From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 447D63EE1F5; Mon, 16 Mar 2026 20:27:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692863; cv=none; b=K0cejDm2SKg2jaaBvczOibyMCsEonDieJTYRtEWHxJinIonkrXEpCLVgBADqQ0ABOGuvBbE+vQqLobdvg6xAW4TiyhabOV0RTJvrhLymgiJvOt7zSWGJbeA+i+wWxylLRHrLllBIIRO2cMzr8ztpLmS5gRaX/XZ+f6vn3r+kQh0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692863; c=relaxed/simple; bh=EIrszS15i5/Uxlq5DyhfxznOK8FC3CIpI/Io3HTrbhU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=B9hTbZMgcAVgoyldi8wZ2gkCXZFJ7N1yxetq3+ypxfFmFCYLwlSlCXzjSzJeuMSXwSLBOIIuje07TN8jWhbFw1cd4NCh43QYadJQpbOTOiddPiVkgA04DMZgkd1KiwYZ2wSiwH8NoGyIH4LGIKsUe9ofPQh2O8jHhBgpjicKn+k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=G58GA1f8; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="G58GA1f8" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E36E8C2BCAF; Mon, 16 Mar 2026 20:27:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692863; bh=EIrszS15i5/Uxlq5DyhfxznOK8FC3CIpI/Io3HTrbhU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=G58GA1f8CpFciPwkZNh22CITpx+9cKf0oOj+spvsHb484i/AvtsTSsGX01p/3iQKe A+0rHCssWJQEwYt9xFOHaIafpZR4kP7ZYZc2ClkbqzW9+nPqNDUrHBU/kOfhNaOBrX 8ryXphf4cduA1Ow+wqh1xA7M2Y8zFnXUiZWY/pCw1zMShZ0bMhqR4NPwCpt+Uu5JG7 AipPvJNlks5F3ISX+lBv3glhej0kDkWRJIoolUJAKevbNrdyJQXHT13CIiBV69WbEG WoSxsEEmzi+VtKveMoo2/FkF9ka8HbdTYTurFkaFgIA9h9+mKnOHaJiDdWRw0wOSIs 3jxG2NuEDwgFA== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 1/9] KVM: SVM: Properly check RAX in the emulator for SVM instructions Date: Mon, 16 Mar 2026 20:27:24 +0000 Message-ID: <20260316202732.3164936-2-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Architecturally, VMRUN/VMLOAD/VMSAVE should generate a #GP if the physical address in RAX is not supported. check_svme_pa() hardcodes this to checking that bits 63-48 are not set. This is incorrect on HW supporting 52 bits of physical address space. Additionally, the emulator does not check if the address is not aligned, which should also result in #GP. Use page_address_valid() which properly checks alignment and the address legality based on the guest's MAXPHYADDR. Plumb it through x86_emulate_ops, similar to is_canonical_addr(), to avoid directly accessing the vCPU object in emulator code. Fixes: 01de8b09e606 ("KVM: SVM: Add intercept checks for SVM instructions") Suggested-by: Sean Christopherson Signed-off-by: Yosry Ahmed --- arch/x86/kvm/emulate.c | 3 +-- arch/x86/kvm/kvm_emulate.h | 2 ++ arch/x86/kvm/x86.c | 6 ++++++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index 6145dac4a605a..c8c6cc0406d6d 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -3887,8 +3887,7 @@ static int check_svme_pa(struct x86_emulate_ctxt *ctx= t) { u64 rax =3D reg_read(ctxt, VCPU_REGS_RAX); =20 - /* Valid physical address? */ - if (rax & 0xffff000000000000ULL) + if (!ctxt->ops->page_address_valid(ctxt, rax)) return emulate_gp(ctxt, 0); =20 return check_svme(ctxt); diff --git a/arch/x86/kvm/kvm_emulate.h b/arch/x86/kvm/kvm_emulate.h index fb3dab4b5a53e..0abff36d09942 100644 --- a/arch/x86/kvm/kvm_emulate.h +++ b/arch/x86/kvm/kvm_emulate.h @@ -245,6 +245,8 @@ struct x86_emulate_ops { =20 bool (*is_canonical_addr)(struct x86_emulate_ctxt *ctxt, gva_t addr, unsigned int flags); + + bool (*page_address_valid)(struct x86_emulate_ctxt *ctxt, gpa_t gpa); }; =20 /* Type, address-of, and value of an instruction's operand. */ diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0b5d48e75b657..11d5bd84e323d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -8916,6 +8916,11 @@ static bool emulator_is_canonical_addr(struct x86_em= ulate_ctxt *ctxt, return !is_noncanonical_address(addr, emul_to_vcpu(ctxt), flags); } =20 +static bool emulator_page_address_valid(struct x86_emulate_ctxt *ctxt, gpa= _t gpa) +{ + return page_address_valid(emul_to_vcpu(ctxt), gpa); +} + static const struct x86_emulate_ops emulate_ops =3D { .vm_bugged =3D emulator_vm_bugged, .read_gpr =3D emulator_read_gpr, @@ -8963,6 +8968,7 @@ static const struct x86_emulate_ops emulate_ops =3D { .set_xcr =3D emulator_set_xcr, .get_untagged_addr =3D emulator_get_untagged_addr, .is_canonical_addr =3D emulator_is_canonical_addr, + .page_address_valid =3D emulator_page_address_valid, }; =20 static void toggle_interruptibility(struct kvm_vcpu *vcpu, u32 mask) --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C99173EF0CB; Mon, 16 Mar 2026 20:27:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692863; cv=none; b=pyKs/R1dVppTPZGa9g2OiDhEo53S9WuU6UHQEUNbvXi31tZcBaFBZe0F8QFiYc+eoM3r9KZrsfqXrhqm+HzWX2iaFfn0UZny5PpfFhuZ/laHny0Tt4mKOGFrKB8MxHVcrj8BzLWcSYFtsFggzUD/PQ4qV5qv7UIoeS4iHuUbldU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692863; c=relaxed/simple; bh=Z67genllzMsvnrjDnIBJ0sRjYbzzmleUqV1m1Ta0yVI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QAVvX2rfLUowIavLZs+TERq2KpuWyfMol86OKblK+J3bK0DvGDwba6c0v0hugn3zpkSp/t9AmRpmB7n+7xYb3ZYJ8GVBCaMlIEx0vdc5b+tAFrUyNLKioiK2WYgJs0Z1pjCmhSCXIZvidXbWfuxEFM5TjHBe5yD+jAY5c06mrlc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=aV1XDkG5; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="aV1XDkG5" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 50132C19424; Mon, 16 Mar 2026 20:27:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692863; bh=Z67genllzMsvnrjDnIBJ0sRjYbzzmleUqV1m1Ta0yVI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aV1XDkG539KTonHXvxad+8xI8hwor1AdCL1RXP8+ItuMh/aPvt8vg6zWpYU3A4p8f jhpizvJogNCjzGTaFp0QxzCNTGGamtqdtRtCbC3hJ3I4JZjz6GOlWC30kfNXS0TI+4 HwLSNDjQMVraaoiaqnqA1au+68ML+C3Ds5lWyVY9SInad1rBP+JrZkXayxroKznX6Q LIyZpkEuGG8vomdPobmAnrsYNNYg7tzdsOKYOraIQljAgQkxD6OEzrhEugi/sagnMC C2JqDSTdl2FR5YVyI31qyVUo8z2T8BQSM3cXnBu013kt6hqJ93qvdRVw235dF5j/L6 GWfGn1dfo/sBw== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 2/9] KVM: SVM: Refactor SVM instruction handling on #GP intercept Date: Mon, 16 Mar 2026 20:27:25 +0000 Message-ID: <20260316202732.3164936-3-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of returning an opcode from svm_instr_opcode() and then passing it to emulate_svm_instr(), which uses it to find the corresponding exit code and intercept handler, return the exit code directly from svm_instr_opcode(), and rename it to svm_instr_exit_code(). emulate_svm_instr() boils down to synthesizing a #VMEXIT or calling the intercept handler, so open-code it in gp_interception(), and use svm_invoke_exit_handler() to call the intercept handler based on the exit code. This allows for dropping the SVM_INSTR_* enum, and the const array mapping its values to exit codes and intercept handlers. In gp_intercept(), handle SVM instructions first with an early return, un-indenting the rest of the code. No functional change intended. Signed-off-by: Yosry Ahmed --- arch/x86/kvm/svm/svm.c | 78 +++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 51 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d2ca226871c2f..392a5088f20bf 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2233,54 +2233,26 @@ static int vmrun_interception(struct kvm_vcpu *vcpu) return nested_svm_vmrun(vcpu); } =20 -enum { - NONE_SVM_INSTR, - SVM_INSTR_VMRUN, - SVM_INSTR_VMLOAD, - SVM_INSTR_VMSAVE, -}; - -/* Return NONE_SVM_INSTR if not SVM instrs, otherwise return decode result= */ -static int svm_instr_opcode(struct kvm_vcpu *vcpu) +/* Return 0 if not SVM instr, otherwise return associated exit_code */ +static u64 svm_instr_exit_code(struct kvm_vcpu *vcpu) { struct x86_emulate_ctxt *ctxt =3D vcpu->arch.emulate_ctxt; =20 if (ctxt->b !=3D 0x1 || ctxt->opcode_len !=3D 2) - return NONE_SVM_INSTR; + return 0; =20 switch (ctxt->modrm) { case 0xd8: /* VMRUN */ - return SVM_INSTR_VMRUN; + return SVM_EXIT_VMRUN; case 0xda: /* VMLOAD */ - return SVM_INSTR_VMLOAD; + return SVM_EXIT_VMLOAD; case 0xdb: /* VMSAVE */ - return SVM_INSTR_VMSAVE; + return SVM_EXIT_VMSAVE; default: break; } =20 - return NONE_SVM_INSTR; -} - -static int emulate_svm_instr(struct kvm_vcpu *vcpu, int opcode) -{ - const int guest_mode_exit_codes[] =3D { - [SVM_INSTR_VMRUN] =3D SVM_EXIT_VMRUN, - [SVM_INSTR_VMLOAD] =3D SVM_EXIT_VMLOAD, - [SVM_INSTR_VMSAVE] =3D SVM_EXIT_VMSAVE, - }; - int (*const svm_instr_handlers[])(struct kvm_vcpu *vcpu) =3D { - [SVM_INSTR_VMRUN] =3D vmrun_interception, - [SVM_INSTR_VMLOAD] =3D vmload_interception, - [SVM_INSTR_VMSAVE] =3D vmsave_interception, - }; - struct vcpu_svm *svm =3D to_svm(vcpu); - - if (is_guest_mode(vcpu)) { - nested_svm_simple_vmexit(svm, guest_mode_exit_codes[opcode]); - return 1; - } - return svm_instr_handlers[opcode](vcpu); + return 0; } =20 /* @@ -2295,7 +2267,7 @@ static int gp_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm =3D to_svm(vcpu); u32 error_code =3D svm->vmcb->control.exit_info_1; - int opcode; + u64 svm_exit_code; =20 /* Both #GP cases have zero error_code */ if (error_code) @@ -2305,27 +2277,31 @@ static int gp_interception(struct kvm_vcpu *vcpu) if (x86_decode_emulated_instruction(vcpu, 0, NULL, 0) !=3D EMULATION_OK) goto reinject; =20 - opcode =3D svm_instr_opcode(vcpu); - - if (opcode =3D=3D NONE_SVM_INSTR) { - if (!enable_vmware_backdoor) - goto reinject; - - /* - * VMware backdoor emulation on #GP interception only handles - * IN{S}, OUT{S}, and RDPMC. - */ - if (!is_guest_mode(vcpu)) - return kvm_emulate_instruction(vcpu, - EMULTYPE_VMWARE_GP | EMULTYPE_NO_DECODE); - } else { + svm_exit_code =3D svm_instr_exit_code(vcpu); + if (svm_exit_code) { /* All SVM instructions expect page aligned RAX */ if (svm->vmcb->save.rax & ~PAGE_MASK) goto reinject; =20 - return emulate_svm_instr(vcpu, opcode); + if (is_guest_mode(vcpu)) { + nested_svm_simple_vmexit(svm, svm_exit_code); + return 1; + } + + return svm_invoke_exit_handler(vcpu, svm_exit_code); } =20 + if (!enable_vmware_backdoor) + goto reinject; + + /* + * VMware backdoor emulation on #GP interception only handles + * IN{S}, OUT{S}, and RDPMC. + */ + if (!is_guest_mode(vcpu)) + return kvm_emulate_instruction(vcpu, + EMULTYPE_VMWARE_GP | EMULTYPE_NO_DECODE); + reinject: kvm_queue_exception_e(vcpu, GP_VECTOR, error_code); return 1; --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3D1253EF648; Mon, 16 Mar 2026 20:27:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692864; cv=none; b=Oe7wEtKhju+HiwJaufXKkOntOgWYmk6YvwfYCwrdVmbITh3q7FWQ55KrG3AdNsgN2Z4+NFA+VA2e53XvSxS3ni8CNUkJGlFqBx7un3wQ4BHvmx6it9KkfvWEwOTKZIPq4U7rNBT1T2pqvGnNex/8bWW5ymyY/YHEk5bqB4ibtfY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692864; c=relaxed/simple; bh=b8ai/VpIj8+raXLhl6mlAYJBLfYVeH84SMbuAIHHp2o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=q4FhchfP+231Snl/eIUCj/c+93d50FB4IIZe/pqOtvMkFAOK5OYnLZRfC1smitgaVUslgJww+NK0hOM0GpwPbPmfEef1kB7SPOSVRYEZRqjfVRXeJ/SpOl7Bv7SjXrOTMn1WxHi7BmqyYg9AXLNr/q7p0J1x450uq67Ohl/yRMk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Su3dQyas; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Su3dQyas" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B0893C19421; Mon, 16 Mar 2026 20:27:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692864; bh=b8ai/VpIj8+raXLhl6mlAYJBLfYVeH84SMbuAIHHp2o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Su3dQyasCCWwJuO+snMk1d4W1nDKQcTsaEGvitCUmndvYbUGlB1GrI7tSTrrwT50Z fuO8n95KL7puio+Cc3fYAuzaREL4yz46qKnOtXhjUHoZF/jou+NYS2wdlr2pVZ7jsF C/U4zeJrB+SUyGIEsdZTAU0yjgowmckzP4b+fwzL2blf67AmPvZpiRyBOG8nDowUhu gHJhijHnDxh2dnNUZoWNd0TFUjuDWsxqZlwk9DZnDxcPXjw9hBW8LDKDEgIM7VJLA0 k1wMpRBnKf2E9/puCl4l0dzRrhJlDiDIfjtGn6LHyeivD6S5+DLfHsSNSAfnvcFK+A PYzaGE0FgnnQA== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 3/9] KVM: SVM: Properly check RAX on #GP intercept of SVM instructions Date: Mon, 16 Mar 2026 20:27:26 +0000 Message-ID: <20260316202732.3164936-4-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When KVM intercepts #GP on an SVM instruction, it re-injects the #GP if the instruction was executed with a mis-algined RAX. However, a #GP should also be reinjected if RAX contains an illegal GPA, according to the APM, one of #GP conditions is: rAX referenced a physical address above the maximum supported physical address. Replace the PAGE_MASK check with page_address_valid(), which checks both page-alignment as well as the legality of the GPA based on the vCPU's MAXPHYADDR. Use kvm_register_read() to read RAX to avoid page_address_valid() failing on 32-bit due to garbage in the higher bits. Note that this is currently only a problem if KVM is running an L2 guest and ends up synthesizing a #VMEXIT to L1, as the RAX check takes precedence over the intercept. Otherwise, if KVM emulates the instruction, kvm_vcpu_map() should fail on illegal GPAs and inject a #GP anyway. However, following patches will change the failure behavior of kvm_vcpu_map(), so make sure the #GP interception handler does this appropriately. Opportunistically drop a teaser FIXME about the SVM instructions handling on #GP belonging in the emulator. Fixes: 82a11e9c6fa2 ("KVM: SVM: Add emulation support for #GP triggered by = SVM instructions") Fixes: d1cba6c92237 ("KVM: x86: nSVM: test eax for 4K alignment for GP erra= ta workaround") Suggested-by: Sean Christopherson Signed-off-by: Yosry Ahmed --- arch/x86/kvm/svm/svm.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 392a5088f20bf..3122a98745ab7 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2277,10 +2277,12 @@ static int gp_interception(struct kvm_vcpu *vcpu) if (x86_decode_emulated_instruction(vcpu, 0, NULL, 0) !=3D EMULATION_OK) goto reinject; =20 + /* FIXME: Handle SVM instructions through the emulator */ svm_exit_code =3D svm_instr_exit_code(vcpu); if (svm_exit_code) { - /* All SVM instructions expect page aligned RAX */ - if (svm->vmcb->save.rax & ~PAGE_MASK) + unsigned long rax =3D kvm_register_read(vcpu, VCPU_REGS_RAX); + + if (!page_address_valid(vcpu, rax)) goto reinject; =20 if (is_guest_mode(vcpu)) { --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7CA3F3EF65F; Mon, 16 Mar 2026 20:27:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692864; cv=none; b=bWpOk9PV2eickHINl9gYJhNHU20Z3oeaztrtJmMnOkCcEYIYU6OeEKh+2zpIL9PkrbNQ2a38ZHPIrFHsD+DMkCCd3Micskcucnu3FCesypURGA3CXD9YX6G3mQVTTm71cKYxbltFYXfdaHLFFfKYtvFm2s3s3AH8x6MJTblrw5I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692864; c=relaxed/simple; bh=6S4+JazBAejIpFtSmER6X/tB4z7ULTZ/icgKSEpS+mk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ctPdEIVvffXh9RH5H7DWPxZP/zT1LJCSQ/GJL+B6Mf4fQjVGUoeN2iGUkQjCYjRNnKB7X+9W5D29Cw6B9A3jL5a2dg4R2c5o4GQfhGbH5jcfHbD1MZzPiEvw7hJ3DPtswuTs4e1M0Jfwtb6LpDguS27xT2RqV8Lqh5sLUMiCHLU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=VCWQdiku; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="VCWQdiku" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1E364C2BCAF; Mon, 16 Mar 2026 20:27:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692864; bh=6S4+JazBAejIpFtSmER6X/tB4z7ULTZ/icgKSEpS+mk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=VCWQdikuPNWGR1JciHt3pe/bfTOJ5Pl7TU9HmA6EDztouZW4KnUysqIYeIaREIm/J umiamlBeYC0ijAnKbWlXJncu+GUDeaWuKsqplPFJTRz6rTzOsmScjijrQe6TDSkx8G zZ3JR09ns9T4JbsmoOhp2575mhRXcdtulKKdW7C+q+TbTbrNbBArDUkloQqEqQH6oM 2HISTJjyMex/82kypqepdkWcjBH4b0OisfZI0ggWu89+Q8oYsfXb/6VikFD3gR5c3v NwjnbHgnUgHBtWF3az55UE+/8zGxdfziv+jJK/JdWFa8bYn6o3/Y8LjgU53EpN24RM TACepcsFd8mdA== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 4/9] KVM: SVM: Move RAX legality check to SVM insn interception handlers Date: Mon, 16 Mar 2026 20:27:27 +0000 Message-ID: <20260316202732.3164936-5-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When #GP is intercepted by KVM, the #GP interception handler checks whether the GPA in RAX is legal and reinjects the #GP accordingly. Otherwise, it calls into the appropriate interception handler for VMRUN/VMLOAD/VMSAVE. The intercept handlers do not check RAX. However, the intercept handlers need to do the RAX check, because if the guest has a smaller MAXPHYADDR, RAX could be legal from the hardware perspective (i.e. CPU does not inject #GP), but not from the vCPU's perspective. Note that with allow_smaller_maxphyaddr, both NPT and VLS cannot be used, so VMLOAD/VMSAVE have to be intercepted, and RAX can always be checked against the vCPU's MAXPHYADDR. Move the check into the interception handlers for VMRUN/VMLOAD/VMSAVE as the CPU does not check RAX before the interception. Read RAX using kvm_register_read() to avoid a false negative on page_address_valid() on 32-bit due to garbage in the higher bits. Keep the check in the #GP intercept handler in the nested case where a #VMEXIT is synthesized into L1, as the RAX check is still needed there and takes precedence over the intercept. Opportunistically add a FIXME about the #VMEXIT being synthesized into L1, as it needs to be conditional. Signed-off-by: Yosry Ahmed --- arch/x86/kvm/svm/nested.c | 6 +++++- arch/x86/kvm/svm/svm.c | 21 +++++++++++++++++---- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 5ff01d2ac85e4..75943a607777c 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1113,7 +1113,11 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu) if (WARN_ON_ONCE(!svm->nested.initialized)) return -EINVAL; =20 - vmcb12_gpa =3D svm->vmcb->save.rax; + vmcb12_gpa =3D kvm_register_read(vcpu, VCPU_REGS_RAX); + if (!page_address_valid(vcpu, vmcb12_gpa)) { + kvm_inject_gp(vcpu, 0); + return 1; + } =20 ret =3D nested_svm_copy_vmcb12_to_cache(vcpu, vmcb12_gpa); if (ret) { diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 3122a98745ab7..a511ee1139725 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2182,6 +2182,7 @@ static int intr_interception(struct kvm_vcpu *vcpu) =20 static int vmload_vmsave_interception(struct kvm_vcpu *vcpu, bool vmload) { + u64 vmcb12_gpa =3D kvm_register_read(vcpu, VCPU_REGS_RAX); struct vcpu_svm *svm =3D to_svm(vcpu); struct vmcb *vmcb12; struct kvm_host_map map; @@ -2190,7 +2191,12 @@ static int vmload_vmsave_interception(struct kvm_vcp= u *vcpu, bool vmload) if (nested_svm_check_permissions(vcpu)) return 1; =20 - ret =3D kvm_vcpu_map(vcpu, gpa_to_gfn(svm->vmcb->save.rax), &map); + if (!page_address_valid(vcpu, vmcb12_gpa)) { + kvm_inject_gp(vcpu, 0); + return 1; + } + + ret =3D kvm_vcpu_map(vcpu, gpa_to_gfn(vmcb12_gpa), &map); if (ret) { if (ret =3D=3D -EINVAL) kvm_inject_gp(vcpu, 0); @@ -2282,10 +2288,17 @@ static int gp_interception(struct kvm_vcpu *vcpu) if (svm_exit_code) { unsigned long rax =3D kvm_register_read(vcpu, VCPU_REGS_RAX); =20 - if (!page_address_valid(vcpu, rax)) - goto reinject; - if (is_guest_mode(vcpu)) { + if (!page_address_valid(vcpu, rax)) + goto reinject; + + /* + * FIXME: Only synthesize a #VMEXIT if L1 sets the + * intercept, but only after the VMLOAD/VMSAVE exit + * handlers can properly handle VMLOAD/VMSAVE from L2 + * with VLS enabled in L1 (i.e. RAX is an L2 GPA that + * needs translation through L1's NPT). + */ nested_svm_simple_vmexit(svm, svm_exit_code); return 1; } --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA2D83EFD07; Mon, 16 Mar 2026 20:27:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692865; cv=none; b=eclL7rXch7XeenAy+X5OYu/0YCiFaPmuWoTBMbQXy1k4n30aLt7Z8qKcpwzGnqewONNxLL2NSqb+GLlFK9nAfEzUS9qWgCJrlWRSk3FdXXkIeEwa7ovuOhI+cKnx+zZaS+OIQjZJ1X0JdfiJd6aJLBaR5fJyRxCIwWexi9sg4F4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692865; c=relaxed/simple; bh=piNKmNlBx0IrNa9iajYbjvJyN1lke4bo4utyfiGpkVs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LMDv6fzgs4x3E9iRwMCRMO1BGxbCFIeCOPhdRqQN/9zljg0QGAUoJHMrNGBYNOfF1nmXh2Ksze//a7t51ZczPhvBgqMm0dz1X5eZXHRQoysMDymj2vf18hEGBRDQDsFIpESBj2wYlARY1+i4PkwhiZqzFQVbc0CjOaznWlMeWpU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=vKec3K+q; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="vKec3K+q" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 81AC5C4AF0B; Mon, 16 Mar 2026 20:27:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692864; bh=piNKmNlBx0IrNa9iajYbjvJyN1lke4bo4utyfiGpkVs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=vKec3K+qRjCFoboOaIZCZR3O0670/ajrritEVOKuzNKhSoCuQeV1bCSBMJKiOT+d9 EL+261NEPtIW9J/BXTg1oVzZniKPCBmK+1Jb/NPtBVvSU8+JHmIAYEdqGglGG1KYF+ rViUwQe/0dOgB2mVihyaOfNXaro+O2eTHCC87PCKVg3mCIq6+J+FQhI0d473RO4Jhs 1UdP+A9pCg0EWceIRWhUnbuOtMPlDE0lHto0Ed4JuXc2srjeliu6GJ77KkYIv6Jzqi nL/K66gndq3jk2D93ir3fckP8xlDk/yMyJa89YfrZshkJYqd/wybC+3MEZyi4SuaqY CmvANXNX8JDxQ== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 5/9] KVM: SVM: Check EFER.SVME and CPL on #GP intercept of SVM instructions Date: Mon, 16 Mar 2026 20:27:28 +0000 Message-ID: <20260316202732.3164936-6-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When KVM intercepts #GP on an SVM instruction from L2, it checks the legality of RAX, and injects a #GP if RAX is illegal, or otherwise synthesizes a #VMEXIT to L1. However, checking EFER.SVME and CPL takes precedence over both the RAX check and the intercept. Call nested_svm_check_permissions() first to cover both. Note that if #GP is intercepted on SVM instruction in L1, the intercept handlers of VMRUN/VMLOAD/VMSAVE already perform these checks. Note #2, if KVM does not intercept #GP, the check for EFER.SVME is not done in the correct order, because KVM handles it by intercepting the instructions when EFER.SVME=3D0 and injecting #UD. However, a #GP injected by hardware would happen before the instruction intercept, leading to #GP taking precedence over #UD from the guest's perspective. Opportunistically add a FIXME for this. Fixes: 82a11e9c6fa2 ("KVM: SVM: Add emulation support for #GP triggered by = SVM instructions") Signed-off-by: Yosry Ahmed --- arch/x86/kvm/svm/svm.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index a511ee1139725..bb0bb0f9c858f 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1052,6 +1052,11 @@ static void svm_recalc_instruction_intercepts(struct= kvm_vcpu *vcpu) * No need to toggle any of the vgif/vls/etc. enable bits here, as they * are set when the VMCB is initialized and never cleared (if the * relevant intercepts are set, the enablements are meaningless anyway). + * + * FIXME: When #GP is not intercepted, a #GP on these instructions (e.g. + * due to CPL > 0) could be injected by hardware before the instruction + * is intercepted, leading to #GP taking precedence over #UD from the + * guest's perspective. */ if (!(vcpu->arch.efer & EFER_SVME)) { svm_set_intercept(svm, INTERCEPT_VMLOAD); @@ -2289,6 +2294,9 @@ static int gp_interception(struct kvm_vcpu *vcpu) unsigned long rax =3D kvm_register_read(vcpu, VCPU_REGS_RAX); =20 if (is_guest_mode(vcpu)) { + if (nested_svm_check_permissions(vcpu)) + return 1; + if (!page_address_valid(vcpu, rax)) goto reinject; =20 --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 778243F074B; Mon, 16 Mar 2026 20:27:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692865; cv=none; b=O/aa1HxBUROjC4Rxek2HsSdPlj83XfTvM6lqTZYioKL8kQF3BJQz99fOOTgUA14+TvuDteGo3yZ/KKsaDY7VhZe7U7zHwkQustsmALlqFn+xepGBcZZg5oUwr2VMKeA5XjgIrI8pUQ1acAF/N5fQSXy2l5N0vuTlN8q2odBtEVM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692865; c=relaxed/simple; bh=L7Px9mnJqTKTfoyK3Xxj13rrvwtzzkeIkI41rSDLyGk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=L60ejZaHDTD/h7MSHKlW4EKm2pfzm78tALbGXYqJssHobTB/hSPu5XMsKzuKyQhddoCytCh07x2lHLWAw4He2nuStArDBPBJwzjYsurh520d9O0FTa2xF+OUsbUDJ8UPxkH51LtKAcCVzKhnjnMxVbGP+InwjY1EbqcRLLF4nG8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QWBw7rTe; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QWBw7rTe" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E5B0DC2BCB2; Mon, 16 Mar 2026 20:27:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692865; bh=L7Px9mnJqTKTfoyK3Xxj13rrvwtzzkeIkI41rSDLyGk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QWBw7rTeVsxVJraYC4EIRv5ZYPyr/c3JlUHcHghEwrxG/gb8LQq06HX8sidfXqEoK pBWpWmv1s4oy79fQJq6xitJDHY349rKD30UlV51vlkHf8yOxYDtUjvPgUaiPhISvjr TfqKHm4wlA++TsSUg5NEwnO8isCE1xnSpWFbkQKe9EejW8Uu7GIKq35lVYXxa4AtQu n/rri4rr75TIOW3ag70hGgRszLsUaZplAXoDeVSUqEd20M8IqWjpmtXd4g5upAmcVM nmTaC0dOZj5ZACTUku2n1Ly9uUg0nZtleEiwcsdqgwSLs+Z+amGJZGcueHih8h9ZIw VM5IwU/zXeE+g== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 6/9] KVM: SVM: Treat mapping failures equally in VMLOAD/VMSAVE emulation Date: Mon, 16 Mar 2026 20:27:29 +0000 Message-ID: <20260316202732.3164936-7-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently, a #GP is only injected if kvm_vcpu_map() fails with -EINVAL. But it could also fail with -EFAULT if creating a host mapping failed. Inject a #GP in all cases, no reason to treat failure modes differently. Similar to commit 01ddcdc55e09 ("KVM: nSVM: Always inject a #GP if mapping VMCB12 fails on nested VMRUN"), treat all failures equally. Fixes: 8c5fbf1a7231 ("KVM/nSVM: Use the new mapping API for mapping guest m= emory") Signed-off-by: Yosry Ahmed --- arch/x86/kvm/svm/svm.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index bb0bb0f9c858f..9f6f60fc8c133 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2201,10 +2201,8 @@ static int vmload_vmsave_interception(struct kvm_vcp= u *vcpu, bool vmload) return 1; } =20 - ret =3D kvm_vcpu_map(vcpu, gpa_to_gfn(vmcb12_gpa), &map); - if (ret) { - if (ret =3D=3D -EINVAL) - kvm_inject_gp(vcpu, 0); + if (kvm_vcpu_map(vcpu, gpa_to_gfn(vmcb12_gpa), &map)) { + kvm_inject_gp(vcpu, 0); return 1; } =20 --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6B3F3EF0A9; Mon, 16 Mar 2026 20:27:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692865; cv=none; b=qvy7tKN+WzuSLCbq0GBTcYPpR1a+jVAjuqufd3IHSMFcIbAtdNlT2x03HAN8gew7LcvjsQI6tQDRKTpeJ+no03Je55ZBdiHmjTZ+qqj8wa0AWGsT3PgQuGORQi6hVdz5f85mj69q/padCGWYrB+m0sNXtLs4Zp2eeNfbFPlHCDk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692865; c=relaxed/simple; bh=6INPicvGAwF0HOdZHKimaIrincjL/kzHV/eR4X4flmQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=h44yapEGzFFgrjkW+8oBSfuFBtN06qxuCV21ZwfsT6cQNKY2qIGd6kahd4DqMqccjb4Y6WE+zn9AxVGjFTVujYU9lRz6jMj024BNtp5/yXOBVs43ZwDWqxWEghKiPLugmtyzF4ncj8+5+RhC/A4pjKMRrsCAskMTNLI00flgFWs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=D3SB0UVL; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="D3SB0UVL" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5637DC19424; Mon, 16 Mar 2026 20:27:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692865; bh=6INPicvGAwF0HOdZHKimaIrincjL/kzHV/eR4X4flmQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=D3SB0UVLuxlCvnjoiSo2cp759SuEqc9NQ+BIkBL08bIEftt+Xl6LGX9brvgTj17QZ 7ZBgnyzYtlaLMwmtuMf9U6N1i/OnyjP4w+fL0huniVfVkWK/Ec2gmR0waDt9SWeYFB x6bPPUsjCTkOAJIjF5r2GcNWrIHfU3Cg/qzrByYF6LIGaJSR+sSAf/F+HlC7qF4kNw D0yKCJdPbUCZdIuYiVAnGFNS5efZfZUJsoX2DKrSC62xytdC6gRt0CL/DquwJuF7BO ulstZh9MWteYwXfhIcEvR7bDUs7rZAeERhMSx3yxUfRYeX+aEYLdvNK7ooHer5DW+T D7i63Urx740LQ== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 7/9] KVM: nSVM: Fail emulation of VMRUN/VMLOAD/VMSAVE if mapping vmcb12 fails Date: Mon, 16 Mar 2026 20:27:30 +0000 Message-ID: <20260316202732.3164936-8-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KVM currently injects a #GP if mapping vmcb12 fails when emulating VMRUN/VMLOAD/VMSAVE. This is not architectural behavior, as #GP should only be injected if the physical address is not supported or not aligned. Instead, handle it as an emulation failure, similar to how nVMX handles failures to read/write guest memory in several emulation paths. When virtual VMLOAD/VMSAVE is enabled, if vmcb12's GPA is not mapped in the NPTs a VMEXIT(#NPF) will be generated, and KVM will install an MMIO SPTE and emulate the instruction if there is no corresponding memslot. x86_emulate_insn() will return EMULATION_FAILED as VMLOAD/VMSAVE are not handled as part of the twobyte_insn cases. Even though this will also result in an emulation failure, it will only result in a straight return to userspace if KVM_CAP_EXIT_ON_EMULATION_FAILURE is set. Otherwise, it would inject #UD and only exit to userspace if not in guest mode. So the behavior is slightly different if virtual VMLOAD/VMSAVE is enabled. Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler") Reported-by: Jim Mattson Signed-off-by: Yosry Ahmed --- arch/x86/kvm/svm/nested.c | 6 ++---- arch/x86/kvm/svm/svm.c | 6 ++---- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 75943a607777c..73c0df0a81f0e 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1121,10 +1121,8 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu) =20 ret =3D nested_svm_copy_vmcb12_to_cache(vcpu, vmcb12_gpa); if (ret) { - if (ret =3D=3D -EFAULT) { - kvm_inject_gp(vcpu, 0); - return 1; - } + if (ret =3D=3D -EFAULT) + return kvm_handle_memory_failure(vcpu, X86EMUL_IO_NEEDED, NULL); =20 /* Advance RIP past VMRUN as part of the nested #VMEXIT. */ return kvm_skip_emulated_instruction(vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 9f6f60fc8c133..1843627fa4cac 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2201,10 +2201,8 @@ static int vmload_vmsave_interception(struct kvm_vcp= u *vcpu, bool vmload) return 1; } =20 - if (kvm_vcpu_map(vcpu, gpa_to_gfn(vmcb12_gpa), &map)) { - kvm_inject_gp(vcpu, 0); - return 1; - } + if (kvm_vcpu_map(vcpu, gpa_to_gfn(vmcb12_gpa), &map)) + return kvm_handle_memory_failure(vcpu, X86EMUL_IO_NEEDED, NULL); =20 vmcb12 =3D map.hva; =20 --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2444A3F0A91; Mon, 16 Mar 2026 20:27:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692866; cv=none; b=PiAijkVn2ZAyEy1zILTnpoRdDOqv/w2ZigrzvyMprrzZfc9BWwWEJTp7rQFXfjFBfKdmahE2BjO622lu2pkVBsEbWhqj2yiBoKzkFQo17MM+vthkR99e155Zt5vZ663lsVKieyGQlgZsegQqH2TRgC+GexUPi/TUujjjhWCg5Dk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692866; c=relaxed/simple; bh=/tp9ynUtGABJgNWpxotjLFFDAJMtw/SEHVIjf6GvYHk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ok4z8yuC9OWB9CKodA4+S9C+TOC9wKuvFtlJzIzVXGdzb2biLF+GTt6fFvK9r7QDGt7+/3qcqsdIi0CnWLImzZscnCqMSNgDxmIl7BHrRXeNOhbCspL05HK6hQ+APGNJ57mZSzQRnhQmkid2/9pHDh6VhPvhKatA4nL1GhqhXKg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=GBU9MGed; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="GBU9MGed" Received: by smtp.kernel.org (Postfix) with ESMTPSA id BA5B2C2BCB2; Mon, 16 Mar 2026 20:27:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692866; bh=/tp9ynUtGABJgNWpxotjLFFDAJMtw/SEHVIjf6GvYHk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GBU9MGedPU+oVtPPS2NiuyLezOVW9jybi1WuTUL9S9ySaC3KbTKKNnfms3Uxl9suV s1o1KvNwdAUbKv655LMoRIAzdpyhdrx3LTyrGHk+8Xrx3Tr8XywLmlyLhwpmgulQ3z qtR6Ezvy8QnMv1AJWiTKK43sBXa8CHcD8+aJK88G5cetjyQCdjiOKfjPWJWce7Kiwe Pz0R1lg9iFuV8pU+CIBFoPuHdcbNUhYRQn2YfXstu2/HvQ+0/J+V08/TR3dzhdatMw iSiyf7vtBkwdKBytoEn+tnUO0/i1KicnJfynia+PyT2/jChLqFLHgKKcrvvJ+NJT/k HbxDny05sZVZg== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 8/9] KVM: selftests: Rework svm_nested_invalid_vmcb12_gpa Date: Mon, 16 Mar 2026 20:27:31 +0000 Message-ID: <20260316202732.3164936-9-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The test currently allegedly makes sure that VMRUN causes a #GP in vmcb12 GPA is valid but unmappable. However, it calls run_guest() with an the test vmcb12 GPA, and the #GP is produced from VMLOAD, not VMRUN. Additionally, the underlying logic just changed to match architectural behavior, and all of VMRUN/VMLOAD/VMSAVE fail emulation if vmcb12 cannot be mapped. The CPU still injects a #GP if the vmcb12 GPA exceeds maxphyaddr. Rework the test such to use the KVM_ONE_VCPU_TEST[_SUITE] harness, and test all of VMRUN/VMLOAD/VMSAVE with both an invalid GPA (-1ULL) causing a #GP, and a valid but unmappable GPA causing emulation failure. Execute the instructions directly from L1 instead of run_guest() to make sure the #GP or emulation failure is produced by the right instruction. Leave the #VMEXIT with unmappable GPA test case as-is, but wrap it with a test harness as well. Opportunisitically drop gp_triggered, as the test already checks that a #GP was injected through a SYNC. Also, use the first unmapped GPA instead of the maximum legal GPA, as some CPUs inject a #GP for the maximum legal GPA (likely in a reserved area). Signed-off-by: Yosry Ahmed --- .../kvm/x86/svm_nested_invalid_vmcb12_gpa.c | 152 +++++++++++++----- 1 file changed, 115 insertions(+), 37 deletions(-) diff --git a/tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.= c b/tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.c index c6d5f712120d1..569869bed20b5 100644 --- a/tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.c +++ b/tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.c @@ -6,6 +6,8 @@ #include "vmx.h" #include "svm_util.h" #include "kselftest.h" +#include "kvm_test_harness.h" +#include "test_util.h" =20 =20 #define L2_GUEST_STACK_SIZE 64 @@ -13,86 +15,162 @@ #define SYNC_GP 101 #define SYNC_L2_STARTED 102 =20 -u64 valid_vmcb12_gpa; -int gp_triggered; +static unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; =20 static void guest_gp_handler(struct ex_regs *regs) { - GUEST_ASSERT(!gp_triggered); GUEST_SYNC(SYNC_GP); - gp_triggered =3D 1; - regs->rax =3D valid_vmcb12_gpa; } =20 -static void l2_guest_code(void) +static void l2_code(void) { GUEST_SYNC(SYNC_L2_STARTED); vmcall(); } =20 -static void l1_guest_code(struct svm_test_data *svm, u64 invalid_vmcb12_gp= a) +static void l1_vmrun(struct svm_test_data *svm, u64 gpa) { - unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE]; + generic_svm_setup(svm, l2_code, &l2_guest_stack[L2_GUEST_STACK_SIZE]); =20 - generic_svm_setup(svm, l2_guest_code, - &l2_guest_stack[L2_GUEST_STACK_SIZE]); + asm volatile ("vmrun %[gpa]" : : [gpa] "a" (gpa) : "memory"); +} =20 - valid_vmcb12_gpa =3D svm->vmcb_gpa; +static void l1_vmload(struct svm_test_data *svm, u64 gpa) +{ + generic_svm_setup(svm, l2_code, &l2_guest_stack[L2_GUEST_STACK_SIZE]); =20 - run_guest(svm->vmcb, invalid_vmcb12_gpa); /* #GP */ + asm volatile ("vmload %[gpa]" : : [gpa] "a" (gpa) : "memory"); +} + +static void l1_vmsave(struct svm_test_data *svm, u64 gpa) +{ + generic_svm_setup(svm, l2_code, &l2_guest_stack[L2_GUEST_STACK_SIZE]); + + asm volatile ("vmsave %[gpa]" : : [gpa] "a" (gpa) : "memory"); +} + +static void l1_vmexit(struct svm_test_data *svm, u64 gpa) +{ + generic_svm_setup(svm, l2_code, &l2_guest_stack[L2_GUEST_STACK_SIZE]); =20 - /* GP handler should jump here */ + run_guest(svm->vmcb, svm->vmcb_gpa); GUEST_ASSERT(svm->vmcb->control.exit_code =3D=3D SVM_EXIT_VMMCALL); GUEST_DONE(); } =20 -int main(int argc, char *argv[]) +static u64 unmappable_gpa(struct kvm_vcpu *vcpu) +{ + struct userspace_mem_region *region; + u64 region_gpa_end, vm_gpa_end =3D 0; + int i; + + hash_for_each(vcpu->vm->regions.slot_hash, i, region, slot_node) { + region_gpa_end =3D region->region.guest_phys_addr + region->region.memor= y_size; + vm_gpa_end =3D max(vm_gpa_end, region_gpa_end); + } + + return vm_gpa_end; +} + +static void test_invalid_vmcb12(struct kvm_vcpu *vcpu) { - struct kvm_x86_state *state; vm_vaddr_t nested_gva =3D 0; - struct kvm_vcpu *vcpu; - uint32_t maxphyaddr; - u64 max_legal_gpa; - struct kvm_vm *vm; struct ucall uc; =20 - TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SVM)); =20 - vm =3D vm_create_with_one_vcpu(&vcpu, l1_guest_code); vm_install_exception_handler(vcpu->vm, GP_VECTOR, guest_gp_handler); - - /* - * Find the max legal GPA that is not backed by a memslot (i.e. cannot - * be mapped by KVM). - */ - maxphyaddr =3D kvm_cpuid_property(vcpu->cpuid, X86_PROPERTY_MAX_PHY_ADDR); - max_legal_gpa =3D BIT_ULL(maxphyaddr) - PAGE_SIZE; - vcpu_alloc_svm(vm, &nested_gva); - vcpu_args_set(vcpu, 2, nested_gva, max_legal_gpa); - - /* VMRUN with max_legal_gpa, KVM injects a #GP */ + vcpu_alloc_svm(vcpu->vm, &nested_gva); + vcpu_args_set(vcpu, 2, nested_gva, -1ULL); vcpu_run(vcpu); + TEST_ASSERT_KVM_EXIT_REASON(vcpu, KVM_EXIT_IO); TEST_ASSERT_EQ(get_ucall(vcpu, &uc), UCALL_SYNC); TEST_ASSERT_EQ(uc.args[1], SYNC_GP); +} + +static void test_unmappable_vmcb12(struct kvm_vcpu *vcpu) +{ + vm_vaddr_t nested_gva =3D 0; + + vcpu_alloc_svm(vcpu->vm, &nested_gva); + vcpu_args_set(vcpu, 2, nested_gva, unmappable_gpa(vcpu)); + vcpu_run(vcpu); + + TEST_ASSERT_KVM_EXIT_REASON(vcpu, KVM_EXIT_INTERNAL_ERROR); + TEST_ASSERT_EQ(vcpu->run->emulation_failure.suberror, KVM_INTERNAL_ERROR_= EMULATION); +} + +static void test_unmappable_vmcb12_vmexit(struct kvm_vcpu *vcpu) +{ + struct kvm_x86_state *state; + vm_vaddr_t nested_gva =3D 0; + struct ucall uc; =20 /* - * Enter L2 (with a legit vmcb12 GPA), then overwrite vmcb12 GPA with - * max_legal_gpa. KVM will fail to map vmcb12 on nested VM-Exit and + * Enter L2 (with a legit vmcb12 GPA), then overwrite vmcb12 GPA with an + * unmappable GPA. KVM will fail to map vmcb12 on nested VM-Exit and * cause a shutdown. */ + vcpu_alloc_svm(vcpu->vm, &nested_gva); + vcpu_args_set(vcpu, 2, nested_gva, unmappable_gpa(vcpu)); vcpu_run(vcpu); TEST_ASSERT_KVM_EXIT_REASON(vcpu, KVM_EXIT_IO); TEST_ASSERT_EQ(get_ucall(vcpu, &uc), UCALL_SYNC); TEST_ASSERT_EQ(uc.args[1], SYNC_L2_STARTED); =20 state =3D vcpu_save_state(vcpu); - state->nested.hdr.svm.vmcb_pa =3D max_legal_gpa; + state->nested.hdr.svm.vmcb_pa =3D unmappable_gpa(vcpu); vcpu_load_state(vcpu, state); vcpu_run(vcpu); TEST_ASSERT_KVM_EXIT_REASON(vcpu, KVM_EXIT_SHUTDOWN); =20 kvm_x86_state_cleanup(state); - kvm_vm_free(vm); - return 0; +} + +KVM_ONE_VCPU_TEST_SUITE(vmcb12_gpa); + +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmrun_invalid, l1_vmrun) +{ + test_invalid_vmcb12(vcpu); +} + +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmload_invalid, l1_vmload) +{ + test_invalid_vmcb12(vcpu); +} + +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmsave_invalid, l1_vmsave) +{ + test_invalid_vmcb12(vcpu); +} + +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmrun_unmappable, l1_vmrun) +{ + test_unmappable_vmcb12(vcpu); +} + +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmload_unmappable, l1_vmload) +{ + test_unmappable_vmcb12(vcpu); +} + +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmsave_unmappable, l1_vmsave) +{ + test_unmappable_vmcb12(vcpu); +} + +/* + * Invalid vmcb12_gpa cannot be test for #VMEXIT as KVM_SET_NESTED_STATE w= ill + * reject it. + */ +KVM_ONE_VCPU_TEST(vmcb12_gpa, vmexit_unmappable, l1_vmexit) +{ + test_unmappable_vmcb12_vmexit(vcpu); +} + +int main(int argc, char *argv[]) +{ + TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SVM)); + + return test_harness_run(argc, argv); } --=20 2.53.0.851.ga537e3e6e9-goog From nobody Tue Apr 7 02:34:19 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8AB2A3F0AB9; Mon, 16 Mar 2026 20:27:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692866; cv=none; b=PRd7F4xpDQ5kF1UYvR7zed7UdKLg/z1i/QXyWAchvmZFd0LDG7E3+4YDnTk4X/9ujEmA0ltqV9UVnIx2UteAlhsmJgEAqTxii7QypYQqxGEGumx6hF3ojwTxVL9fBz4Wod7LMB+uKSgy5ZL2GaRL4aqaSarVWqZJ+v6229woT9I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773692866; c=relaxed/simple; bh=1GBVDpxhiKQR9Qr5dCENGk8SY6ddmFWjDrNwoXXxb+I=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Pdrmz9fMjozEBxXi0hcsPdx0MHwUzqc5IUrSEIlKFjWxNPoi0PsTE92RTA2JOu4E2jBuMU7xBoUeY//N8z6HKczat/c+ZSNoHU2ilhk0QA0dEJwgY7bBs/54WfLW2qkxJQ/9AzAbUt5pmYSJnsqaiuGRn/Wqn21DIg4YCMCEQKU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=CgSnad3d; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="CgSnad3d" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2DFB2C2BCB8; Mon, 16 Mar 2026 20:27:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773692866; bh=1GBVDpxhiKQR9Qr5dCENGk8SY6ddmFWjDrNwoXXxb+I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CgSnad3dxLABuxEqOk7qttxHkmUkmiwT+4N0y0Y/P5jFKPxxQofVV3DeK/l1mfsxy IpUSoyMuih6QkMz9adEtvxth3PfSNBVqCO4+G/Dsbxq16V4klTsSKBXnvNnVDTQ4dQ Rj3AG4CtYqp7osreb9nihLc1iRvHz+q2+tequl1+9AQMcGFXBwhEqVN4jdreyOHU+g Ia0xPIYTjKrdBSD5uQoW+L0J7Gq8oU35xB9+aUBZpfBJTOdKsFNXac0OoS1vyeHIrK fzT5Stqs7FtuaPYs/IBGylQmAtlnvrcWt3TWwsJm/trGHDn6L/YbPSr8LVlGiHVeV0 UWttLwPd8idBQ== From: Yosry Ahmed To: Sean Christopherson Cc: Paolo Bonzini , Jim Mattson , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yosry Ahmed Subject: [PATCH v4 9/9] KVM: selftests: Drop 'invalid' from svm_nested_invalid_vmcb12_gpa's name Date: Mon, 16 Mar 2026 20:27:32 +0000 Message-ID: <20260316202732.3164936-10-yosry@kernel.org> X-Mailer: git-send-email 2.53.0.851.ga537e3e6e9-goog In-Reply-To: <20260316202732.3164936-1-yosry@kernel.org> References: <20260316202732.3164936-1-yosry@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The test checks both invalid GPAs as well as unmappable GPAs, so drop 'invalid' from its name. Signed-off-by: Yosry Ahmed --- tools/testing/selftests/kvm/Makefile.kvm | 2 +- ...{svm_nested_invalid_vmcb12_gpa.c =3D> svm_nested_vmcb12_gpa.c} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename tools/testing/selftests/kvm/x86/{svm_nested_invalid_vmcb12_gpa.c = =3D> svm_nested_vmcb12_gpa.c} (100%) diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index 3d372d78a2756..02fa13d4ad4f1 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -112,9 +112,9 @@ TEST_GEN_PROGS_x86 +=3D x86/vmx_preemption_timer_test TEST_GEN_PROGS_x86 +=3D x86/svm_vmcall_test TEST_GEN_PROGS_x86 +=3D x86/svm_int_ctl_test TEST_GEN_PROGS_x86 +=3D x86/svm_nested_clear_efer_svme -TEST_GEN_PROGS_x86 +=3D x86/svm_nested_invalid_vmcb12_gpa TEST_GEN_PROGS_x86 +=3D x86/svm_nested_shutdown_test TEST_GEN_PROGS_x86 +=3D x86/svm_nested_soft_inject_test +TEST_GEN_PROGS_x86 +=3D x86/svm_nested_vmcb12_gpa TEST_GEN_PROGS_x86 +=3D x86/svm_lbr_nested_state TEST_GEN_PROGS_x86 +=3D x86/tsc_scaling_sync TEST_GEN_PROGS_x86 +=3D x86/sync_regs_test diff --git a/tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.= c b/tools/testing/selftests/kvm/x86/svm_nested_vmcb12_gpa.c similarity index 100% rename from tools/testing/selftests/kvm/x86/svm_nested_invalid_vmcb12_gpa.c rename to tools/testing/selftests/kvm/x86/svm_nested_vmcb12_gpa.c --=20 2.53.0.851.ga537e3e6e9-goog