXfarWcPmBPc4S7ElHRr535NW/R4fAAy1I9+I2cnPu1X9wXmi4g3GL2cJ9ZIOVENo2FlYz8zojrrHns3m3co08AoaukA6bVfi+lVsVWRzO1zCyi6nBVmvmHsdrEbKGBsTmSQfvq1sMcE25pUemBPogm4OCSDGA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894521; c=relaxed/simple; bh=wugGug88ulZBP+j2+aUrsuqT4ajAwhd5CJ12zCO2pgU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=YAIS4Ou9TAZdYnG8bG7h3OsxnnnUTp4+yvIzoyLrTAsyl9f9c8am0Ans9Kos00sHUoqSeMZ8XRXI/Y348zWo0oLCh7gKgn3koJwzGdgQYucRkLbxGG2/C+yeCxM1L28uzIeD8JY1VF4fRjVOrnoM1PP/yzKYotaiVJ27zevNXpQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=IGsOfS0i; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="IGsOfS0i" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-824bbce0a44so22269031b3a.2 for ; Mon, 23 Feb 2026 16:55:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894514; x=1772499314; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=5+Hqic4J3q/Gjct4qXtXk7Fpq6XEgqzORDUOT17QFCo=; b=IGsOfS0iiseZTXkRyjMPuRz0yd0R4HwqPg8peUzvpNWGM4sfmbJFQirrEyxDl+yclJ KqZyABpMBorhvUOOYaEAXyS9UHyHDnEZQ3aKjXkgvD6wNClIVL+qxRvPQrDHL0eqLFLr qbP6GAfvs6yboAPk3Of4P+MJhx1ZarlBgNHV/AsvIwjLialHrN+v7bAejZmV63agcpvy R7T/GMM6eQ3ZtAhB2b/tvRz6oPOijmE4bmw3vNuctWp4eBsz3MLwbrnNm8wn6ILxL4MZ 4EqRKEQDaf11prOWe1ERcz0mniE0Y+N+15cJy3ejD7Z2Vpx7aDh+yGeGsJaZ/Bar95I1 P1iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894514; x=1772499314; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=5+Hqic4J3q/Gjct4qXtXk7Fpq6XEgqzORDUOT17QFCo=; b=DJy1h9VMJ7LG5gWhkwlpq5TGmbhJ3d/LzSm+rOMVt185bYVoSqnko6iKyzA2d2Ajmc 3uvcmoWL4MzdkYuMzAXyLY6rVqczTlPXJBk5/3Kh/k7hLhtHwsAD2dltftn1g5+vrQe8 VOe1CuCFaFLToIeJ/8zzIYrWK6Km5onuU1xb4+lFVw16OwutfscHcAe0sdc91Dlg8g3W RJjvjousWjBUxnrpGYeAzmALV17Ih0zkLHpeQl9ilE4Vgy01Byx6IJ+RRc1gZTuTr3yt ogzr3RcZRMmh0l74Nqr2OttTk/dI6SekhR1rDomUz11JvOm7sLWwCpYVz5YCPL9hChud E33g== X-Forwarded-Encrypted: i=1; AJvYcCVQbxpoqx+3feYTGDuQ7EU4y9RGnxMwpQ3hWMP/02Y6+cQADGvfcWrsB2YDMk7V5ax8f97134hQR4Q5ek4=@vger.kernel.org X-Gm-Message-State: AOJu0YzdesRtnlkpxxUt921PUfo4CC2MnuL7yviDQ1mHYtd7sNmi9bZP r5lR9QvBr+PY06kWpxZhJSdwyUI3p9zLf5saBXbH8fWAhhtfk7dUcVS5uIiSs8JgWPCMB/iniTo TOfQD4qc5L7ktcQ== X-Received: from pfbfb35.prod.google.com ([2002:a05:6a00:2da3:b0:824:ba70:4416]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:92a5:b0:81f:46ce:e90 with SMTP id d2e1a72fcca58-826da910433mr9511795b3a.28.1771894514274; Mon, 23 Feb 2026 16:55:14 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:42 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-5-jmattson@google.com> Subject: [PATCH v5 04/10] KVM: x86: nSVM: Set vmcb02.g_pat correctly for nested NPT From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson , Yosry Ahmed Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When nested NPT is enabled in vmcb12, copy the (cached and validated) vmcb12 g_pat field to the guest PAT register. Under KVM, the guest PAT register lives in svm->nested.save.g_pat. When NPT is enabled, but nested NPT is disabled, copy L1's IA32_PAT MSR to the vmcb02 g_pat field, since L2 shares the IA32_PAT MSR with L1. When NPT is disabled, the g_pat field is ignored by hardware. Fixes: 15038e147247 ("KVM: SVM: obey guest PAT") Signed-off-by: Jim Mattson Reviewed-by: Yosry Ahmed --- arch/x86/kvm/svm/nested.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 91b35adb83f8..dc8275837120 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -724,9 +724,6 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm = *svm) struct vmcb *vmcb02 =3D svm->nested.vmcb02.ptr; struct kvm_vcpu *vcpu =3D &svm->vcpu; =20 - nested_vmcb02_compute_g_pat(svm); - vmcb_mark_dirty(vmcb02, VMCB_NPT); - /* Load the nested guest state */ if (svm->nested.vmcb12_gpa !=3D svm->nested.last_vmcb12_gpa) { new_vmcb12 =3D true; @@ -757,6 +754,13 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm= *svm) vmcb_mark_dirty(vmcb02, VMCB_CET); } =20 + if (nested_npt_enabled(svm)) { + if (unlikely(new_vmcb12 || vmcb12_is_dirty(control, VMCB_NPT))) + vmcb_set_gpat(vmcb02, svm->nested.save.g_pat); + } else if (npt_enabled) { + vmcb_set_gpat(vmcb02, vcpu->arch.pat); + } + kvm_set_rflags(vcpu, save->rflags | X86_EFLAGS_FIXED); =20 svm_set_efer(vcpu, svm->nested.save.efer); --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 698F1231A23 for ; Tue, 24 Feb 2026 00:55:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894521; cv=none; b=qPRCTH50J+gzVmgikYVi9fhkL9hhYCY2DSrcoefri3HL1tEixXbBTtDxFunRRloOPF2iWYKfqhPhtNCfaK70XUsuiobPGY7ufAwc/hkPnGpZB54xqSaVt6vRNuHZZqVhsuiD5Ns7fCuJ+inkbbYHV9xLqsBh4AKHRKgkGt7SiIM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894521; c=relaxed/simple; bh=Y+zA93oqxDxdZ8NjJuhQSp95z4EwJSX5Gm74U7u7Org=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=fwFogMdHxMjsbWMiSRZz6wZrmwZNl2fywfIG4rjDnxwqXFXTtelyFLP0gMvOvs6YVkoFP/9tRjnNE0onvE26EJPlazGA6pDsG6/3TtC8nNnyKcSr3FODuYBjUyvoUkGHQYIW3e6MXTznp4cs/O4Kbv92CEw64R8BxtEKCoQ75Xw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=iuRcs4DM; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="iuRcs4DM" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-c6de0bd0896so25879467a12.1 for ; Mon, 23 Feb 2026 16:55:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894516; x=1772499316; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=PvIQS9DN9h9Wi6g5cxY9qpzMKIwL0mrn7RNJ8Wmb67M=; b=iuRcs4DMR1HY3OEuRWblzM55tb42FIPzNK4WwaavcixRXTgH/msyftmZzGXYxAoF+m 9q3Q4NHaFLs7E1JY4WAhBID9hj3rudRXxWANEdtmjOLJkOG8x03H84dS8tb3MOdbpF1g 72gNGLpf8WhjGRQTyP96UFjk/IhHQJG1ygzXqwswr8rxmHdTy1iM0J3FJ74tNazZfih/ aUAaUYx9vRyM13EKZ+0/PMQHjaPQXsMpNkjZ4Qla4l81yDNNwfXNusZ/tUPnmVxevdyJ 3hTA4+iR+TxNQMuqtvvtzzI3HlcNkWQnMKwaao/LHx4YCBkMp4lsjjh/wV9RIcmAK9we wyhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894516; x=1772499316; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=PvIQS9DN9h9Wi6g5cxY9qpzMKIwL0mrn7RNJ8Wmb67M=; b=g/5RS21CSFaOwa6L6MT5TxZZ6dnBPl45fSbS9LavFaA7jTASACeEyUqa+BsbpvJd85 crLmY1D4lDwMPNq138jVH9tVcIrkslity/M76LhSa6J98506SAjj437ebwsIuSWyv80V n+AX8/ltvEPRZpN+O0ubRpVoiqtdUMdadcbldhZT4vm6rbUOnw/ypp0Swme6gaXE0/1D ZpXy+rJjX5zKyAe7jTvpyMig16jD+oTFOS0dLZJt4BmPXKYwrlkx75rSmEFQNjFg+Xvu xfXssY4bcmvKGKc5ngEVv9C2OqpvhYykb1p0858loXSUzF0fzzItn6Og7c/kDbBqEdPd GZlA== X-Forwarded-Encrypted: i=1; AJvYcCUxvP5O/dl4e9jpPSV+5qVGzGG5thd9WI7AFa9EZppvBm6CUaa6A/W+QlMvIY9i6y9aPeC53IWkgwaEwkA=@vger.kernel.org X-Gm-Message-State: AOJu0YxRzavT4t6WD5xMAXE1y61sAlQxmxgL87gLqmQrKRHyCjBbFHPZ ziGdgp8WgcnprmLCBYnfuiQyGQovwivBWx7dtE5fMMbbMmvOXn0o5ggRl6cYtbmjK20Kq8HeRoI sWbQiDaHLTSk7yw== X-Received: from pgjz9.prod.google.com ([2002:a63:e549:0:b0:c6e:1ce5:b898]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:2d42:b0:394:75f8:a01 with SMTP id adf61e73a8af0-39545e7b5cbmr9004630637.16.1771894515875; Mon, 23 Feb 2026 16:55:15 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:43 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-6-jmattson@google.com> Subject: [PATCH v5 05/10] KVM: x86: nSVM: Redirect IA32_PAT accesses to either hPAT or gPAT From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When the vCPU is in guest mode with nested NPT enabled, guest accesses to IA32_PAT are redirected to the gPAT register, which is stored in VMCB02's g_pat field. Non-guest accesses (e.g. from userspace) to IA32_PAT are always redirected to hPAT, which is stored in vcpu->arch.pat. This is architected behavior. It also makes it possible to restore a new checkpoint on an old kernel with reasonable semantics. After the restore, gPAT will be lost, and L2 will run on L1's PAT. Note that the old kernel would have always run L2 on L1's PAT. Add WARN_ON_ONCE to flag any host-initiated accesses originating from KVM itself rather than userspace. Fixes: 15038e147247 ("KVM: SVM: obey guest PAT") Signed-off-by: Jim Mattson --- arch/x86/kvm/svm/nested.c | 9 ------- arch/x86/kvm/svm/svm.c | 52 ++++++++++++++++++++++++++++++++++----- arch/x86/kvm/svm/svm.h | 1 - 3 files changed, 46 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index dc8275837120..69b577a4915c 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -706,15 +706,6 @@ static int nested_svm_load_cr3(struct kvm_vcpu *vcpu, = unsigned long cr3, return 0; } =20 -void nested_vmcb02_compute_g_pat(struct vcpu_svm *svm) -{ - if (!svm->nested.vmcb02.ptr) - return; - - /* FIXME: merge g_pat from vmcb01 and vmcb12. */ - vmcb_set_gpat(svm->nested.vmcb02.ptr, svm->vmcb01.ptr->save.g_pat); -} - static void nested_vmcb02_prepare_save(struct vcpu_svm *svm) { struct vmcb_ctrl_area_cached *control =3D &svm->nested.ctl; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 6c41f2317777..00dba10991a5 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2715,6 +2715,46 @@ static bool sev_es_prevent_msr_access(struct kvm_vcp= u *vcpu, !msr_write_intercepted(vcpu, msr_info->index); } =20 +static bool svm_pat_accesses_gpat(struct kvm_vcpu *vcpu, bool from_host) +{ + struct vcpu_svm *svm =3D to_svm(vcpu); + + /* + * When nested NPT is enabled, L2 has a separate PAT from + * L1. Guest accesses to IA32_PAT while running L2 target + * L2's gPAT; host-initiated accesses always target L1's + * hPAT for backward and forward KVM_SET_MSRS compatibility + * with older kernels. + */ + WARN_ON_ONCE(from_host && vcpu->wants_to_run); + return !from_host && is_guest_mode(vcpu) && nested_npt_enabled(svm); +} + +static u64 svm_get_pat(struct kvm_vcpu *vcpu, bool from_host) +{ + if (svm_pat_accesses_gpat(vcpu, from_host)) + return to_svm(vcpu)->vmcb->save.g_pat; + else + return vcpu->arch.pat; +} + +static void svm_set_pat(struct kvm_vcpu *vcpu, bool from_host, u64 data) +{ + struct vcpu_svm *svm =3D to_svm(vcpu); + + if (svm_pat_accesses_gpat(vcpu, from_host)) { + vmcb_set_gpat(svm->vmcb, data); + } else { + svm->vcpu.arch.pat =3D data; + if (npt_enabled) { + vmcb_set_gpat(svm->vmcb01.ptr, data); + if (is_guest_mode(&svm->vcpu) && + !nested_npt_enabled(svm)) + vmcb_set_gpat(svm->vmcb, data); + } + } +} + static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) { struct vcpu_svm *svm =3D to_svm(vcpu); @@ -2837,6 +2877,9 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) case MSR_AMD64_DE_CFG: msr_info->data =3D svm->msr_decfg; break; + case MSR_IA32_CR_PAT: + msr_info->data =3D svm_get_pat(vcpu, msr_info->host_initiated); + break; default: return kvm_get_msr_common(vcpu, msr_info); } @@ -2920,13 +2963,10 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struc= t msr_data *msr) =20 break; case MSR_IA32_CR_PAT: - ret =3D kvm_set_msr_common(vcpu, msr); - if (ret) - break; + if (!kvm_pat_valid(data)) + return 1; =20 - vmcb_set_gpat(svm->vmcb01.ptr, data); - if (is_guest_mode(vcpu)) - nested_vmcb02_compute_g_pat(svm); + svm_set_pat(vcpu, msr->host_initiated, data); break; case MSR_IA32_SPEC_CTRL: if (!msr->host_initiated && diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index a49c48459e0b..58b0b935d049 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -840,7 +840,6 @@ void nested_copy_vmcb_control_to_cache(struct vcpu_svm = *svm, void nested_copy_vmcb_save_to_cache(struct vcpu_svm *svm, struct vmcb_save_area *save); void nested_sync_control_from_vmcb02(struct vcpu_svm *svm); -void nested_vmcb02_compute_g_pat(struct vcpu_svm *svm); void svm_switch_vmcb(struct vcpu_svm *svm, struct kvm_vmcb_info *target_vm= cb); =20 extern struct kvm_x86_nested_ops svm_nested_ops; --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 63645239567 for ; Tue, 24 Feb 2026 00:55:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894521; cv=none; b=X2+iqv/3tI1WnqggaMJrO2/uzTWpnqJ0ZqaRY354qW8sM4PP6/oN73XieBvPSpWYRuq0tUgVHm/e/vt3cfSuEeudIXEUZm3AZahL5dB1oNWr+aOgRp3JdIz8zl9zaegNIETi36tSmZ8QlH1+tZjZtmy1rEY06UM1Q0It8UIsxOA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894521; c=relaxed/simple; bh=cN5NunlFvoGOAe6HoYHTXV75STvfy1Ko7x7rssTBKYM=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=T2MROOIa2JBWZn2H+1IPT2nuD2veE8sH8b8zOJ9ULq/CHUqerIpJl4NRToYsDjwDoDTaTL+nRAVhLld1mJcY7LXFvzL66laf7JJb1xNtnKgoiZ0CloB+6XUX44OyKO2T5zCVPWShpmnzWT/CSVmO8VXbjhk335gghn7DlAjYaDw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=0gQxFBfT; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="0gQxFBfT" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-c6e1dab2328so21699104a12.0 for ; Mon, 23 Feb 2026 16:55:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894518; x=1772499318; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=wFzHPQE8L/64zORmW1YjNFU61I5i8m5XPko55YlqUjg=; b=0gQxFBfTrhUpLUMtIZlx0iylDB4SQ4bJ/LejYfp9peUwgXo5brzz5mBOAlK1LyxkUQ a4YFhBlS87AUDctkxOHUbN1XFpRiWjo75mNfnG484aC4Q8eNopiKCANv6pvvHffbG/Vh H0q0id78A+LTew2r1X8MZ9pSvjAwsxeyhSCxV9SrLSEYCoOl9n7P+7194Y0Yxa67L4t7 DGI6Jw5kZKa5QjenCllnh8dqEshoG1PfCI2TcswwFkca09+BoCcxmhp58BiIi9WvhoMc mZhO/9udhkMucbrRaKWzoi/GunucukAqnwXZAKaig0GLrA6Oupch12vDBBhNmFszf/Ps nKsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894518; x=1772499318; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=wFzHPQE8L/64zORmW1YjNFU61I5i8m5XPko55YlqUjg=; b=oYY21/bn+PAHo1vDhlVxwwW/UEc4I2RpXebpxo6LrayKAOKTj96s9OQVdFDIM2ayUT ejropbyfeZQDC2LaH26CIOWMqFE2twdUts+B7ysqXWLMpNeOloKhvc3MBq0b/YQxXBL3 LhiHlgiUr3xyovP72Cb95e0WxKXWnWY1suDrFL0Yt9jv+GlGUohVhSPQmO9bRGzMhtm3 A9dXcNeRpsAMCFr2qYEPqmkQG7TBfuOzHO+pAfT4TTJ9UmqCo74bWpReYeAZDGNmqDWJ 0Wzc4sJpydTdnlMVbAzdPZGPwGQKzWoH8/1RRp49A51ZIf8113PTRCW5o5XFItUFhFIZ ASeA== X-Forwarded-Encrypted: i=1; AJvYcCVE2LxHLltqYqWksTww3SQpBZgiKxU7X7astFCeOVlIFpCsIqSC9HTacrl+gpgwS+TOAG1TWn9YcNKYgkg=@vger.kernel.org X-Gm-Message-State: AOJu0YxbmV7g9rezX0HdyJM0PV034N5OVlIsqXsyj3KeEMnKNKkbiTC+ xZYvBA1rX8g4zQHIEE0FgEYn4oqeqZXIBu3Z04finwOE4TGL6FiL9Kw/s8/A9qsbwtQ1KJpbqE8 uiJeT81fIpSAYkg== X-Received: from pgkm14.prod.google.com ([2002:a63:ed4e:0:b0:c63:55bd:18f0]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:94cf:b0:393:7575:a8c7 with SMTP id adf61e73a8af0-39545e3994fmr10015601637.19.1771894517673; Mon, 23 Feb 2026 16:55:17 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:44 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-7-jmattson@google.com> Subject: [PATCH v5 06/10] KVM: x86: Remove common handling of MSR_IA32_CR_PAT From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" SVM now has completely independent handling of MSR_IA32_CR_PAT in svm_get_msr() and svm_set_msr(). To avoid any confusion, move the logic for MSR_IA32_CR_PAT from kvm_get_msr_common() and kvm_set_msr_common() into vmx_get_msr() and vmx_set_msr(). Signed-off-by: Jim Mattson --- arch/x86/kvm/vmx/vmx.c | 9 ++++++--- arch/x86/kvm/x86.c | 9 --------- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 967b58a8ab9d..f5127dbd9104 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2146,6 +2146,9 @@ int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_dat= a *msr_info) !(vcpu->arch.arch_capabilities & ARCH_CAP_TSX_CTRL_MSR)) return 1; goto find_uret_msr; + case MSR_IA32_CR_PAT: + msr_info->data =3D vcpu->arch.pat; + break; case MSR_IA32_UMWAIT_CONTROL: if (!msr_info->host_initiated && !vmx_has_waitpkg(vmx)) return 1; @@ -2468,10 +2471,10 @@ int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_d= ata *msr_info) return 1; goto find_uret_msr; case MSR_IA32_CR_PAT: - ret =3D kvm_set_msr_common(vcpu, msr_info); - if (ret) - break; + if (!kvm_pat_valid(data)) + return 1; =20 + vcpu->arch.pat =3D data; if (is_guest_mode(vcpu) && get_vmcs12(vcpu)->vm_exit_controls & VM_EXIT_SAVE_IA32_PAT) get_vmcs12(vcpu)->guest_ia32_pat =3D data; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 416899b5dbe4..41936f83a17f 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4025,12 +4025,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct= msr_data *msr_info) return 1; } break; - case MSR_IA32_CR_PAT: - if (!kvm_pat_valid(data)) - return 1; - - vcpu->arch.pat =3D data; - break; case MTRRphysBase_MSR(0) ... MSR_MTRRfix4K_F8000: case MSR_MTRRdefType: return kvm_mtrr_set_msr(vcpu, msr, data); @@ -4436,9 +4430,6 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) msr_info->data =3D kvm_scale_tsc(rdtsc(), ratio) + offset; break; } - case MSR_IA32_CR_PAT: - msr_info->data =3D vcpu->arch.pat; - break; case MSR_MTRRcap: case MTRRphysBase_MSR(0) ... MSR_MTRRfix4K_F8000: case MSR_MTRRdefType: --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E63A923C8C7 for ; Tue, 24 Feb 2026 00:55:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894522; cv=none; b=j6V51FxEaN1KfEIb337f6t2idwfPBgloO6BXK2G6VlVFuhRDQ0w/Mzfpi5gFhiglSXxqyIsJemUIV5NOqJ03n1DTSsksaCG9ss2qfr1gmTzXV2qL1qImB6WaCDpQDXkiOquXGoYU6eVjC57Bf/DVnCjDc4kFGhkwwSy1yQKLHjs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894522; c=relaxed/simple; bh=KvLeiV0Vjji8SiyrDnRu5DIWGXhZccf7uaKSyEhILb4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=aQ9d5MoFUss2QF6+6/9hx1qO+mnVBCyy3inxfA3Idd/LoKbCemez4Q07OfBOM9jRFg/c0KR57mzfc7jJaS3DSt+iUqDg4VWGVBzNWsnU/xqlKbK1dC4XzKaRYZOEk6Fz6xYQcUP1U3OLTHg5p/5LKBQ831dMNbFWfabqRi1UwRk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=k+kQ3/lq; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="k+kQ3/lq" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-35678f99c6eso3411444a91.1 for ; Mon, 23 Feb 2026 16:55:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894519; x=1772499319; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=bUKIiVYJTDw1mDZ4aEBlsw/+AO2q4TbZR44wBl/k5uE=; b=k+kQ3/lqZA6XjICx5lIKP6ZpehY9zGIj2KM4h9jUPkyDo9ClwPc876tL9OL/3nuogA Iy5VebPGyl8Nor/oRlpfi/kkfUBxBFAi7Gb9NomB0oG+dqpJm/C31/dVwrI2e1T1z8C0 YbSNAjywOsecqiGOxFjeLVPebZZNlwD45Z+tFVuBkVIAa6vF6SvgQemMbHHYTu4DhcCg awOnfvKci+W1ldsk/opbRQ6pnjnBZY5HB262LtllkVrzLk8bwPRD3WdSL//F1YN+sCP3 /nQpHe17wFKHjNerFvHAGgPaegLaytHfJXzTIqp+SU97E06JUivzDIUzON03unHKRquZ dRZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894519; x=1772499319; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bUKIiVYJTDw1mDZ4aEBlsw/+AO2q4TbZR44wBl/k5uE=; b=CpHMElP41q8a2n7nIpuu5oXRF1xmitLlA1YMcVdRB07DCx6W2d7wxiTi8AUCVs5AX8 ILZkyI3OBHPaHfXPDZoqWc38cC0o/vB92O2p3ZxdMvuJAAOfWyMMqIPoyMcQGUabL2cG C2biz8Vfv7abGNh3xklq5gCdpDHlFtDVxkWnrvnRETR5intwZv+M9Yj31Gq/AAKseTVg 4g7cVw5GfbOVM+R1zrK/irDTMWolFBZdjK64OTukMA1Lhfah7hWYbSiUNXqGbcimD6Ty Pxl33lV8EdYNxEN5sw8dWJQkI6a3bFCLVP6fV3HGg96vgZ6nKNSChKPVfv/OzKfoDj+Y HnuA== X-Forwarded-Encrypted: i=1; AJvYcCWrxJbdTYxcacAMWecM3APlWvihrmpL+odhidOJpKOfrl3a18l4ofq3ooAjmKGAk525O7px+z8q/dOXHlU=@vger.kernel.org X-Gm-Message-State: AOJu0YyxceGkEKEuEOPDwotgSUFWqrbK/3ydci71lAEVZvHeIQ9dyD1h k5atjjOdA8N+22KamIf/SnlctCoFI5PNjjOGZRHE2qhAVg8Iw0DazTrJRVDlxrYGZTLQ8pqGKTG 5Ksg3BDJU9ef6/w== X-Received: from pjbmu3.prod.google.com ([2002:a17:90b:3883:b0:34c:34ab:8fd9]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5864:b0:34c:635f:f855 with SMTP id 98e67ed59e1d1-358ae7ceb11mr9530118a91.7.1771894519240; Mon, 23 Feb 2026 16:55:19 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:45 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-8-jmattson@google.com> Subject: [PATCH v5 07/10] KVM: x86: nSVM: Save gPAT to vmcb12.g_pat on VMEXIT From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson , Yosry Ahmed Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" According to the APM volume 3 pseudo-code for "VMRUN," when nested paging is enabled in the vmcb, the guest PAT register (gPAT) is saved to the vmcb on emulated VMEXIT. When nested NPT is enabled, save the vmcb02 g_pat field to the vmcb12 g_pat field on emulated VMEXIT. Fixes: 15038e147247 ("KVM: SVM: obey guest PAT") Signed-off-by: Jim Mattson Reviewed-by: Yosry Ahmed --- arch/x86/kvm/svm/nested.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 69b577a4915c..26f758e294ab 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1312,6 +1312,9 @@ void nested_svm_vmexit(struct vcpu_svm *svm) vmcb12->save.dr6 =3D svm->vcpu.arch.dr6; vmcb12->save.cpl =3D vmcb02->save.cpl; =20 + if (nested_npt_enabled(svm)) + vmcb12->save.g_pat =3D vmcb02->save.g_pat; + if (guest_cpu_cap_has(vcpu, X86_FEATURE_SHSTK)) { vmcb12->save.s_cet =3D vmcb02->save.s_cet; vmcb12->save.isst_addr =3D vmcb02->save.isst_addr; --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A219241C8C for ; Tue, 24 Feb 2026 00:55:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894525; cv=none; b=nHvesHQgUNdoUsXYztMuy8nBxhXjdeniEtNo6ebl0KrEZqFR4UL4FC9UcTg8eHAaKeHMkNonk0rGH2sZN0P+Obzw5Z3u35ilXKuG+QsuJ2+TPNaljMeq8iOgqslAmieyOhuWXuK97aVdJKrTNH1eKEEJ9UlkqmLZNwBV4q02WBs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894525; c=relaxed/simple; bh=dGfKpMcsKuI9NrO5UoOL8Z8WErizRM+WPY5uHc/kufY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ME69ctRVmfS57w5s72sJAgllSWZBF2N1K6q06z4fQNRi+rfVAJEQL7sYGWBF5CbRFT4wcJmsfoYr1fZll/foJP5Hzd3EyyvKt1g9htciPlSiN/ys37tf9k5SbyOctcEI9Xf7lJ+nY+4axpjVvZUKN6e773xJd41PMcTfw/ViMj0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=P59LHSRL; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="P59LHSRL" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-354bc535546so5117722a91.3 for ; Mon, 23 Feb 2026 16:55:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894521; x=1772499321; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=73J77K9sCtPLLyG3an/3NM/PxhZrZVfK3xi/KqqIpdw=; b=P59LHSRLWVnqj8RbmW4Z8/AlMIag6x6mTzvIJWYm49vLEj3Qll32JOPx3LdMzNPb+9 NZ9whuvXIQ9iE6fHj3cAhct3eDrZ3Kprs3rYgJs4DVraCLJxfd9+kPa6eDf3QQUC/lEq Mx96T6wP/gEs6qZsY8bWw8izkqBLc/xh01X8EhPWS8+B7b7NdrP/8Nd5ld4n0yIHzsoM 5SsTMUM6fPm5UOf9x8lMxV5f9iFUlK9rm11kB2AGFRnd1GHSkaWcwNlhh62qakWSBo0T Um1hhgDyBoq3P4sQqO0d1vTaFeU5CHQJVoeYV3VhR8cpIfgGvaiSL7pR8ebJc8ieRj+8 JQ9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894521; x=1772499321; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=73J77K9sCtPLLyG3an/3NM/PxhZrZVfK3xi/KqqIpdw=; b=FeBkpcbIVjvAdxKcV2W1QxTOfsG0de56Hd6Byfz0mxiykXS49ASuoOLQyb1vCT1mFs 3fMpucAUppPuqTiPGffZ7FL2sA63GF9RHSnJi2FOAaBeGNVMhG5Hiu4IMfFIImfvfmwj TdGejZjMSbhm6ZMVB/aN6dyC+PBlJVwJ5d4ocJIj5wUJ7TViusQt3DmjPfRbxb9AVbUQ oa971NbcxHyetGwmlU5HkC+DZqN550YXAUX7+du5OFR3sbei5f2rho9JUpeXHbH5Z99o M4qTHRkqXoOdstJg75iRNRd91Uibj32lVkm7ztuV3NbZMqu4qW3hhChz5BXqn0qyoB0A qeFQ== X-Forwarded-Encrypted: i=1; AJvYcCVjx4FiJL+5Abztw9qB1MeN//iT6lp9ZVYwR/OcwVYbwSTkkYWuxbWAwj8cqE3Y4BPCKoeDrTYNHPytTd8=@vger.kernel.org X-Gm-Message-State: AOJu0YwJUWo7GfL4BamsWKGUpTNYnJcT8AvkoYw2bmW0HrAzFxYXoymp UTYoPtQFpobAaOvNW6dfZDQaIhOK88oBIvSkNagSEpYjrrjLkAhrEr5u+iNaoB4XctQfdo9IGsi +fOZymhXyk0mpOQ== X-Received: from pfbjt37.prod.google.com ([2002:a05:6a00:91e5:b0:7dd:8bba:63a2]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:cc97:b0:361:63eb:d024 with SMTP id adf61e73a8af0-39545ebdc91mr9012480637.23.1771894520624; Mon, 23 Feb 2026 16:55:20 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:46 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-9-jmattson@google.com> Subject: [PATCH v5 08/10] KVM: x86: nSVM: Save/restore gPAT with KVM_{GET,SET}_NESTED_STATE From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson , Yosry Ahmed Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a 'flags' field to the SVM nested state header, and use bit 0 of the flags to indicate that gPAT is stored in the nested state. If in guest mode with NPT enabled, store the current vmcb->save.g_pat value into the header of the nested state, and set the flag. Note that struct kvm_svm_nested_state_hdr is included in a union padded to 120 bytes, so there is room to add the flags field and the gpat field without changing any offsets. Fixes: cc440cdad5b7 ("KVM: nSVM: implement KVM_GET_NESTED_STATE and KVM_SET= _NESTED_STATE") Signed-off-by: Jim Mattson Reviewed-by: Yosry Ahmed --- arch/x86/include/uapi/asm/kvm.h | 5 +++++ arch/x86/kvm/svm/nested.c | 17 +++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kv= m.h index 846a63215ce1..664d04d1db3f 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -495,6 +495,8 @@ struct kvm_sync_regs { =20 #define KVM_STATE_VMX_PREEMPTION_TIMER_DEADLINE 0x00000001 =20 +#define KVM_STATE_SVM_VALID_GPAT 0x00000001 + /* vendor-independent attributes for system fd (group 0) */ #define KVM_X86_GRP_SYSTEM 0 # define KVM_X86_XCOMP_GUEST_SUPP 0 @@ -531,6 +533,9 @@ struct kvm_svm_nested_state_data { =20 struct kvm_svm_nested_state_hdr { __u64 vmcb_pa; + __u32 flags; + __u32 reserved; + __u64 gpat; }; =20 /* for KVM_CAP_NESTED_STATE */ diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 26f758e294ab..5a35277f2364 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1893,6 +1893,10 @@ static int svm_get_nested_state(struct kvm_vcpu *vcp= u, /* First fill in the header and copy it out. */ if (is_guest_mode(vcpu)) { kvm_state.hdr.svm.vmcb_pa =3D svm->nested.vmcb12_gpa; + if (nested_npt_enabled(svm)) { + kvm_state.hdr.svm.flags |=3D KVM_STATE_SVM_VALID_GPAT; + kvm_state.hdr.svm.gpat =3D svm->vmcb->save.g_pat; + } kvm_state.size +=3D KVM_STATE_NESTED_SVM_VMCB_SIZE; kvm_state.flags |=3D KVM_STATE_NESTED_GUEST_MODE; =20 @@ -2022,6 +2026,14 @@ static int svm_set_nested_state(struct kvm_vcpu *vcp= u, !nested_vmcb_check_save(vcpu, &save_cached, false)) goto out_free; =20 + /* + * Validate gPAT, if provided. This is done separately from the + * vmcb_save_area_cached validation above, because gPAT is L2 + * state, but the vmcb_save_area_cached is populated with L1 state. + */ + if ((kvm_state->hdr.svm.flags & KVM_STATE_SVM_VALID_GPAT) && + !kvm_pat_valid(kvm_state->hdr.svm.gpat)) + goto out_free; =20 /* * All checks done, we can enter guest mode. Userspace provides @@ -2062,6 +2074,11 @@ static int svm_set_nested_state(struct kvm_vcpu *vcp= u, goto out_free; =20 svm_switch_vmcb(svm, &svm->nested.vmcb02); + + if (nested_npt_enabled(svm) && + (kvm_state->hdr.svm.flags & KVM_STATE_SVM_VALID_GPAT)) + vmcb_set_gpat(svm->vmcb, kvm_state->hdr.svm.gpat); + nested_vmcb02_prepare_control(svm, svm->vmcb->save.rip, svm->vmcb->save.c= s.base); =20 svm->nested.force_msr_bitmap_recalc =3D true; --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5598E2566F7 for ; Tue, 24 Feb 2026 00:55:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894525; cv=none; b=EA4NmJG8I1owyCKZP9vxv0gw6FSZNqyeRCimZRfu8s7EiJV9DqUVj6Y6tW+hR7z0yoF9dRz5rPdDiBiXtfC4ka+LzRa8vGKqyinpjUiZ2vszj+Kn/2asiUsnXTKAMLbzOt20VxAInXT2egwC7N3R4rBATBoFXwoaEQG0WXEDYP4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894525; c=relaxed/simple; bh=D0wfVSvJ1UsJp3MyQ6wAzujmp3VR7K5htA+colO4tiU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=aIKnu3QnClqqz4BjYCxLVBlp6zaiQ3EeeheXTPsAWmOEhpuncXZjm9SKJw1If/a+artcP/fyBY21GnxOK3+Q8UYGedyFNI89Vknd8UT4xJIuQ7Wuz26WtpGvEqzEXjtewRdhRaBfxS/3zu2amaw3ndWes7hLlxYpkgg1/txcChg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=pRtpSPsq; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="pRtpSPsq" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-354c0eb08ceso33473217a91.1 for ; Mon, 23 Feb 2026 16:55:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894523; x=1772499323; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=M8RJNlKzUYHH3Z91vbtEnFmofJjfz47joowNwa+7Nt8=; b=pRtpSPsqxIy5r/2Z+T/r2olIPtMJ7f3IGw6jVp878fEgCFA0JD+l9SxYu24VyL2ZqC rzOwO5T/xhkCN2pi3HSlyLeXB8SCUAkYW/TeHpRKP1OcEY+gZN2qV12q+0+rulOWuFpr o/3Uu3rGjR3j6ZVHXU9yfv21+pMOBug1jwj+zPF7XV4Tslc8PYDNKhN20sHz6NkoWI6S 6wD5QZIJsrMzGIrRR8DNhdV1fwZTPw6jdnN6ixcT7BB2cxGrywMkh0IkjEAgob50zXtL 9tftFx3LhXd4KqjM4gvHHSNSmOSyBB8xXsYF+4Fh1vFpeu4pHtZEc4gqJJLbIY7LRubW e2WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894523; x=1772499323; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=M8RJNlKzUYHH3Z91vbtEnFmofJjfz47joowNwa+7Nt8=; b=cfKy4nMfCGnWqPnQPNxaQxvR/TCkRdimQ5G5LpU2l8GOvgMrap8elMQxU7fzTWy0ld XSSRXdRIDODt3TCLbKXj/l7RG1VMr8St0xY8aqi+afKWgETS8SDkUITz8eiHojponX9i Mo+CTSxuEHb8KykcTz51Acp96jPf359Bfeo+6xvRjB6VZ4OPuzbfJpVynKD22M0CEkEX 21yoFbgRKkGhjG0bTS7gDABaLZc4nW0uj2bIBrYe43q0FVd2+cwLoQnnPDwvRo3rZeDw 25m5z13wE1ypv3loELCACZUGiAIg/7kwGj89IzpyAQ0IxPdOAQkttyxMMAj2R7OH59tX 2WOQ== X-Forwarded-Encrypted: i=1; AJvYcCUb097YJXbNkSqLtvR5WxkiNfKd7gVlLP3j6A5khiU7dUjhikz44grolJgIapvKx5kHTgsQo2WLTYVeoi8=@vger.kernel.org X-Gm-Message-State: AOJu0Yw6HD+G7g7fSQgaxe6SpqGRiH3Gzk9X+UYNMLxg8Zg74x4PxiWn zqw/nbJxl7b80E1MBY7herf+lM154ESX6qITjVq9N+CgTNx1otHWoyTbBT06gqC3XlgW25LP+IO ht/hjt4vFBOCoXw== X-Received: from pjug8.prod.google.com ([2002:a17:90a:ce88:b0:354:7c11:76e1]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:56ce:b0:336:9dcf:ed14 with SMTP id 98e67ed59e1d1-358ae8d0c60mr8820057a91.23.1771894522639; Mon, 23 Feb 2026 16:55:22 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:47 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-10-jmattson@google.com> Subject: [PATCH v5 09/10] KVM: x86: nSVM: Handle restore of legacy nested state From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When nested NPT is enabled and KVM_SET_NESTED_STATE is used to restore an old checkpoint (without a valid gPAT), the current IA32_PAT value must be used as L2's gPAT. Unfortunately, checkpoint restore is non-atomic, and the order in which state components are restored is not specified. Hence, the current IA32_PAT value may be restored by KVM_SET_MSRS after KVM_SET_NESTED_STATE. To further complicate matters, there may be a KVM_GET_NESTED_STATE before the next KVM_RUN. Introduce a new boolean, svm->nested.legacy_gpat_semantics. When set, hPAT updates are also applied to gPAT, preserving the old behavior (i.e. L2 shares L1's PAT). Set this boolean when restoring legacy state (i.e. nested NPT is enabled, but no GPAT is provided) in KVM_SET_NESTED_STATE. Clear this boolean in svm_vcpu_pre_run(), to ensure that hPAT and gPAT are decoupled before the vCPU resumes execution. Also clear this boolean when the vCPU is forced out of guest mode by svm_leave_nested(). Signed-off-by: Jim Mattson --- arch/x86/kvm/svm/nested.c | 13 ++++++++++--- arch/x86/kvm/svm/svm.c | 8 ++++++-- arch/x86/kvm/svm/svm.h | 9 +++++++++ 3 files changed, 25 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 5a35277f2364..b68eddcbc217 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1537,6 +1537,7 @@ void svm_leave_nested(struct kvm_vcpu *vcpu) if (is_guest_mode(vcpu)) { svm->nested.nested_run_pending =3D 0; svm->nested.vmcb12_gpa =3D INVALID_GPA; + svm->nested.legacy_gpat_semantics =3D false; =20 leave_guest_mode(vcpu); =20 @@ -2075,9 +2076,15 @@ static int svm_set_nested_state(struct kvm_vcpu *vcp= u, =20 svm_switch_vmcb(svm, &svm->nested.vmcb02); =20 - if (nested_npt_enabled(svm) && - (kvm_state->hdr.svm.flags & KVM_STATE_SVM_VALID_GPAT)) - vmcb_set_gpat(svm->vmcb, kvm_state->hdr.svm.gpat); + svm->nested.legacy_gpat_semantics =3D + nested_npt_enabled(svm) && + !(kvm_state->hdr.svm.flags & KVM_STATE_SVM_VALID_GPAT); + if (nested_npt_enabled(svm)) { + u64 g_pat =3D svm->nested.legacy_gpat_semantics ? + vcpu->arch.pat : kvm_state->hdr.svm.gpat; + + vmcb_set_gpat(svm->nested.vmcb02.ptr, g_pat); + } =20 nested_vmcb02_prepare_control(svm, svm->vmcb->save.rip, svm->vmcb->save.c= s.base); =20 diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 00dba10991a5..ac45702f566e 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2727,7 +2727,8 @@ static bool svm_pat_accesses_gpat(struct kvm_vcpu *vc= pu, bool from_host) * with older kernels. */ WARN_ON_ONCE(from_host && vcpu->wants_to_run); - return !from_host && is_guest_mode(vcpu) && nested_npt_enabled(svm); + return !svm->nested.legacy_gpat_semantics && !from_host && + is_guest_mode(vcpu) && nested_npt_enabled(svm); } =20 static u64 svm_get_pat(struct kvm_vcpu *vcpu, bool from_host) @@ -2749,7 +2750,8 @@ static void svm_set_pat(struct kvm_vcpu *vcpu, bool f= rom_host, u64 data) if (npt_enabled) { vmcb_set_gpat(svm->vmcb01.ptr, data); if (is_guest_mode(&svm->vcpu) && - !nested_npt_enabled(svm)) + (svm->nested.legacy_gpat_semantics || + !nested_npt_enabled(svm))) vmcb_set_gpat(svm->vmcb, data); } } @@ -4262,6 +4264,8 @@ static int svm_vcpu_pre_run(struct kvm_vcpu *vcpu) if (to_kvm_sev_info(vcpu->kvm)->need_init) return -EINVAL; =20 + to_svm(vcpu)->nested.legacy_gpat_semantics =3D false; + return 1; } =20 diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 58b0b935d049..626efef878a5 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -238,6 +238,15 @@ struct svm_nested_state { * on its side. */ bool force_msr_bitmap_recalc; + + /* + * Indicates that a legacy nested state (without a valid gPAT) was + * recently restored. Until the next KVM_RUN, updates to hPAT are + * also applied to gPAT, preserving legacy behavior (i.e. L2 shares + * L1's PAT). Because checkpoint restore is non-atomic, this + * complication is necessary for backward compatibility. + */ + bool legacy_gpat_semantics; }; =20 struct vcpu_sev_es_state { --=20 2.53.0.371.g1d285c8824-goog From nobody Sun Apr 5 19:43:23 2026 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C64A126ED41 for ; Tue, 24 Feb 2026 00:55:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894527; cv=none; b=LqQo7QYKe1FKrkUQw+CFEER9oFk+krq2K2b4JAKFx0sOCBJqYzF74ImavT+SivgWkgxUGZo628+tz4WqCD+k+VRUkTdQ/6J0m9g7LJXNYqMCSCYE5n6edigo0fc67//sqjSkV2V6TW4e+T/ItYODWACwGNEOX7KXES/hjUiIklI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771894527; c=relaxed/simple; bh=cNGoMhrEmduGbWjY4FA9z+gPzGcGxMLCHPmhduQueFQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=BtxcJKUtZcADFiQzPcD5GKp5AeRTBrZbMK81xe4fTbtHg98zgC0V5ld4j1R3C9VD2bTEFGuE0WMEf0RI1Iu2zK1nIH8JJSRefkfWuqex84AZkzBnqU398ghDT+QGpEV0R/DYfVYqEAbmm7uRBh4HZl2Njfi5VhMAcY/L7rpP0k8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=r/0+J5Ma; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--jmattson.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="r/0+J5Ma" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-35301003062so37684463a91.2 for ; Mon, 23 Feb 2026 16:55:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771894524; x=1772499324; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=cFRm3EFhjwY+SbpgZe9oDm3zxvK0CDmeo2eUxmVa64Y=; b=r/0+J5Ma/ZEVJXM+H3dG1skMq9Q+NoCl7FKhPpjJshd1GjSyBvjmUXix2kbaEDL18k LUy0IVQf1uzzzSu1JTX1PhSzdzJOPAAjk0UFTZEFuTJbagTUs8kVeIaWVWocXeFX6D7o jsa7X83IlLKslGdz2uEx6zw16cp+ztbEX/OkyisUSTVRDHIaKnTZk2X8VmpYP4/c3TqW OCPyxsw4xHjmtq89KCAnLudx8PHmq6TL589VAmiftgHiznmGkkMec3OpD+ub7Wgqa0MF PP1EQQeTGXEiL4xFgcsjLCubrEgPQQzceWeur1JohBw5Ptb8SyQu5bXNNvVqZSgfwvKk POyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771894524; x=1772499324; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cFRm3EFhjwY+SbpgZe9oDm3zxvK0CDmeo2eUxmVa64Y=; b=MzTG31ZCPGe8S3xwpkmkjDiP1eNPlB2CryhqFSsCqDj+P15QrIjlI0ul0nQ93aINBx BPlOtd8hCfolPWBfo3/jjCGFqyJEKv+uwd6+Iy6Kh83MJHCH1UlnMQ3dRDbjVvnzGYdq ZaBVDvHO2EltR9bvCJnCRN0nlQuF8qGxrpWpBstXNRptYVkbGpDRM0NOuuKVVOCCNJs8 hWyrGfWpSrP7e47WjYHOC7YnpQK/7aZz+DIdP06O0i8yOitzmmLF2u40iCi1XNyTYBXw 84tlf8u4B1Yntd/IUr5pNPDz0EP9L5lltcpczb5D/1BOZ7qtmroZUkpYC9TsHv2z4pvR gIhA== X-Forwarded-Encrypted: i=1; AJvYcCXkUwvqv3lhSLjXvN8ZMfKqvlWczAxlpmg4gxCsqPKlwkBfFH1lMemEFBBLLuLCkz4Hh3VobHzcan8W4BM=@vger.kernel.org X-Gm-Message-State: AOJu0YwEgslX+n2v/ZTwirSqxKwslZfAWlslN6dt4qW2cw6O2sjp+rDS szTdreTsUdzHFgKjg2UJoyW4C4NsiHR4OCCgizrU34b+qwBOxG4JdqNJQ+6zABSlOtBENYHVjij +h2HoN78V4KvmZA== X-Received: from pjbsp12.prod.google.com ([2002:a17:90b:52cc:b0:358:e3db:b6c7]) (user=jmattson job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:1348:b0:32e:7270:9499 with SMTP id 98e67ed59e1d1-358ae6b1a02mr7861198a91.0.1771894523994; Mon, 23 Feb 2026 16:55:23 -0800 (PST) Date: Mon, 23 Feb 2026 16:54:48 -0800 In-Reply-To: <20260224005500.1471972-1-jmattson@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260224005500.1471972-1-jmattson@google.com> X-Mailer: git-send-email 2.53.0.371.g1d285c8824-goog Message-ID: <20260224005500.1471972-11-jmattson@google.com> Subject: [PATCH v5 10/10] KVM: selftests: nSVM: Add svm_nested_pat test From: Jim Mattson To: Sean Christopherson , Paolo Bonzini , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Shuah Khan , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Yosry Ahmed Cc: Jim Mattson Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Verify that KVM correctly virtualizes the host PAT MSR and the guest PAT register for nested SVM guests. With nested NPT disabled: * L1 and L2 share the same PAT * The vmcb12.g_pat is ignored With nested NPT enabled: * An invalid g_pat in vmcb12 causes VMEXIT_INVALID * RDMSR(IA32_PAT) from L2 returns the value of the guest PAT register * WRMSR(IA32_PAT) from L2 is reflected in vmcb12's g_pat on VMEXIT * RDMSR(IA32_PAT) from L1 returns the value of the host PAT MSR * Save/restore with the vCPU in guest mode preserves both hPAT and gPAT Signed-off-by: Jim Mattson --- tools/testing/selftests/kvm/Makefile.kvm | 1 + .../selftests/kvm/x86/svm_nested_pat_test.c | 298 ++++++++++++++++++ 2 files changed, 299 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86/svm_nested_pat_test.c diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index 36b48e766e49..08a7bec34e4b 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -110,6 +110,7 @@ TEST_GEN_PROGS_x86 +=3D x86/state_test TEST_GEN_PROGS_x86 +=3D x86/vmx_preemption_timer_test TEST_GEN_PROGS_x86 +=3D x86/svm_vmcall_test TEST_GEN_PROGS_x86 +=3D x86/svm_int_ctl_test +TEST_GEN_PROGS_x86 +=3D x86/svm_nested_pat_test TEST_GEN_PROGS_x86 +=3D x86/svm_nested_shutdown_test TEST_GEN_PROGS_x86 +=3D x86/svm_nested_soft_inject_test TEST_GEN_PROGS_x86 +=3D x86/svm_lbr_nested_state diff --git a/tools/testing/selftests/kvm/x86/svm_nested_pat_test.c b/tools/= testing/selftests/kvm/x86/svm_nested_pat_test.c new file mode 100644 index 000000000000..08c1428969b0 --- /dev/null +++ b/tools/testing/selftests/kvm/x86/svm_nested_pat_test.c @@ -0,0 +1,298 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * KVM nested SVM PAT test + * + * Copyright (C) 2026, Google LLC. + * + * Test that KVM correctly virtualizes the PAT MSR and VMCB g_pat field + * for nested SVM guests: + * + * o With nested NPT disabled: + * - L1 and L2 share the same PAT + * - The vmcb12.g_pat is ignored + * o With nested NPT enabled: + * - Invalid g_pat in vmcb12 should cause VMEXIT_INVALID + * - L2 should see vmcb12.g_pat via RDMSR, not L1's PAT + * - L2's writes to PAT should be saved to vmcb12 on exit + * - L1's PAT should be restored after #VMEXIT from L2 + * - State save/restore should preserve both L1's and L2's PAT values + */ +#include +#include +#include +#include + +#include "test_util.h" +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" + +#define L2_GUEST_STACK_SIZE 256 + +#define PAT_DEFAULT 0x0007040600070406ULL +#define L1_PAT_VALUE 0x0007040600070404ULL /* Change PA0 to WT */ +#define L2_VMCB12_PAT 0x0606060606060606ULL /* All WB */ +#define L2_PAT_MODIFIED 0x0606060606060604ULL /* Change PA0 to WT */ +#define INVALID_PAT_VALUE 0x0808080808080808ULL /* 8 is reserved */ + +/* + * Shared state between L1 and L2 for verification. + */ +struct pat_test_data { + uint64_t l2_pat_read; + uint64_t l2_pat_after_write; + uint64_t l1_pat_after_vmexit; + uint64_t vmcb12_gpat_after_exit; + bool l2_done; +}; + +static struct pat_test_data *pat_data; + +static void l2_guest_code(void) +{ + pat_data->l2_pat_read =3D rdmsr(MSR_IA32_CR_PAT); + wrmsr(MSR_IA32_CR_PAT, L2_PAT_MODIFIED); + pat_data->l2_pat_after_write =3D rdmsr(MSR_IA32_CR_PAT); + pat_data->l2_done =3D true; + vmmcall(); +} + +static void l2_guest_code_saverestoretest(void) +{ + pat_data->l2_pat_read =3D rdmsr(MSR_IA32_CR_PAT); + + GUEST_SYNC(1); + GUEST_ASSERT_EQ(rdmsr(MSR_IA32_CR_PAT), pat_data->l2_pat_read); + + wrmsr(MSR_IA32_CR_PAT, L2_PAT_MODIFIED); + pat_data->l2_pat_after_write =3D rdmsr(MSR_IA32_CR_PAT); + + GUEST_SYNC(2); + GUEST_ASSERT_EQ(rdmsr(MSR_IA32_CR_PAT), L2_PAT_MODIFIED); + + pat_data->l2_done =3D true; + vmmcall(); +} + +static void l2_guest_code_multi_vmentry(void) +{ + pat_data->l2_pat_read =3D rdmsr(MSR_IA32_CR_PAT); + wrmsr(MSR_IA32_CR_PAT, L2_PAT_MODIFIED); + pat_data->l2_pat_after_write =3D rdmsr(MSR_IA32_CR_PAT); + vmmcall(); + + pat_data->l2_pat_read =3D rdmsr(MSR_IA32_CR_PAT); + pat_data->l2_done =3D true; + vmmcall(); +} + +static struct vmcb *l1_common_setup(struct svm_test_data *svm, + struct pat_test_data *data, + void *l2_guest_code, + void *l2_guest_stack) +{ + struct vmcb *vmcb =3D svm->vmcb; + + pat_data =3D data; + + wrmsr(MSR_IA32_CR_PAT, L1_PAT_VALUE); + GUEST_ASSERT_EQ(rdmsr(MSR_IA32_CR_PAT), L1_PAT_VALUE); + + generic_svm_setup(svm, l2_guest_code, l2_guest_stack); + + vmcb->save.g_pat =3D L2_VMCB12_PAT; + vmcb->control.intercept &=3D ~(1ULL << INTERCEPT_MSR_PROT); + + return vmcb; +} + +static void l1_assert_l2_state(struct pat_test_data *data, uint64_t expect= ed_pat_read) +{ + GUEST_ASSERT(data->l2_done); + GUEST_ASSERT_EQ(data->l2_pat_read, expected_pat_read); + GUEST_ASSERT_EQ(data->l2_pat_after_write, L2_PAT_MODIFIED); +} + +static void l1_svm_code_npt_disabled(struct svm_test_data *svm, + struct pat_test_data *data) +{ + unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; + struct vmcb *vmcb; + + vmcb =3D l1_common_setup(svm, data, l2_guest_code, + &l2_guest_stack[L2_GUEST_STACK_SIZE]); + + run_guest(vmcb, svm->vmcb_gpa); + + GUEST_ASSERT_EQ(vmcb->control.exit_code, SVM_EXIT_VMMCALL); + l1_assert_l2_state(data, L1_PAT_VALUE); + + data->l1_pat_after_vmexit =3D rdmsr(MSR_IA32_CR_PAT); + GUEST_ASSERT_EQ(data->l1_pat_after_vmexit, L2_PAT_MODIFIED); + + GUEST_DONE(); +} + +static void l1_svm_code_invalid_gpat(struct svm_test_data *svm, + struct pat_test_data *data) +{ + unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; + struct vmcb *vmcb; + + vmcb =3D l1_common_setup(svm, data, l2_guest_code, + &l2_guest_stack[L2_GUEST_STACK_SIZE]); + + vmcb->save.g_pat =3D INVALID_PAT_VALUE; + + run_guest(vmcb, svm->vmcb_gpa); + + GUEST_ASSERT_EQ(vmcb->control.exit_code, SVM_EXIT_ERR); + GUEST_ASSERT(!data->l2_done); + + GUEST_DONE(); +} + +static void l1_svm_code_npt_enabled(struct svm_test_data *svm, + struct pat_test_data *data) +{ + unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; + struct vmcb *vmcb; + + vmcb =3D l1_common_setup(svm, data, l2_guest_code, + &l2_guest_stack[L2_GUEST_STACK_SIZE]); + + run_guest(vmcb, svm->vmcb_gpa); + + GUEST_ASSERT_EQ(vmcb->control.exit_code, SVM_EXIT_VMMCALL); + l1_assert_l2_state(data, L2_VMCB12_PAT); + + data->vmcb12_gpat_after_exit =3D vmcb->save.g_pat; + GUEST_ASSERT_EQ(data->vmcb12_gpat_after_exit, L2_PAT_MODIFIED); + + data->l1_pat_after_vmexit =3D rdmsr(MSR_IA32_CR_PAT); + GUEST_ASSERT_EQ(data->l1_pat_after_vmexit, L1_PAT_VALUE); + + GUEST_DONE(); +} + +static void l1_svm_code_saverestore(struct svm_test_data *svm, + struct pat_test_data *data) +{ + unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; + struct vmcb *vmcb; + + vmcb =3D l1_common_setup(svm, data, l2_guest_code_saverestoretest, + &l2_guest_stack[L2_GUEST_STACK_SIZE]); + + run_guest(vmcb, svm->vmcb_gpa); + + GUEST_ASSERT_EQ(vmcb->control.exit_code, SVM_EXIT_VMMCALL); + GUEST_ASSERT(data->l2_done); + + GUEST_ASSERT_EQ(rdmsr(MSR_IA32_CR_PAT), L1_PAT_VALUE); + GUEST_ASSERT_EQ(vmcb->save.g_pat, L2_PAT_MODIFIED); + + GUEST_DONE(); +} + +static void l1_svm_code_multi_vmentry(struct svm_test_data *svm, + struct pat_test_data *data) +{ + unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; + struct vmcb *vmcb; + + vmcb =3D l1_common_setup(svm, data, l2_guest_code_multi_vmentry, + &l2_guest_stack[L2_GUEST_STACK_SIZE]); + + run_guest(vmcb, svm->vmcb_gpa); + GUEST_ASSERT_EQ(vmcb->control.exit_code, SVM_EXIT_VMMCALL); + + GUEST_ASSERT_EQ(data->l2_pat_after_write, L2_PAT_MODIFIED); + GUEST_ASSERT_EQ(vmcb->save.g_pat, L2_PAT_MODIFIED); + GUEST_ASSERT_EQ(rdmsr(MSR_IA32_CR_PAT), L1_PAT_VALUE); + + vmcb->save.rip +=3D 3; /* vmmcall */ + run_guest(vmcb, svm->vmcb_gpa); + + GUEST_ASSERT_EQ(vmcb->control.exit_code, SVM_EXIT_VMMCALL); + GUEST_ASSERT(data->l2_done); + GUEST_ASSERT_EQ(data->l2_pat_read, L2_PAT_MODIFIED); + GUEST_ASSERT_EQ(rdmsr(MSR_IA32_CR_PAT), L1_PAT_VALUE); + + GUEST_DONE(); +} + +static void run_test(void *l1_code, const char *test_name, bool npt_enable= d, + bool do_save_restore) +{ + struct pat_test_data *data_hva; + vm_vaddr_t svm_gva, data_gva; + struct kvm_x86_state *state; + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + struct ucall uc; + + pr_info("Testing: %s\n", test_name); + + vm =3D vm_create_with_one_vcpu(&vcpu, l1_code); + if (npt_enabled) + vm_enable_npt(vm); + + vcpu_alloc_svm(vm, &svm_gva); + + data_gva =3D vm_vaddr_alloc_page(vm); + data_hva =3D addr_gva2hva(vm, data_gva); + memset(data_hva, 0, sizeof(*data_hva)); + + if (npt_enabled) + tdp_identity_map_default_memslots(vm); + + vcpu_args_set(vcpu, 2, svm_gva, data_gva); + + for (;;) { + vcpu_run(vcpu); + TEST_ASSERT_KVM_EXIT_REASON(vcpu, KVM_EXIT_IO); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + /* NOT REACHED */ + case UCALL_SYNC: + if (do_save_restore) { + pr_info(" Save/restore at sync point %ld\n", + uc.args[1]); + state =3D vcpu_save_state(vcpu); + kvm_vm_release(vm); + vcpu =3D vm_recreate_with_one_vcpu(vm); + vcpu_load_state(vcpu, state); + kvm_x86_state_cleanup(state); + } + break; + case UCALL_DONE: + pr_info(" PASSED\n"); + kvm_vm_free(vm); + return; + default: + TEST_FAIL("Unknown ucall %lu", uc.cmd); + } + } +} + +int main(int argc, char *argv[]) +{ + TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SVM)); + TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_NPT)); + TEST_REQUIRE(kvm_has_cap(KVM_CAP_NESTED_STATE)); + + run_test(l1_svm_code_npt_disabled, "nested NPT disabled", false, false); + + run_test(l1_svm_code_invalid_gpat, "invalid g_pat", true, false); + + run_test(l1_svm_code_npt_enabled, "nested NPT enabled", true, false); + + run_test(l1_svm_code_saverestore, "save/restore", true, true); + + run_test(l1_svm_code_multi_vmentry, "multiple entries", true, false); + + return 0; +} --=20 2.53.0.371.g1d285c8824-goog