From nobody Sun Jun 14 09:53:37 2026
Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com
 [209.85.214.170])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4047B22B5AC
	for <linux-kernel@vger.kernel.org>; Thu,  2 Apr 2026 05:20:07 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.170
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775107208; cv=none;
 b=JCBdbWs72PEMJm6+79/eH59Lnd3ED2da1uLBXsGKe7AWcfpupT9tI/q6qFyRqyTICiuYZzO5ox+SZHLoCePxHfnzU9yvQXuRDbFGJ9xBP2eca0lOZ9l4UTMn0+KzwPvqQqZbpu2kFkuTCNUycVi+hCaCdG7rX0ubxqx9hEeoP8w=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775107208; c=relaxed/simple;
	bh=rirG7dXdlaZs85SD2FS2kk5f6PLtuyhPDVjoQlUhFFs=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
 b=fDcNb1dvL33NDNwgl738lE3kVV+7AjINfUWEFHM06l6jrbflDlilI5atcefOld31ZhfB6YttbcwUD8mNrxYmhm0D81qW+gIVGJeJN1z57U2V5En6ABgOgctkJenki1CvNgR5iPrE6hPWW0Fied41e0ez/38R+sF9e+K3IWUJ9t0=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com;
 spf=pass smtp.mailfrom=gmail.com;
 dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b=rVxSkwSQ; arc=none smtp.client-ip=209.85.214.170
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="rVxSkwSQ"
Received: by mail-pl1-f170.google.com with SMTP id
 d9443c01a7336-2ae1255a90bso493245ad.1
        for <linux-kernel@vger.kernel.org>;
 Wed, 01 Apr 2026 22:20:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1775107206; x=1775712006;
 darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=Xaxw8FD+mFZydbFnh3nyyzgdnrrrUvvU4FLHJUXGXks=;
        b=rVxSkwSQcxAPMiTMYgi5VMqdOGLQ9JqiZodBFW/HznBFeXcgtFaD/syGMT8TFgzVzZ
         Ib8bXdmcQZlGQRNiy5A6g+NDWcUSOPcoWvy/MNoUn24Q/tmodo9GHzf07joG9vRNry6s
         iaWUybbX9szcxBvhN6QGFQxmsuuOUAvmBzvF+9yeawHgCBS5qmNhyD01t8XYjmKzQwVt
         0aV5C9Kw6vcBfLA+754fMmI0S02G44aHmnunvCFSMUUXNVYKA4lmxPKsLtNA2b+Ft5Oy
         2d9AmGA1HtuRZdYBCj9rgsFKvg4F918QvIvX0UP1RomFMjENHp6+77hOu3BSiKXd0PMV
         KfvQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775107206; x=1775712006;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=Xaxw8FD+mFZydbFnh3nyyzgdnrrrUvvU4FLHJUXGXks=;
        b=KKu4/ZK7zPCk9mWmXKQgNF1QZdApivFonBN8V6KAMVk8rtnmE7zDTIa6zY6ag2KkrY
         FqvR8Jn0obYQSuy2SDcX0jVeZ4fjcVVIRRAYUIH8pPCV131wk5FgPhGLzd4tWAo5XHch
         PfGA+E27p2S5XjFdW264mu8S76HCWecCJS4egOcncv1obyAzIogFz08/jj4oc1eh2xlt
         S2fTl9Gh8hdSSKLLuUcjpI/zNZET76wTUC+QfspTpIBF86eMeGg55WCLluSbV7Yo8xtS
         syXw6m59Qc5nvX6CGKQ7j1KHKoe6zuZU+9DS/JKVII9zRd7uRrsOYVp0dbpV2UAmhO/k
         vB9A==
X-Forwarded-Encrypted: i=1;
 AJvYcCXLSBfA2yjqni4mn6uXKhWa9bsY+INaOpK4rjU2cxiGZqbhgaATU8AmmExDnnQiqyNGi1hxyQD6q1wta0c=@vger.kernel.org
X-Gm-Message-State: AOJu0YxdxMp69FWIm5CG9FpbTJPQg3vSuPWAoD4KGWCe2rtjLa3viORl
	DlGiIBxUnpwLrukn0i+x8VUz3im0eR0GCZQ4BwLoVwQG1BGKtz8XUiE3
X-Gm-Gg: AeBDieuZ7v9luS/sSHsGPKFlhpymnkyBtqj8uoRBUse2MHD8fzyPRFo5rlcb+epywpb
	J8d0CbYOBMb5v1aWKZ+yTauvTl8jgqIRdDKdF6CaBgYmkaJz6iuMlPH5FfjciW+iKBGv7jCgywA
	mT3Xdv3qWGCPiqOWWBQNw8sDNKSUvnIZNgK93pgM3tWz85vp8i64gWp63twimv9o3HAyEROIM1e
	3l3uQNqLMEkfnLM8YPuzga+zbJ1iYg9rjZqtYMIczHQH3Hiw/tRds8HDaHdw0EV11Z8LseRHQmh
	4Wm/VPNwoEbXWcjYNfIhTd5dbwUpk7YVk+Xnd2Pv5xECspKg9xGbK0hEnZ626cFtghTY+QTvoJF
	GORaKPYhlL/SrFjPAy3Hb/voZE1dCANkvqjMAXWZWHAWEzr5tV2SrJWB7YIC8a/8ybRORFoU2qE
	4RhnFggaV+7M18tNlpTDRp2m2cPbEtCUPKbmvO+c26OsKHKHaCfA8htx64nhsNaNYMLhQ=
X-Received: by 2002:a17:90a:ec86:b0:35b:a241:ffb2 with SMTP id
 98e67ed59e1d1-35dc703b635mr3600154a91.7.1775107206477;
        Wed, 01 Apr 2026 22:20:06 -0700 (PDT)
Received: from BraveProgrammer ([2402:e280:3d94:585:407a:b266:f3b0:4e10])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-35dd36a1d04sm1841668a91.17.2026.04.01.22.20.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 01 Apr 2026 22:20:05 -0700 (PDT)
From: BraveProgrammer <spujari79@gmail.com>
To: seanjc@google.com,
	pbonzini@redhat.com
Cc: yan.y.zhao@intel.com,
	kai.huang@intel.com,
	binbin.wu@linux.intel.com,
	vipinsh@google.com,
	kvm@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	BraveProgrammer <spujari79@gmail.com>
Subject: [PATCH] KVM TDP MMU FIXES- Replaced unsafe panic calls with proper
 error handling
Date: Thu,  2 Apr 2026 10:49:40 +0530
Message-ID: <20260402051940.1051-1-spujari79@gmail.com>
X-Mailer: git-send-email 2.52.0.windows.1
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Unsafe Panic Calls Converted to BUG() AND BUG_ON()
AND
Added Proper error handling: Using WARN_ON_ONCE(), pr_err()

Signed-off-by: BraveProgrammer <spujari79@gmail.com>
---
 arch/x86/kvm/mmu/tdp_mmu.c | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c
index 9c26038f6b77..3396bf157716 100644
--- a/arch/x86/kvm/mmu/tdp_mmu.c
+++ b/arch/x86/kvm/mmu/tdp_mmu.c
@@ -590,14 +590,15 @@ static void handle_changed_spte(struct kvm *kvm, int =
as_id, gfn_t gfn,
 		pr_err("Invalid SPTE change: cannot replace a present leaf\n"
 		       "SPTE with another present leaf SPTE mapping a\n"
 		       "different PFN!\n"
-		       "as_id: %d gfn: %llx old_spte: %llx new_spte: %llx level: %d",
+		       "as_id: %d gfn: %llx old_spte: %llx new_spte: %llx level: %d\n",
 		       as_id, gfn, old_spte, new_spte, level);
=20
 		/*
-		 * Crash the host to prevent error propagation and guest data
-		 * corruption.
+		 * Return early to prevent invalid SPTE from being set.
+		 * This prevents guest data corruption while allowing the VM to continue
+		 * in a degraded state for debugging purposes.
 		 */
-		BUG();
+		return;
 	}
=20
 	if (old_spte =3D=3D new_spte)
@@ -1453,9 +1454,12 @@ static bool wrprot_gfn_range(struct kvm *kvm, struct=
 kvm_mmu_page *root,
 	u64 new_spte;
 	bool spte_set =3D false;
=20
-	rcu_read_lock();
+	if (WARN_ON_ONCE(min_level > KVM_MAX_HUGEPAGE_LEVEL)) {
+		pr_err("Invalid min_level %d for write protection range operation\n", mi=
n_level);
+		return false;
+	}
=20
-	BUG_ON(min_level > KVM_MAX_HUGEPAGE_LEVEL);
+	rcu_read_lock();
=20
 	for_each_tdp_pte_min_level(iter, kvm, root, min_level, start, end) {
 retry:
@@ -1887,7 +1891,10 @@ static bool write_protect_gfn(struct kvm *kvm, struc=
t kvm_mmu_page *root,
 	u64 new_spte;
 	bool spte_set =3D false;
=20
-	BUG_ON(min_level > KVM_MAX_HUGEPAGE_LEVEL);
+	if (WARN_ON_ONCE(min_level > KVM_MAX_HUGEPAGE_LEVEL)) {
+		pr_err("Invalid min_level %d for write protection operation\n", min_leve=
l);
+		return false;
+	}
=20
 	rcu_read_lock();
=20
--=20
2.52.0.windows.1