From nobody Sun Apr 5 16:28:28 2026 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4FA0A27E1DC for ; Sat, 28 Feb 2026 03:33:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249615; cv=none; b=mKBTMODBHO30KloResOGz1spMnsj6V4/mdiVZwGeSBzKdwyTz4VKWaq3C4oSeRsv3cBMRAziccCyLHEqsH+VaqkAb9lZNbO1b2u4nK7gNyaxMLgvsH/QQp7bSrNfaywO43Jpd9VXlHfBmWzL5iuHwtX6OPgltsCy3E7XtRIZ0QY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249615; c=relaxed/simple; bh=QeMp4SItLEY+RtGFw9jYs1xeLiZhCoFEz023scLX/I0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ffeVYAzHr0nla1qQvAjR4IG9SrkOqLmJYPIzC6Nzl6IR6ANXVBBfwu6gkmVcZmeuBHkM5DM9HI6IRMt5HlwVCWHEAnHVgrNtyasljDkHbRCT8RmOmkbgTdCZS8/tS+lv73/PWD+RgM9LsFcnqo8QbqDKYUKfAnssL3oQlf/6ubo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=l28WjmCR; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="l28WjmCR" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-3593c55e434so2541911a91.1 for ; Fri, 27 Feb 2026 19:33:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1772249614; x=1772854414; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=GMeckVBCJeT9+5nk88sC0zbSpPJ6gkZiJXCizVZfHao=; b=l28WjmCRRpREE2KrbLLK7wy/j7KLff0QU7tGltj9VjCcO5vhBC6JlelyFzMkRMpJMW /JT9zVqmsovVIO2MbWcHVCkOr/ICwIQ9gXRRKWIDs3GAXsMRAoPwso89dVJUPFwPn7bB 5NvmahBGntsXrzcL+tzyUa1bO259CPoRWUJ4z4ZT56UMbS+En4Pyi8lbyprnFhjiuhnD Q6aopBlqpAWw82znBxIgf6p00wiw02F2HdMrkm8mzwsLcJD9VcFntDr9KhZ+mV4978Q/ VThAPQ3QcFQvRpqV4a5UhHSGre08Mavg+ipKRs5Q7Sxa+iCG3PQw6+CQAR0cbeqlyaB/ mXPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772249614; x=1772854414; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=GMeckVBCJeT9+5nk88sC0zbSpPJ6gkZiJXCizVZfHao=; b=eAqs0cKJ1IsJE58S0sUgtpRyU3rpExUpb9IEWiukNvuYDyPT/xMn5zPVl4BsTMXZnj F/TxTVOoEE9Xpi2l83WPlE6ovih/61ClHkoQEBNm97SwE98KkemPkCxvZWyABG8BaL7N QGBExqiLHyJml7Bm5QUy2ahp14eHAWzCPIhZ9xAxajLfB9IdcSfkK2EL6+4xEzg6+C7i DACsXimXHkJw9FRLCCQ1PPpivTdtO58wngPg7oilVwfRFu/jHo7T933SwxdxZmuFK/9i H5B8tbc61CM96EGsrIxK9Lw5l+/8j/8bH+uM0XHEkV+sWgfDt7GEMyNxfuRPENbFYjOO 5S4A== X-Forwarded-Encrypted: i=1; AJvYcCUDOxd2svU2oxqEkEUT/EQBZIwvrdaknUMVuO+EjiXRxBXnHa5MrdnoYyQ6IEacffpWzT04dAZAoufxrcw=@vger.kernel.org X-Gm-Message-State: AOJu0YzE7NOdNN7EmPFC2hMRrfvJvqYQf7sxv8vWdaXvfl7RrC4sUIbB NNTlG3Al39RUAIsd2X6wYS7uUWeB972TXHny0FYLRzEC/3TIeb+e6oe96rLCfBcYaLKN/6hWIAC Rb38VyUbG8QfIuQ== X-Received: from pjbpi2.prod.google.com ([2002:a17:90b:1e42:b0:359:bc4:636]) (user=chengkev job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:da85:b0:358:ed1d:2834 with SMTP id 98e67ed59e1d1-35968faa663mr4320102a91.6.1772249613484; Fri, 27 Feb 2026 19:33:33 -0800 (PST) Date: Sat, 28 Feb 2026 03:33:25 +0000 In-Reply-To: <20260228033328.2285047-1-chengkev@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260228033328.2285047-1-chengkev@google.com> X-Mailer: git-send-email 2.53.0.473.g4a7958ca14-goog Message-ID: <20260228033328.2285047-2-chengkev@google.com> Subject: [PATCH V4 1/4] KVM: SVM: Move STGI and CLGI intercept handling From: Kevin Cheng To: seanjc@google.com, pbonzini@redhat.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, yosry@kernel.org, Kevin Cheng Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add STGI/CLGI intercept handling to svm_recalc_instruction_intercepts() in preparation for making the function EFER-aware. A later patch will recalculate instruction intercepts when EFER.SVME is toggled, which is needed to inject #UD on STGI/CLGI when the guest clears EFER.SVME. When clearing the STGI intercept with vgif enabled, request KVM_REQ_EVENT if there is a pending GIF-controlled event. This avoids breaking NMI/SMI window tracking, as enable_{nmi,smi}_window() sets INTERCEPT_STGI to detect when NMIs become unblocked. KVM_REQ_EVENT forces kvm_check_and_inject_events() to re-evaluate pending events and re-enable the intercept if needed. Extract the pending GIF event check into a helper function svm_has_pending_gif_event() to deduplicate the logic between svm_recalc_instruction_intercepts() and svm_set_gif(). Signed-off-by: Kevin Cheng --- arch/x86/kvm/svm/svm.c | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 8f8bc863e2143..25b15934330bb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1009,6 +1009,14 @@ void svm_write_tsc_multiplier(struct kvm_vcpu *vcpu) preempt_enable(); } +static bool svm_has_pending_gif_event(struct vcpu_svm *svm) +{ + return svm->vcpu.arch.smi_pending || + svm->vcpu.arch.nmi_pending || + kvm_cpu_has_injectable_intr(&svm->vcpu) || + kvm_apic_has_pending_init_or_sipi(&svm->vcpu); +} + /* Evaluate instruction intercepts that depend on guest CPUID features. */ static void svm_recalc_instruction_intercepts(struct kvm_vcpu *vcpu) { @@ -1050,6 +1058,20 @@ static void svm_recalc_instruction_intercepts(struct= kvm_vcpu *vcpu) svm_clr_intercept(svm, INTERCEPT_VMLOAD); svm_clr_intercept(svm, INTERCEPT_VMSAVE); } + + if (vgif) { + /* + * If there is a pending interrupt controlled by GIF, set + * KVM_REQ_EVENT to re-evaluate if the intercept needs to be set + * again to track when GIF is re-enabled (e.g. for NMI + * injection). + */ + svm_clr_intercept(svm, INTERCEPT_STGI); + if (svm_has_pending_gif_event(svm)) + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); + + svm_clr_intercept(svm, INTERCEPT_CLGI); + } } if (kvm_need_rdpmc_intercept(vcpu)) @@ -2320,10 +2342,7 @@ void svm_set_gif(struct vcpu_svm *svm, bool value) svm_clear_vintr(svm); enable_gif(svm); - if (svm->vcpu.arch.smi_pending || - svm->vcpu.arch.nmi_pending || - kvm_cpu_has_injectable_intr(&svm->vcpu) || - kvm_apic_has_pending_init_or_sipi(&svm->vcpu)) + if (svm_has_pending_gif_event(svm)) kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); } else { disable_gif(svm); -- 2.53.0.473.g4a7958ca14-goog From nobody Sun Apr 5 16:28:28 2026 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DA4772D978C for ; Sat, 28 Feb 2026 03:33:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249616; cv=none; b=XsuPntdqsFDTJNP8mBwWJiiPG9+NAyBKieIvx2vF8fuGue3qXehVZ6sE99izG6uOMx+4cJjwT4+EoBpQzVmjMo69oE2slQBaXk0CUzXqPU/IZMzgaQWdY7Irj6XbArV/bxuzgBU8FEtgvCTkFyl2rqUyY+1IweVPFkMqC4FI+Kk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249616; c=relaxed/simple; bh=REyT1G9FpNn5qNarjefpEbiAs8imk6e7vxUrBsAhh6k=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=YE9CzDujy0ejqyPkifcbVWSCwSTN3rNxC4NCX/7DULjEq2wPP5uPIcL9CQzU1CG01ip6HnCqTyslEKffWSZtE+dNFMzCoumO7Uy42303tOQ3JRNiCMJODnfcEIX8JSbl1sPM297r+6FVVEmJI0NSNkIbNbl8NeyEDnYNiRsvPbw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=byvqLijD; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="byvqLijD" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-354c0234c1fso1773477a91.2 for ; Fri, 27 Feb 2026 19:33:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1772249615; x=1772854415; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=p2bfImGdIG+xeppbQBLGWsINeVh1ZuCF8UpEceLrB0k=; b=byvqLijDYS1ARZHOss4Te1V/eNiXHMYsYfxilzSmquoyyJdnTZSIuVfO+HUBEV/j0J Z9jagL3st+5haVfcSQrNylaQffoJo4xTOJiNCakNfxJ2o+VYnxqyBaP+iNrwTsBooxGk MJLtJ+ZGCWR2ZntPQKVy0OT/xX8Vp81dbu758in8FhBr/dW5fWDouJnP6ai15tAXc3vj uaxNPrbB7/VJ8ma6AJbkiXaLeMtjEE/ttdbbeUfv0PQxj43Jh39XUxwNsmBvdV1ttnKC IufmxX/4FGexN6BjyPi2mIn827EeIHLoYI4UOlwRMHHMfsDQeK9v9Pb+TxlKUljSdsrm RGSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772249615; x=1772854415; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=p2bfImGdIG+xeppbQBLGWsINeVh1ZuCF8UpEceLrB0k=; b=NTTlwL34dS3GKYNq6Bha9/AfvuRVuAN94YrIYUW8V0NFvHRrixdTOIU9wTtfdWMqzB Z1zZ+A8oEx+fuU3N3/jxE1nutJ4AGuo5/OJqcYduGown04jO0pDoMFBxamWxMzNyURaa 2rcO5BHtHiyknSxUr4hpKHngrqjJThPQ1CfsKQ7+RgSX1RgVryTz/4nhtcfot5WgZbwS oOdiS6Mkd301HWzLThxGM0KB3pvS0MSuLaM3V1LyXS0YLPXOGbmTaLzkYQYNwDWzxGY2 IlVfayYrH+qVFRXDaEP8+NRaelTAV5YqRMNSAI+T/i17XoTwB6onhSI3e95QhlUh2T+j sWYQ== X-Forwarded-Encrypted: i=1; AJvYcCVBOfX1Ff7SLpBEv/s1c3WWQiJLokJ9xnFhUjSI5cE7wp3nu5qFI5sKlv+Nn89KF4tv2NWQvfGny4YQHjQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yx38vSWpFRMXQn34ZU19L0sKPZkjeWjOlHiXQSxkxDzHQYaXEAW HWGbzrUNQPtEG58Rpbirzq+Qeo6VaWn2Ug4rstX+6IvSYwxn0MWJ5f/Uz3Cvkd131oY1rGtr5Q2 IEqvqE17RYZv1UQ== X-Received: from pjtu4.prod.google.com ([2002:a17:90a:c884:b0:352:d931:fa5b]) (user=chengkev job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5747:b0:340:25f0:a9b with SMTP id 98e67ed59e1d1-35965ce437amr4747029a91.33.1772249615193; Fri, 27 Feb 2026 19:33:35 -0800 (PST) Date: Sat, 28 Feb 2026 03:33:26 +0000 In-Reply-To: <20260228033328.2285047-1-chengkev@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260228033328.2285047-1-chengkev@google.com> X-Mailer: git-send-email 2.53.0.473.g4a7958ca14-goog Message-ID: <20260228033328.2285047-3-chengkev@google.com> Subject: [PATCH V4 2/4] KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 From: Kevin Cheng To: seanjc@google.com, pbonzini@redhat.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, yosry@kernel.org, Kevin Cheng , Yosry Ahmed Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inject #UD when EFER.SVME=3D0. Signed-off-by: Kevin Cheng Reviewed-by: Yosry Ahmed --- arch/x86/kvm/svm/svm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 25b15934330bb..249bc3efe993a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2386,6 +2386,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva =3D kvm_rax_read(vcpu); u32 asid =3D kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva =3D (u32)gva; -- 2.53.0.473.g4a7958ca14-goog From nobody Sun Apr 5 16:28:28 2026 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B84B2DC76C for ; Sat, 28 Feb 2026 03:33:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249618; cv=none; b=G8gqbhc5QFCvonEmQzx28RXD1Xf123BS04Ge4J2YqKFLVvXo0Gk00dVIkyhOgDe86wMfQAqCg+Ey+A5HsWzk3QJyiC7J4NbQito4fnikVG18lwbc1rhBQCuRIO/1eTtVXzEzEmX+O+DXbZZVquD/b2hLaeE+z3xZtRIBoAl/yuY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249618; c=relaxed/simple; bh=TMlSqCyWvJ5+oyMgoxICTdMjB6gA1+Lo1/8Yg28tCac=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=GgIPM74GNIqkXsszy7G3xaPpMHV1YG3zG/6WYGrUuCzJQB8ptO4FP2CG+DgmXV7NgI07gYioHYYC35aGxxmpoEVZP5p5aruSrnPJcTPsTLTdEW3+Qzd0MHFqbmtdISfzGLUBM06los21A3e1s9lrXECpEe6VwlKMEz8IUG6qW8Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Ug5x1mup; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Ug5x1mup" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-2addb9ba334so26048555ad.2 for ; Fri, 27 Feb 2026 19:33:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1772249617; x=1772854417; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=KECV5NM5vA0Sv5chR0aDxTLlt1UbjfAsSg2hi5p5zD8=; b=Ug5x1mupzby7JS+XXXkRWin4EQEn3O/iVyug0evHCDvMJLRvJY9XpjviStFzgU4xDF BowPumWwYPrfdZ0lZaly+ts01qZLa9/9tO1OdCUbGBxTZMQ92ZqWGOU52EWPiKJ+yZ6U IFzN+2/dtfpjvotcbEB/pRvUAxTYjk8ok6H4/KGe/nwaBlVRTxCVR8d4Xsh8WbeJ0Tun 0HM3iW1MT4Kw6uGnk4alFvsWMqDcpojhhpXT9NCS0lYnHca3sj9O5gzRdKaDni40uYS6 rksabqlTL/rZOn6f+MLhU0CqcTlQogUNxn0r466U2uUauRXuwXRuNOjDmHd52noYXVKM SvOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772249617; x=1772854417; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KECV5NM5vA0Sv5chR0aDxTLlt1UbjfAsSg2hi5p5zD8=; b=uaj11JpBSmr0ChtmH9Q81ENJEBuUYAy48eje2JK2/vnRzKgm2MDFMGBgAfOTxZv897 ApQJdLPFRHZTFQXSltDU2l05Hh6UkQFreVtuPJZsguZL8lhUkJ1jYeLcOgCPdDCMYeWQ uSQ0ZQtKKoQUX8+e8tH/20+YxcB+9bBLgKWHsD5ouJ9P9Rv+iqqP38q7n6i9576EzeYh PUigcKaa+uDJxRo6Dpc8wm/hXjjcuQTuYKBGvqf7nh5AUQLwf7Xo1W9oGKO1P3pJNRrL LnEFM3XX98PWqJPqhhjurLs1Zj22bxbVyjeRFExtJ0Rcd4s4aL/4IsNTWGXHZGURWGeH /O+A== X-Forwarded-Encrypted: i=1; AJvYcCWc4mSGJgKQN8YqQy9UKxDgay+VOG1mQ4A9qVZYnrCB5Kk79zjaV1M36S7sGtnuFhGDIYSPwG4QXtZcH+k=@vger.kernel.org X-Gm-Message-State: AOJu0YwEHGDYfpFhpviq8rqTn6u8dsO5zi+iM1ud+pvXa3nrPsHXSpng 4MPmQvWxGpIaYGFmbAMSm3ElWM9U/dgnyrMw+gxytD/Tjeu14ZTxVQZoSzJskAt6llyK3F9eIgn elYhTOx/LpyoYYQ== X-Received: from pltt19.prod.google.com ([2002:a17:902:d153:b0:2ab:4d9c:3c06]) (user=chengkev job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:41cb:b0:2ad:9421:613c with SMTP id d9443c01a7336-2ae2e400d0fmr40863855ad.21.1772249616796; Fri, 27 Feb 2026 19:33:36 -0800 (PST) Date: Sat, 28 Feb 2026 03:33:27 +0000 In-Reply-To: <20260228033328.2285047-1-chengkev@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260228033328.2285047-1-chengkev@google.com> X-Mailer: git-send-email 2.53.0.473.g4a7958ca14-goog Message-ID: <20260228033328.2285047-4-chengkev@google.com> Subject: [PATCH V4 3/4] KVM: SVM: Recalc instructions intercepts when EFER.SVME is toggled From: Kevin Cheng To: seanjc@google.com, pbonzini@redhat.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, yosry@kernel.org, Kevin Cheng Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The AMD APM states that VMRUN, VMLOAD, VMSAVE, CLGI, VMMCALL, and INVLPGA instructions should generate a #UD when EFER.SVME is cleared. Currently, when VMLOAD, VMSAVE, or CLGI are executed in L1 with EFER.SVME cleared, no #UD is generated in certain cases. This is because the intercepts for these instructions are cleared based on whether or not vls or vgif is enabled. The #UD fails to be generated when the intercepts are absent. Fix the missing #UD generation by ensuring that all relevant instructions have intercepts set when SVME.EFER is disabled. VMMCALL is special because KVM's ABI is that VMCALL/VMMCALL are always supported for L1 and never fault. Signed-off-by: Kevin Cheng --- arch/x86/kvm/svm/svm.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 249bc3efe993a..f8f9b7a124c36 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -244,6 +244,8 @@ int svm_set_efer(struct kvm_vcpu *vcpu, u64 efer) if (svm_gp_erratum_intercept && !sev_guest(vcpu->kvm)) set_exception_intercept(svm, GP_VECTOR); } + + kvm_make_request(KVM_REQ_RECALC_INTERCEPTS, vcpu); } =20 svm->vmcb->save.efer =3D efer | EFER_SVME; @@ -1021,6 +1023,7 @@ static bool svm_has_pending_gif_event(struct vcpu_svm= *svm) static void svm_recalc_instruction_intercepts(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm =3D to_svm(vcpu); + u64 efer =3D vcpu->arch.efer; =20 /* * Intercept INVPCID if shadow paging is enabled to sync/free shadow @@ -1045,8 +1048,13 @@ static void svm_recalc_instruction_intercepts(struct= kvm_vcpu *vcpu) * No need to toggle VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK here, it is * always set if vls is enabled. If the intercepts are set, the bit is * meaningless anyway. + * + * Intercept instructions that #UD if EFER.SVME=3D0, as SVME must be set = even + * when running the guest, i.e. hardware will only ever see EFER.SVME=3D1. */ - if (guest_cpuid_is_intel_compatible(vcpu)) { + if (guest_cpuid_is_intel_compatible(vcpu) || !(efer & EFER_SVME)) { + svm_set_intercept(svm, INTERCEPT_CLGI); + svm_set_intercept(svm, INTERCEPT_STGI); svm_set_intercept(svm, INTERCEPT_VMLOAD); svm_set_intercept(svm, INTERCEPT_VMSAVE); } else { --=20 2.53.0.473.g4a7958ca14-goog From nobody Sun Apr 5 16:28:28 2026 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 72FAD2E03F1 for ; Sat, 28 Feb 2026 03:33:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249620; cv=none; b=cqABvg27FYqAmdfxNN4O1HBsKWNkgAerRUuTGjyWqFcI2zVKdcGUzflGSbL3VAq/EbfJeWVca/2JwLMB7HNKLMBggCtx5EZEhz2kNFnBDZ6UTasYVyoLaO2Tz990uiTqzz0vqLHnsRFHehB46MR6KeGDoOSlnZFiO9pou0z9704= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772249620; c=relaxed/simple; bh=/lCxiHbvKeja+uJyJNRaWhTwWnRWmN3ecTB1MEqsjPs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=f5QdRyCGYVPiTCnaAChy/5L4dulDIR3f317Sswzs5iyjLzba488Hqdsp4Pe9O7MXGRvKIVgTOpb4LjM/8CXyl4YUCet0IDp+QF3R1nf2d8TlrOLH+/xdkWaTMUC1oDbPxjnNAaDuSZwqYLhfBjxth01q2lnOOUHscq+7cPN+Ckc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=aVcInqJu; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--chengkev.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="aVcInqJu" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-2aaeafeadbcso29090725ad.1 for ; Fri, 27 Feb 2026 19:33:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1772249619; x=1772854419; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=zzK+ahrN0WrI65Z8BtzgCkPZKdVkUFBx57SYFZxh0S8=; b=aVcInqJullGrn8lOqBWKmJSXiZiCYX8JJuMsK2j3Xs7MdYwl59Tl/RP2sWt402/9Sp eXpFqAQxWi7lADL0JFOTU3+tblhmrp72YwsjsQAftjtvD18s2er3jNH4+PuQfuaIScXA spQOstvGflDaiwFdrlPhRzQdMv65kosbtbjzN+ro7esGKC4WaZ0P3H5ww25FOmhqJ9KN zOouHD3n0RXubNxBsA7/llhenCbn5sMNRbqJYkSlbqoVTPazFuj0FkttFB7At2Yqy58g ppB12taDb8e5EtmHoNQTXMeVeK6i3w/9W6kzEM62TLz6j9yXxP9trajNlilPy4QLBWnV OK0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772249619; x=1772854419; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=zzK+ahrN0WrI65Z8BtzgCkPZKdVkUFBx57SYFZxh0S8=; b=v7DVeW5jGHZt3Bd/yX97BB5O1kDLQCIKcINQilbHrthWOmBwf4SadNKjjROREhVJwf 9x8Biiep2Pg7wuOnFpGXN1/fONTTOiXwmpBlbpSDp+breQtNtPdbvQbJInZYk8Pn8r4i vXzBaXVVuwuniHO4w8eW/VwdjyZ7kXm90hW0D6oMPe/rbqE5xFq4NuQNOxbd+6EJ3Xtz iXE8ipjRMes5HKBEH8gco/1SLP0LJuMV5S/6/QdWeLeGBT0/FlyuUt0xtQPkCQ0x6RSr hDz9lwMdF/+xQu0qed204kp5r8vp5+iVFEdP/+0io4aiTjJ10amOgly6g50no8eUhEl+ wC/Q== X-Forwarded-Encrypted: i=1; AJvYcCUR3JpJH5WWaZQufiDKzL334bJ49lE6hShg1cwNdfSfrdorOaJ+o7hX5Bcn67oBaBccK9TJFS/dvtZ6QjE=@vger.kernel.org X-Gm-Message-State: AOJu0Yx0m5RuLfGt2gh+mpFSZ3DIZo1xFMLRFa1GuUhP0MAW/cItxVPB BwTc/V/dNDI8yIW2u2e/K8YoH+3dO1Scdbv7kIhrWkO5HTCq2z0S9lesmmBJ+nYdaaLSMd5w6kv 5gSZOYn+iirnPVw== X-Received: from plkg16.prod.google.com ([2002:a17:903:19d0:b0:298:1151:5f6d]) (user=chengkev job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:18b:b0:2ad:da26:c2c4 with SMTP id d9443c01a7336-2ae2e3ce810mr48921795ad.9.1772249618503; Fri, 27 Feb 2026 19:33:38 -0800 (PST) Date: Sat, 28 Feb 2026 03:33:28 +0000 In-Reply-To: <20260228033328.2285047-1-chengkev@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260228033328.2285047-1-chengkev@google.com> X-Mailer: git-send-email 2.53.0.473.g4a7958ca14-goog Message-ID: <20260228033328.2285047-5-chengkev@google.com> Subject: [PATCH V4 4/4] KVM: SVM: Raise #UD if VMMCALL instruction is not intercepted From: Kevin Cheng To: seanjc@google.com, pbonzini@redhat.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, yosry@kernel.org, Kevin Cheng Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The AMD APM states that if VMMCALL instruction is not intercepted, the instruction raises a #UD exception. Create a vmmcall exit handler that generates a #UD if a VMMCALL exit from L2 is being handled by L0, which means that L1 did not intercept the VMMCALL instruction. The exception to this is if the exiting instruction was for Hyper-V L2 TLB flush hypercalls as they are handled by L0. Suggested-by: Sean Christopherson Signed-off-by: Kevin Cheng --- arch/x86/kvm/svm/hyperv.h | 11 +++++++++++ arch/x86/kvm/svm/nested.c | 4 +--- arch/x86/kvm/svm/svm.c | 19 ++++++++++++++++++- 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/hyperv.h b/arch/x86/kvm/svm/hyperv.h index d3f8bfc05832e..9af03970d40c2 100644 --- a/arch/x86/kvm/svm/hyperv.h +++ b/arch/x86/kvm/svm/hyperv.h @@ -41,6 +41,13 @@ static inline bool nested_svm_l2_tlb_flush_enabled(struc= t kvm_vcpu *vcpu) return hv_vcpu->vp_assist_page.nested_control.features.directhypercall; } +static inline bool nested_svm_is_l2_tlb_flush_hcall(struct kvm_vcpu *vcpu) +{ + return guest_hv_cpuid_has_l2_tlb_flush(vcpu) && + nested_svm_l2_tlb_flush_enabled(vcpu) && + kvm_hv_is_tlb_flush_hcall(vcpu); +} + void svm_hv_inject_synthetic_vmexit_post_tlb_flush(struct kvm_vcpu *vcpu); #else /* CONFIG_KVM_HYPERV */ static inline void nested_svm_hv_update_vm_vp_ids(struct kvm_vcpu *vcpu) {} @@ -48,6 +55,10 @@ static inline bool nested_svm_l2_tlb_flush_enabled(struc= t kvm_vcpu *vcpu) { return false; } +static inline bool nested_svm_is_l2_tlb_flush_hcall(struct kvm_vcpu *vcpu) +{ + return false; +} static inline void svm_hv_inject_synthetic_vmexit_post_tlb_flush(struct kv= m_vcpu *vcpu) {} #endif /* CONFIG_KVM_HYPERV */ diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index de90b104a0dd5..45d1496031a74 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1674,9 +1674,7 @@ int nested_svm_exit_special(struct vcpu_svm *svm) } case SVM_EXIT_VMMCALL: /* Hyper-V L2 TLB flush hypercall is handled by L0 */ - if (guest_hv_cpuid_has_l2_tlb_flush(vcpu) && - nested_svm_l2_tlb_flush_enabled(vcpu) && - kvm_hv_is_tlb_flush_hcall(vcpu)) + if (nested_svm_is_l2_tlb_flush_hcall(vcpu)) return NESTED_EXIT_HOST; break; default: diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f8f9b7a124c36..d662d5ce986ac 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -52,6 +52,7 @@ #include "svm.h" #include "svm_ops.h" +#include "hyperv.h" #include "kvm_onhyperv.h" #include "svm_onhyperv.h" @@ -3258,6 +3259,22 @@ static int bus_lock_exit(struct kvm_vcpu *vcpu) return 0; } +static int vmmcall_interception(struct kvm_vcpu *vcpu) +{ + /* + * Per the AMD APM, VMMCALL raises #UD if the VMMCALL intercept + * is not set. For an L2 guest, inject #UD as L1 did not intercept + * VMMCALL, except for Hyper-V L2 TLB flush hypercalls as they + * are handled by L0. + */ + if (is_guest_mode(vcpu) && !nested_svm_is_l2_tlb_flush_hcall(vcpu)) { + kvm_queue_exception(vcpu, UD_VECTOR); + return 1; + } + + return kvm_emulate_hypercall(vcpu); +} + static int (*const svm_exit_handlers[])(struct kvm_vcpu *vcpu) =3D { [SVM_EXIT_READ_CR0] =3D cr_interception, [SVM_EXIT_READ_CR3] =3D cr_interception, @@ -3308,7 +3325,7 @@ static int (*const svm_exit_handlers[])(struct kvm_vc= pu *vcpu) =3D { [SVM_EXIT_TASK_SWITCH] =3D task_switch_interception, [SVM_EXIT_SHUTDOWN] =3D shutdown_interception, [SVM_EXIT_VMRUN] =3D vmrun_interception, - [SVM_EXIT_VMMCALL] =3D kvm_emulate_hypercall, + [SVM_EXIT_VMMCALL] =3D vmmcall_interception, [SVM_EXIT_VMLOAD] =3D vmload_interception, [SVM_EXIT_VMSAVE] =3D vmsave_interception, [SVM_EXIT_STGI] =3D stgi_interception, -- 2.53.0.473.g4a7958ca14-goog