From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A3C853A5E91
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:30 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775778991; cv=none;
 b=eWaLJKBqxOhQwF21zZK75urqMEaJ25qfFqdVbq38kqYnFtVUribFi0F4G0bjpH1XHqvXKQUgbT/E6meYW0obSS0FPEhg+Z5vJcsmQ7XqfpEysyoHat7pHOi2stmjfgioxo3ChhQ3vt1jsTQQgLM2Lft/KOBZmGl1PFlDQqvogxE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775778991; c=relaxed/simple;
	bh=JsiC/XjSCqKP1Cd9Q+Ix840xnWilFLBQH56lYOiVJto=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=ixMNHIhdSV0ygJz3i9CRwAm7ap2sLuN5AW+VQpS7V8M+PL0WsLF0/YQDvK8E2juKt+3CdV1ftgL2yP7g6pDGqPY40kNF4CbNrTZbkzJ/cr/La4ADGn7jUe620n8+kOXeE+V6I3Np9fhKLCYnpG73TQTcZgbBxT4SSxykp4r5P7w=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=CLfOGTzO; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="CLfOGTzO"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c7423ba5342so1999217a12.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775778990; x=1776383790;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=deDcu8n2v8p5FlCX7LhW5GUMlSsTJvruPtHOM5dkIxs=;
        b=CLfOGTzO5OnM6wR3Ka/ZjTOzGvIZWIIyGrxm1py1iWEjV2NOV5aUxOAn9W1nzGzoLv
         5f0fI557652bzo4wvhG4I5Co+J03W128+aMGCyI98t6KdD5xvR5No3P2p0h9q2sAMzLh
         3AQxM/xuFzQjVqV5NXTuGbMXKJJ/jq4/RkrZHXlD3QMIk3n7sW2i+6JZFDiCqrhwjOMe
         EQfSwgqVY+TnnSrrBG/2v5FWPG8EI5R9i47zq7HNMi2g1IY8YkkcWzHYbqPSePtVr41S
         6PYhzzygiSO4UL2M4is9aR2CzfLezfjCxGVA/6AiKP6mVZFfwjJe1S4t2WM2NAXRhjUK
         tkng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775778990; x=1776383790;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=deDcu8n2v8p5FlCX7LhW5GUMlSsTJvruPtHOM5dkIxs=;
        b=dl1+zE2hXIGiCPkanwJbbD5W2tlG5fzjN2VafM8XJJxdTq3+iHg68qMVqAQemuEP8J
         HjIN+VoSr5Pyz3Ldqqa8GZ95h7FFjF9Bx7oT5TvIMm3QWUblq3/5UdZYdXUZxZB5Jnj7
         +WQ4X3gVkipv0TC/XyGvnoGgn8JExpsnp7vyKyUI/yx4aNmSaiYkAufhlx2XyWl8r+bc
         IsDvSKIP1TdvqAoisKPUewZe1LtPUiljBtKkR7bLfCyQaUnCxBD2dOMDbjmvp9avBCCu
         a08EZ2eR6Dm/b6Thc5QlD3cXmbRwOk2ZT/RKAAA6F3D3FrXRU97MQOFxOXmDi6zeF5OZ
         YhAw==
X-Forwarded-Encrypted: i=1;
 AJvYcCUFv0d1OChcXaw96lC+BXo4/xhjpTUfXVnML7H3PE1QTcPYd1vf9cXEbyggNtcnSmjUtB/KvQkqTl4stEc=@vger.kernel.org
X-Gm-Message-State: AOJu0Yxi08tE4mTEjEq3o5ifdEkfgJzgF56guITeVr9jn93LvuOyyar/
	OxZIRiX+jPm5yQGWHzkEHyceX7x7opQX+g2laJqK5a+zm95D9K4TXTT/Yb3gwDcM2+k0nMNfEbC
	K9Jsxag==
X-Received: from pfzz15.prod.google.com ([2002:a05:6a00:1ef:b0:82c:e899:f08d])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:548d:b0:398:8db5:4131
 with SMTP id adf61e73a8af0-39fe3c9107bmr929718637.9.1775778989753; Thu, 09
 Apr 2026 16:56:29 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:12 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-2-seanjc@google.com>
Subject: [PATCH 01/11] KVM: SVM: Truncate INVLPGA address in compatibility
 mode
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Check for full 64-bit mode, not just long mode, when truncating the
virtual address as part of INVLPGA emulation.  Compatibility mode doesn't
support 64-bit addressing.

Note, the FIXME still applies, e.g. if the guest deliberately targeted
EAX while in 64-bit via an address size override.  That flaw isn't worth
fixing as it would require decoding the code stream, which would open a
an entirely different can of worms, and in practice no sane guest would
shove garbage into RAX[63:32] and execute INVLPGA.

Note #2, VMSAVE, VMLOAD, and VMRUN all suffer from the same architectural
flaw of not providing the full linear address in a VMCB exit information
field, because, quoting the APM verbatim:

  the linear address is available directly from the guest rAX register

(VMSAVE, VMLOAD, and VMRUN take a physical address, but they're behavior
with respect to rAX is otherwise identical).

Fixes: bc9eff67fc35 ("KVM: SVM: Use default rAX size for INVLPGA emulation")
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Yosry Ahmed <yosry@kernel.org>
---
 arch/x86/kvm/svm/svm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index e7fdd7a9c280..a1b2e4152afe 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2385,7 +2385,7 @@ static int invlpga_interception(struct kvm_vcpu *vcpu)
 		return 1;
=20
 	/* FIXME: Handle an address size prefix. */
-	if (!is_long_mode(vcpu))
+	if (!is_64_bit_mode(vcpu))
 		gva =3D (u32)gva;
=20
 	trace_kvm_invlpga(to_svm(vcpu)->vmcb->save.rip, asid, gva);
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA06E3A544E
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:32 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775778993; cv=none;
 b=ZySxINnUokThU4O1amVJq/0tQ8e1U1k/DEIcQ6Vh8dsd1IsCC8PvVAaQOtvSi1nH8gZcgo6iBzpO7M1Lkp1MwcbhL8VEt3zvce/61D8ZYf7nP2DvQKJC2JSn4vwF2qXoL/1hBnpWkivVft1Gbb1vOvfJ/Cce7Go01YIg6fkJFDE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775778993; c=relaxed/simple;
	bh=MLPbDs7G9OqZY/ATYYqkDlE0YrwaC5HEkVfQitezKW0=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=a10C+3KY6OaQA7/L4Wgu/oK7BOmp/NsV/R1bFtG9y97a8lcwJxAQQBBhvGK0ezR3zbfO8ceCyzmBTirGZeVL2EkzRFwMs7e4p6V9jBrwsNCZV/bxYKwL2hgV3QV29+6hmDmmhv6WtOTKcGsGDHjA4uSFiwIocXQAGbdAwiRa/8k=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=WEKwJbK5; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="WEKwJbK5"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-2b2489af602so12889565ad.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775778992; x=1776383792;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=kvn3DIliRC0vkcJ5m6p3NVdVRox9S3W73snYIAUbEYg=;
        b=WEKwJbK5T+pAAOtT56/2OujCCD7ub1UTxyM8oHL1gq+oqFwEFuvq9/igUHqIdiHpPO
         zYxtkqe0Z597t9M1jGcZXVReI4+jQ7rHC+Ck+fd1jfZ5u8WLeH+MsYa6QHnlW6I/DGoX
         mhd3JVXt2FL2dywPLBYfT2zyZGv7W10n3apvYr3l76zqNSPXrVkQc0p4taWMGmeLzBu4
         vXoGWDzdffHcj+u4rw9l1RZ1efQ6kC33omL5VnPp0dtw2sNahIsAku7J2txTOx324lCw
         p2nDcu9QKZWo85PGkf3ZGiNtILE1ibELNKHUw+UQ604MLfeQZROYOs5VbDCx+yJpe0Te
         9FWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775778992; x=1776383792;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=kvn3DIliRC0vkcJ5m6p3NVdVRox9S3W73snYIAUbEYg=;
        b=Puidmp8sTCDMuTxcedXNtr54Wzeoq9BWuJmd3f/+7y9g37z6qxuNo460a71zpH/iO4
         YFYBvXkzAnMRgnFspqpnyU2m6l5p18WZLRghegC/O3Y8Ct9JMFMFUlfCsYgpaYavStIj
         OhXWk4gcMcVH0f7tQ1gSECklvPEyim89OzU/anKBz0ujMTgFiyOdZXN06G52KTLDy6zO
         JL7i7VjgHe7dJ8rxg4B43PzSGprZaZpudnsOIHeFdDqxYY5w0efeSr6CKPPiahDZw5hy
         10WtDwg9/K0IvU1mhvqUXzJKq7ep9DYoHaZPSwxyIq+rmJoXjp/r0B1DAlzTzj3wObZL
         V4QQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCUhB5LCTHF2jZNm6lK1c5rjvJzI4zw9zKU6fKA4qaS5QwB88+G9du8QjQ9Nu1xA9d0SHCn6M8WZvmhfPSg=@vger.kernel.org
X-Gm-Message-State: AOJu0Yzdyo6aPdA79cljapxR80gyjB/CEN06261MJt6HOkDYi8RssO6k
	tKBC8uP80LfJjC98O+PGTTaxeZcwt3o1r+p0fMZyyGWQVwWETPNLJtn48xUNYeZgxVZb06wC0zk
	YLQCAqQ==
X-Received: from plrx22.prod.google.com ([2002:a17:902:b416:b0:2ae:815a:73f4])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:120a:b0:2b2:6cab:3127
 with SMTP id d9443c01a7336-2b2d5d7a278mr6355145ad.20.1775778991635; Thu, 09
 Apr 2026 16:56:31 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:13 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-3-seanjc@google.com>
Subject: [PATCH 02/11] KVM: x86/xen: Bug the VM if 32-bit KVM observes a
 64-bit mode hypercall
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Bug the VM if 32-bit KVM attempts to handle a 64-bit hypercall, primarily
so that a future change to set "input" in mode-specific code doesn't
trigger a false positive warn=3D>error:

  arch/x86/kvm/xen.c:1687:6: error: variable 'input' is used uninitialized
                                    whenever 'if' condition is false [-Werr=
or,-Wsometimes-uninitialized]
   1687 |         if (!longmode) {
        |             ^~~~~~~~~
  arch/x86/kvm/xen.c:1708:31: note: uninitialized use occurs here
   1708 |         trace_kvm_xen_hypercall(cpl, input, params[0], params[1],=
 params[2],
        |                                      ^~~~~
  x86/kvm/xen.c:1687:2: note: remove the 'if' if its condition is always tr=
ue
   1687 |         if (!longmode) {
        |         ^~~~~~~~~~~~~~
  arch/x86/kvm/xen.c:1677:11: note: initialize the variable 'input' to sile=
nce this warning
   1677 |         u64 input, params[6], r =3D -ENOSYS;
        |                  ^
  1 error generated.

Note, params[] also has the same flaw, but -Wsometimes-uninitialized
doesn't seem to be enforced for arrays, presumably because it's difficult
to avoid false positives on specific entries.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/xen.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
index 91fd3673c09a..6d9be74bb673 100644
--- a/arch/x86/kvm/xen.c
+++ b/arch/x86/kvm/xen.c
@@ -1694,16 +1694,19 @@ int kvm_xen_hypercall(struct kvm_vcpu *vcpu)
 		params[4] =3D (u32)kvm_rdi_read(vcpu);
 		params[5] =3D (u32)kvm_rbp_read(vcpu);
 	}
-#ifdef CONFIG_X86_64
 	else {
+#ifdef CONFIG_X86_64
 		params[0] =3D (u64)kvm_rdi_read(vcpu);
 		params[1] =3D (u64)kvm_rsi_read(vcpu);
 		params[2] =3D (u64)kvm_rdx_read(vcpu);
 		params[3] =3D (u64)kvm_r10_read(vcpu);
 		params[4] =3D (u64)kvm_r8_read(vcpu);
 		params[5] =3D (u64)kvm_r9_read(vcpu);
-	}
+#else
+		KVM_BUG_ON(1, vcpu->kvm);
+		return -EIO;
 #endif
+	}
 	cpl =3D kvm_x86_call(get_cpl)(vcpu);
 	trace_kvm_xen_hypercall(cpl, input, params[0], params[1], params[2],
 				params[3], params[4], params[5]);
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C1BD13A6B74
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:34 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775778995; cv=none;
 b=QTm0iTvAxSoiEoImyKbxapyduW7vePhkCN7ZMMN73je5djUUBCBKyUKF3cQvl+zIk0SmmFqlU7MStHbQJ44TNz9+BbVrfjczLJBqeTs4jwtgqEfmd0memgYjV4O2gRm23bII6nuTC6SdrG4sgBZHx5uVFXjJherLOBpHMPjxJwU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775778995; c=relaxed/simple;
	bh=8luSUTiSxiEmwv2/oJj3HyqMubdjdwcxJD07lIZ3FUU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=XiCmdA+OMgrsKHnEsEiJIreszen1nJ5FAAoF75XFxAnIztbwm0AY6jfAHEFjGlCuVo6RRG5Qgl2+f0N1elcgjV/UiiaaPIeQmJy3DInZa0HXpW32ENI0sZupIOw2jh/Mx/b3KxIopirdTF7AFOTohfrDdnp1zJoowufLZqk4zhY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=fKquPUSs; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="fKquPUSs"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-82a6906e35fso1142813b3a.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775778994; x=1776383794;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=Y+obVz777OwFP+JzReVag0dKSAF2HbbEGxk5Pup5au8=;
        b=fKquPUSsfAuzo55WAgUNQK3/xZxxv2mp/AoZlerz1BI75VP6ermF3vqa7O8kfy1s8W
         PKtdhQHpa7My8FiANHqE3/bqiKmdPZSXCAHR484+TCRyOipFBOYjFUTQ78FXtLE939ba
         uW7iKahxkh021L3wKpIeLzQcmZdbJsy4dpRoIKxM9Gdn+9mIUhOeJJCo7/qPKa6vlg0f
         EZMoZFdWhymK7ZNN7v/IdQq4csnS5c1PR9kbQ+3kE3sCQYTwqMVwvMeWZOKgleTgjeNn
         bxK9ra6b+eE0xldsyYeC1I5ViG0RZqKboNMmk3maZHbMF47647I7V3eX2PZHeMED1Luw
         NCMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775778994; x=1776383794;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Y+obVz777OwFP+JzReVag0dKSAF2HbbEGxk5Pup5au8=;
        b=H8PdcQaW2Owmp8TNPJeabz1AUuiwY8zG1sOdkSlpAv292FY6pVjURBir6vZ9puccFb
         kistanyYvWehgaI8+ldy23fkNiQplNx+cYCS1j/ThdoA4bwB6NXIGg6WtW0QhwZ1ELUx
         06w8jMSB1AmD9UVw2Cm4SdewUPEnc8SlqgapmKrOrQCootUCTn2xmKNNh9akXBt1O/p+
         e4wELG0CmHAOCNitvIkjF4LSs+hm2LT4ZVFpP8n5jjKyrpXD5lIthl/l+/H+0NP7NutD
         LlPYlrREEv/vKJtfj+HdFXcUMvwxay0UKCqeKafGEARVg6eL57goBHONoSB8hKDQPDam
         NaGw==
X-Forwarded-Encrypted: i=1;
 AJvYcCUZn0Y/Psag9W22O2+oym4USeryyOFdHkzihT2SvKA8Lam19DrAzeeDDtW9A9TAV9CVyrEEYyQz4ZVus/s=@vger.kernel.org
X-Gm-Message-State: AOJu0YwoNl4QW3JTZkXNj9C3kP7aBKCZS1oZvIiAba5arGL2/L1H9W4X
	yi3FCaGtf4GPNvwXcA4mRN3489yGTwFUXuTRcZokGL4C6RA9z6/I0WtS2tshR57Riq7vJnUTPvz
	ATcyF6Q==
X-Received: from pfbhd4.prod.google.com
 ([2002:a05:6a00:6584:b0:829:93d2:8904])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:1306:b0:82a:146d:36a3
 with SMTP id d2e1a72fcca58-82f0d34b279mr656582b3a.21.1775778993594; Thu, 09
 Apr 2026 16:56:33 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:14 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-4-seanjc@google.com>
Subject: [PATCH 03/11] KVM: x86/xen: Don't truncate RAX when handling
 hypercall from protected guest
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Don't truncate RAX when handling a Xen hypercall for a guest with protected
state, as KVM's ABI is to assume the guest is in 64-bit for such cases
(the guest leaving garbage in 63:32 after a transition to 32-bit mode is
far less likely than 63:32 being necessary to complete the hypercall).

Fixes: b5aead0064f3 ("KVM: x86: Assume a 64-bit hypercall for guests with p=
rotected state")
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/xen.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
index 6d9be74bb673..895095dc684e 100644
--- a/arch/x86/kvm/xen.c
+++ b/arch/x86/kvm/xen.c
@@ -1678,15 +1678,14 @@ int kvm_xen_hypercall(struct kvm_vcpu *vcpu)
 	bool handled =3D false;
 	u8 cpl;
=20
-	input =3D (u64)kvm_register_read(vcpu, VCPU_REGS_RAX);
-
 	/* Hyper-V hypercalls get bit 31 set in EAX */
-	if ((input & 0x80000000) &&
+	if ((kvm_rax_read(vcpu) & 0x80000000) &&
 	    kvm_hv_hypercall_enabled(vcpu))
 		return kvm_hv_hypercall(vcpu);
=20
 	longmode =3D is_64_bit_hypercall(vcpu);
 	if (!longmode) {
+		input =3D (u32)kvm_rax_read(vcpu);
 		params[0] =3D (u32)kvm_rbx_read(vcpu);
 		params[1] =3D (u32)kvm_rcx_read(vcpu);
 		params[2] =3D (u32)kvm_rdx_read(vcpu);
@@ -1696,6 +1695,7 @@ int kvm_xen_hypercall(struct kvm_vcpu *vcpu)
 	}
 	else {
 #ifdef CONFIG_X86_64
+		input =3D (u64)kvm_rax_read(vcpu);
 		params[0] =3D (u64)kvm_rdi_read(vcpu);
 		params[1] =3D (u64)kvm_rsi_read(vcpu);
 		params[2] =3D (u64)kvm_rdx_read(vcpu);
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com
 [209.85.210.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 697863A6EE3
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:36 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775778997; cv=none;
 b=L4WUIRfJ8HAIuppXHHCn7GVdLQt74pu6P/ghbV7uj9F1BT0slfP/STDa8pYG9q9gJHxVmF7YXTPSSXqodBMchF/mT0CIBU7hmIVgN+wHqjYoxizhg3lohwxT2E0TfQFEzXDxbF5gDNrqxLVyx71x2eKKwEGr+WHVRzhPBuysrrY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775778997; c=relaxed/simple;
	bh=SwVtY12hgBgQVNg/aL4ojF3ryEpphQQaObwrB5edxqM=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=KgEb8FkIZ0SNgw3LqeydJuDAPSSN81iROmOOyyZvIdvtOwlsCz0wdzgGSlf+ol3FdFIkBLb2oO5/lLn+kJ15V26S0sOgRYzcppimOR+nVDnD1ocXgFnB07VGnPXvkBlmpzN9/CvbLK/B4yn31F5GChHxLx1MrOrZA9CuH219sm8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=GnMwqXF1; arc=none smtp.client-ip=209.85.210.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="GnMwqXF1"
Received: by mail-pf1-f202.google.com with SMTP id
 d2e1a72fcca58-82c613194caso751295b3a.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775778996; x=1776383796;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=kXxd+FRfeqdfqRkD2vAbTBLqeVS0Zz0p9iuPyi5dCns=;
        b=GnMwqXF1NOr72+Ozc8+49dnY5+GEPV9PxAoU1ZDbrzuePWnm4kGmy6aZ5rLfACky56
         T6rGaR3bwLcphrnBHuZYfv+z3vplowPpcpzSvfXNAMH0N+s4R0p/6YDMsMySSr4IXxmU
         HjXOcsgtiNKJ8quE4pgzWpN3Z6GBfId74KFjJ1ZW5DGObcWLOekIvoKqZJOB3u7tNcPR
         nvEvf91gnkzbJG9VmKcQ6ybyDqnDOnbQ7tn0uWqO5qE95LSj5SxQgWJG74B/LB8xU+2r
         oakg6CTT+EOx6T3AmAiW08y83dKzb6emuPqeV4VmzaOxMtLScbm3pUrocw4qqotiosau
         z4YA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775778996; x=1776383796;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=kXxd+FRfeqdfqRkD2vAbTBLqeVS0Zz0p9iuPyi5dCns=;
        b=O249VO2eCz7qcJo9KaXrRSMgGu1frl491wJ9YlmYto549WQjdj/4zCiBUZE6SKaoBh
         BExovnuWx5ZWhFPKaN7I5xazFTdV7BSPj1gtIaWuWZHseE/4Y5e8j6XK+UGZoAvZs3Lw
         t2EDXUhXyd7EfEiLM1mK5qGwMwU+Ho1t0hC0IunqWFsDx6NvI7njWQv7nY98FOIxYPpg
         xNhUn7dpaOcSUHMGEagxloxzPnt5LQU4UJoSythPx/mo2dt4GWrzHpfZbVpps/Dpz99k
         BFvjhN+/RJ2Z0P439cN0DMQHZ12RdWEXrI3XrRCw12tKbMB8OLkLZfKgltYfHNGmf68M
         hvRQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCXkMnWbAjzOjr/J2xpPt0zeFySUBpisQXi/azGshUw5GImDUDSDdGtFj7diN67pPaQ5k/LAj5smihqKxag=@vger.kernel.org
X-Gm-Message-State: AOJu0YyJX9Ce7Vfh5V3oAISdALswqskvjtoQw0miyHpLu8tAvzZDtIKb
	SCsalvh4l2KLF3FPdaXmTpSemlxmTalzRoxfQXyiV0o4ra/U6W07cEHWK3GH7VfzxyTJAKO9Kdo
	wvKHv4w==
X-Received: from pfbdh21.prod.google.com
 ([2002:a05:6a00:4795:b0:829:f706:70e4])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:3cce:b0:82a:7f1a:758c
 with SMTP id d2e1a72fcca58-82f0c1cf390mr1320023b3a.11.1775778995649; Thu, 09
 Apr 2026 16:56:35 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:15 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-5-seanjc@google.com>
Subject: [PATCH 04/11] KVM: VMX: Read 32-bit GPR values for ENCLS instructions
 outside of 64-bit mode
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

When getting register values for ENCLS emulation, use kvm_register_read()
instead of kvm_<reg>_read() so that bits 63:32 of the register are dropped
if the guest is in 32-bit mode.

Note, the misleading/surprising behavior of kvm_<reg>_read() being "raw"
variants under the hood will be addressed once all non-benign bugs are
fixed.

Fixes: 70210c044b4e ("KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce C=
PUID restrictions")
Fixes: b6f084ca5538 ("KVM: VMX: Add ENCLS[EINIT] handler to support SGX Lau=
nch Control (LC)")
Signed-off-by: Sean Christopherson <seanjc@google.com>
Acked-by: Kai Huang <kai.huang@intel.com>
---
 arch/x86/kvm/vmx/sgx.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kvm/vmx/sgx.c b/arch/x86/kvm/vmx/sgx.c
index df1d0cf76947..4c61fc33f764 100644
--- a/arch/x86/kvm/vmx/sgx.c
+++ b/arch/x86/kvm/vmx/sgx.c
@@ -225,8 +225,8 @@ static int handle_encls_ecreate(struct kvm_vcpu *vcpu)
 	struct x86_exception ex;
 	int r;
=20
-	if (sgx_get_encls_gva(vcpu, kvm_rbx_read(vcpu), 32, 32, &pageinfo_gva) ||
-	    sgx_get_encls_gva(vcpu, kvm_rcx_read(vcpu), 4096, 4096, &secs_gva))
+	if (sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RBX), 32, 3=
2, &pageinfo_gva) ||
+	    sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RCX), 4096,=
 4096, &secs_gva))
 		return 1;
=20
 	/*
@@ -302,9 +302,9 @@ static int handle_encls_einit(struct kvm_vcpu *vcpu)
 	gpa_t sig_gpa, secs_gpa, token_gpa;
 	int ret, trapnr;
=20
-	if (sgx_get_encls_gva(vcpu, kvm_rbx_read(vcpu), 1808, 4096, &sig_gva) ||
-	    sgx_get_encls_gva(vcpu, kvm_rcx_read(vcpu), 4096, 4096, &secs_gva) ||
-	    sgx_get_encls_gva(vcpu, kvm_rdx_read(vcpu), 304, 512, &token_gva))
+	if (sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RBX), 1808,=
 4096, &sig_gva) ||
+	    sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RCX), 4096,=
 4096, &secs_gva) ||
+	    sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RDX), 304, =
512, &token_gva))
 		return 1;
=20
 	/*
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5C3463A7585
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775778999; cv=none;
 b=HF7V9oYc4Swtp0xZfFi+N+K2l04M52yAQL5pbCa3CtipXS3wCgxKrMBt+Dgx68s7721frFTxiYIzqt2CPbaojAisW3bsnOXd7gZZZpYgm4CQGJJ94Xfr3JKItofCVmKaHA/qkoc76w2l7aEF9Zr/1tiy5SmvpEkzGMGqQWVzLNE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775778999; c=relaxed/simple;
	bh=DYr12vLfExXRMWPWKvGZY5DxUYvnsl8thA9aDxIwhL8=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=l/QMcEwVCOibYc1GzM6An9fij/M9FdMEokt8PauqI9I8fVyddvY/T2whi5c7m3jvGb0CgvrWnodJahf8zOp/89RhLyZuTecTTgQvnf/EFbgsnKREwVarFnbbgkCzOV742NrfesOR3vFFbih8kc2LrfHvBPN3vuA3m5D/4WYgWrY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=iQ6DS6pq; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="iQ6DS6pq"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-82cd9fa609aso1006097b3a.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775778998; x=1776383798;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=MY6cHx08IW2xR2d+249NoYIhXN7g9YeiGpAZRuys1QY=;
        b=iQ6DS6pqNMi2wT0RffS9dMEpGBB87lAhyKIOOhA+GXc1sYEeY4aui1KmauVxD+pNqz
         ylpqWHS/xhrsdcGMSe6z56YSrTElZk5w53WawsZj7RZt//UoYHBT8WbuHzAH09epzc/l
         B1Roi//ad69m2A9oE3vOI7C3sudUkavPTJs993EcY2vZj5dO/8cPXfYd3Ar7l5kwsBcY
         +RlOYBQZftkmD9loIgqfbJSpcncoo6vU01Bcd6+6Nwxkw4gdt9qCFT6v69143qsNnPQ4
         1FvHw+h0Rx/ctqOfxhxcnN+zGGB4wAEcwSuWf5O56xYVSXomCRoeUKO39q+CrJkPfsKC
         xhJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775778998; x=1776383798;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=MY6cHx08IW2xR2d+249NoYIhXN7g9YeiGpAZRuys1QY=;
        b=oaztMzylWOY557S9xz5q/ylBq7PAjsFBk9SfuizeVVrQI/zv7s+ZVQXAUdS0Hy1LEh
         8DU2kmoC+xC7zWvKYDVBJ6j1jHnLfrJXnbVHgFR1TzM9/vY8/X2ElpFJ2W/PTiJKIWcp
         LCkt2JIXU3Ji7bjMjBB4Zi/fk2XQuozCtxIvrE2YhB5dbjFi0IVqhf+ALdE1fqhXa97p
         vG2KsIBA9/ZJHpHlOt3/pgDPlGLsAZ4riiHmYCUToFr5UahAuHpEGnmLIlousuYhia37
         MKu9jGWKOJeSjCec3EZbDnQ3ExhwuJJosHEFurJDVUzCiM7I7yewb1vVvm/RVIl7aooL
         Lhsw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWILqUqQGAkGKDzor0/OMgtNHOkAQiOleDeXBHxhk8QKTBkVuZW+5tdtOH4v5xHXF65h0LujSfVni1O3g4=@vger.kernel.org
X-Gm-Message-State: AOJu0Yxiww/WiCcNQUAUX7ZeS+C9boKLfJo0Vgay55mYHmUNoPtca3Bv
	htKTvhWkZf6VZayNlXS2XynpO4WgxLKf7rnYkdSqifMHVZrxJD/EMKOnq7mjYaHkOiNJYDb89ai
	kpcCt2Q==
X-Received: from pfbfe20.prod.google.com
 ([2002:a05:6a00:2f14:b0:82c:6ce1:4e6])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:f0a:b0:81f:4884:4fed
 with SMTP id d2e1a72fcca58-82f0c24e21emr1046257b3a.7.1775778997441; Thu, 09
 Apr 2026 16:56:37 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:16 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-6-seanjc@google.com>
Subject: [PATCH 05/11] KVM: x86: Trace hypercall register *after* truncating
 values for 32-bit
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

When tracing hypercalls, invoke the tracepoint *after* truncating the
register values for 32-bit guests so as not to record unused garbage (in
the extremely unlikely scenario that the guest left garbage in a register
after transitioning from 64-bit mode to 32-bit mode).

Fixes: 229456fc34b1 ("KVM: convert custom marker based tracing to event tra=
ces")
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Yosry Ahmed <yosry@kernel.org>
---
 arch/x86/kvm/x86.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 0a1b63c63d1a..34ee79c1cbf3 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -10438,8 +10438,6 @@ int ____kvm_emulate_hypercall(struct kvm_vcpu *vcpu=
, int cpl,
=20
 	++vcpu->stat.hypercalls;
=20
-	trace_kvm_hypercall(nr, a0, a1, a2, a3);
-
 	if (!op_64_bit) {
 		nr &=3D 0xFFFFFFFF;
 		a0 &=3D 0xFFFFFFFF;
@@ -10448,6 +10446,8 @@ int ____kvm_emulate_hypercall(struct kvm_vcpu *vcpu=
, int cpl,
 		a3 &=3D 0xFFFFFFFF;
 	}
=20
+	trace_kvm_hypercall(nr, a0, a1, a2, a3);
+
 	if (cpl) {
 		ret =3D -KVM_EPERM;
 		goto out;
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE1F73A7826
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:39 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775779002; cv=none;
 b=kty0qa7IM2apSmv8LO/YvdGSZLxlGFcGM5q1ic3MEOlGHisiaxv1+/txleM5Jpj+fibVBTy2moP5vlG4ncbdsLP6JkfQocfG8bswdRRw5jPiQTkUh7vV+BaSt9qqz0lwKcsruIfX101alDleDUb8q6Dc/C/jAYuHtPE1SPYTUoA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775779002; c=relaxed/simple;
	bh=+5QpnxTBwVInguL/nhjo7yXwCMf5DULJkbko4IIc/+M=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=FctgHScwv7C2CTpKKJra/r7PO1ApKSZpoPfbTDmPDL9Y22lwhaXOhb2vN66wC06wEETyWBYHS0FrlSwh7ogcAIUyYTM7b58OMGZeT8YW3ZIZyV8EexJ+pU3tx1WPkN2crggpRYIIrRzrEh35bl/FG0krA8VQGBRw2doRjeT1Z5g=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=EU/Qg8bl; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="EU/Qg8bl"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-35842aa350fso3132949a91.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775778999; x=1776383799;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=ttUh2KhN7CXmhSvaYMBsDwgZt2H2PSQukJWLI3+IG4M=;
        b=EU/Qg8blGtuDkWISxbWwlkKfmaFYCJtvzkCi9Um9h7R+XtAgu00CN6V9ifkQ7VD9Df
         pe/SIpOUlN9dqali0kg10MnvGFz8d1qOCuC9yltkUqVCLYx5S3PmclJ2mZG5kiDYqwdd
         T6TqjoR93rPA9VL4yNpzZt4NeKELPCedMODPNSU8aUHFB2btwUDL1gJ60qfZpcjwTrdY
         OIx4KYUbkYiwm/wJEBGY/Tdjg26Ia0y8dVp6T+GbipEEiiSn+sBBEsmsko8lD1Ccku1V
         2UmIe94HedfogRj1WRMxvuv5m0dHz3Z01creYwSbY4nV8T4V5H1j+7p2QFChh+YweUEf
         Q8AQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775778999; x=1776383799;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=ttUh2KhN7CXmhSvaYMBsDwgZt2H2PSQukJWLI3+IG4M=;
        b=kxw2Q91vl8Z8jI8Oge8V02lssZlQlU27yoJJtsVRnztfMCQD3vDYvTHH802TAx1ESx
         ouutxjCSsD1IMNHZWcZ43uGhQKLtLhRPyZJT3srWbzleyHoxt7IQgjKdgg3/6RAogA6B
         +2DgKxI50cGzrK+INuicFsgvQWunEEycv73/1/3U0N4uY87KK0iaB/CmlxWzXHDnIcW8
         sR1iSUEuTHe1XlVhUJhmdIbbKZzz5EtaGZngR3MBSIQIz1X3WZTpK1lMDJv/1AVdtp9O
         XWJZWI0XpsSXkzExjYCS9vPakYxDfZFRgcW49x5wlxPADM4utb0qdiYR9BcmRudGA0OT
         k2pA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWQATSMuooEcjdfL03qNyzODnlhuyqxznJbrrCpO/bEMSKsvg9zCsy2ljNFPDGVkmkrbs6vKwWqFTwrXKU=@vger.kernel.org
X-Gm-Message-State: AOJu0YxVdgNTOgKwqq2OiciAEz5uuU+K8PqBH+lFCoMk1p4+4NV5Gl8v
	7qNbGU7zibLVRVi0tz04uOh0sj7q6hhyKchUC1qHkHg+oNsm2qaB61c0mpYDQioMCvOY/OzKInD
	LmoAlbg==
X-Received: from pjbgo13.prod.google.com ([2002:a17:90b:3cd:b0:35c:2ccd:436b])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:3c0e:b0:35d:974d:8f7
 with SMTP id 98e67ed59e1d1-35e4274696bmr932062a91.1.1775778999175; Thu, 09
 Apr 2026 16:56:39 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:17 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-7-seanjc@google.com>
Subject: [PATCH 06/11] KVM: x86: Move kvm_<reg>_{read,write}() definitions to
 x86.h
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Move the direct GPR accessors to x86.h so that they can use
is_64_bit_mode().

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/kvm_cache_regs.h | 34 ----------------------------------
 arch/x86/kvm/x86.h            | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/arch/x86/kvm/kvm_cache_regs.h b/arch/x86/kvm/kvm_cache_regs.h
index 8ddb01191d6f..efa23ed5b5d4 100644
--- a/arch/x86/kvm/kvm_cache_regs.h
+++ b/arch/x86/kvm/kvm_cache_regs.h
@@ -16,34 +16,6 @@
=20
 static_assert(!(KVM_POSSIBLE_CR0_GUEST_BITS & X86_CR0_PDPTR_BITS));
=20
-#define BUILD_KVM_GPR_ACCESSORS(lname, uname)				      \
-static __always_inline unsigned long kvm_##lname##_read(struct kvm_vcpu *v=
cpu)\
-{									      \
-	return vcpu->arch.regs[VCPU_REGS_##uname];			      \
-}									      \
-static __always_inline void kvm_##lname##_write(struct kvm_vcpu *vcpu,	   =
   \
-						unsigned long val)	      \
-{									      \
-	vcpu->arch.regs[VCPU_REGS_##uname] =3D val;			      \
-}
-BUILD_KVM_GPR_ACCESSORS(rax, RAX)
-BUILD_KVM_GPR_ACCESSORS(rbx, RBX)
-BUILD_KVM_GPR_ACCESSORS(rcx, RCX)
-BUILD_KVM_GPR_ACCESSORS(rdx, RDX)
-BUILD_KVM_GPR_ACCESSORS(rbp, RBP)
-BUILD_KVM_GPR_ACCESSORS(rsi, RSI)
-BUILD_KVM_GPR_ACCESSORS(rdi, RDI)
-#ifdef CONFIG_X86_64
-BUILD_KVM_GPR_ACCESSORS(r8,  R8)
-BUILD_KVM_GPR_ACCESSORS(r9,  R9)
-BUILD_KVM_GPR_ACCESSORS(r10, R10)
-BUILD_KVM_GPR_ACCESSORS(r11, R11)
-BUILD_KVM_GPR_ACCESSORS(r12, R12)
-BUILD_KVM_GPR_ACCESSORS(r13, R13)
-BUILD_KVM_GPR_ACCESSORS(r14, R14)
-BUILD_KVM_GPR_ACCESSORS(r15, R15)
-#endif
-
 /*
  * Using the register cache from interrupt context is generally not allowe=
d, as
  * caching a register and marking it available/dirty can't be done atomica=
lly,
@@ -217,12 +189,6 @@ static inline ulong kvm_read_cr4(struct kvm_vcpu *vcpu)
 	return kvm_read_cr4_bits(vcpu, ~0UL);
 }
=20
-static inline u64 kvm_read_edx_eax(struct kvm_vcpu *vcpu)
-{
-	return (kvm_rax_read(vcpu) & -1u)
-		| ((u64)(kvm_rdx_read(vcpu) & -1u) << 32);
-}
-
 static inline void enter_guest_mode(struct kvm_vcpu *vcpu)
 {
 	vcpu->arch.hflags |=3D HF_GUEST_MASK;
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index 38a905fa86de..c44154ed3f26 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -421,6 +421,40 @@ static inline bool vcpu_match_mmio_gpa(struct kvm_vcpu=
 *vcpu, gpa_t gpa)
 	return false;
 }
=20
+#define BUILD_KVM_GPR_ACCESSORS(lname, uname)				      \
+static __always_inline unsigned long kvm_##lname##_read(struct kvm_vcpu *v=
cpu)\
+{									      \
+	return vcpu->arch.regs[VCPU_REGS_##uname];			      \
+}									      \
+static __always_inline void kvm_##lname##_write(struct kvm_vcpu *vcpu,	   =
   \
+						unsigned long val)	      \
+{									      \
+	vcpu->arch.regs[VCPU_REGS_##uname] =3D val;			      \
+}
+BUILD_KVM_GPR_ACCESSORS(rax, RAX)
+BUILD_KVM_GPR_ACCESSORS(rbx, RBX)
+BUILD_KVM_GPR_ACCESSORS(rcx, RCX)
+BUILD_KVM_GPR_ACCESSORS(rdx, RDX)
+BUILD_KVM_GPR_ACCESSORS(rbp, RBP)
+BUILD_KVM_GPR_ACCESSORS(rsi, RSI)
+BUILD_KVM_GPR_ACCESSORS(rdi, RDI)
+#ifdef CONFIG_X86_64
+BUILD_KVM_GPR_ACCESSORS(r8,  R8)
+BUILD_KVM_GPR_ACCESSORS(r9,  R9)
+BUILD_KVM_GPR_ACCESSORS(r10, R10)
+BUILD_KVM_GPR_ACCESSORS(r11, R11)
+BUILD_KVM_GPR_ACCESSORS(r12, R12)
+BUILD_KVM_GPR_ACCESSORS(r13, R13)
+BUILD_KVM_GPR_ACCESSORS(r14, R14)
+BUILD_KVM_GPR_ACCESSORS(r15, R15)
+#endif
+
+static inline u64 kvm_read_edx_eax(struct kvm_vcpu *vcpu)
+{
+	return (kvm_rax_read(vcpu) & -1u)
+		| ((u64)(kvm_rdx_read(vcpu) & -1u) << 32);
+}
+
 static inline unsigned long kvm_register_read(struct kvm_vcpu *vcpu, int r=
eg)
 {
 	unsigned long val =3D kvm_register_read_raw(vcpu, reg);
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F365D3A7F4B
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:41 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775779004; cv=none;
 b=KODUa7S3/0tD+kOc2PKuHMBk/PXQrBUaC5hs43nYAZiatsGzUKzGcsLin9okWMHqJWKa1aVreH0Yqa1CoQxEWxqQOm+dpslbJKuqGTIi+Mp50NmjiZZoalwvwAXR31P1C1vQgnp3aXFvjc2kvxuWO9dx+EkOwnEgZQbILkB8svc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775779004; c=relaxed/simple;
	bh=sMfqhRATYAH8c56MQfwyBUdQ6WoWb5C1W9/MzxOqavw=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=LfCMsyxwKPxp+bayigE2007piXznF7NSPe6vtdN6ZdWtNTzEP88EeQrqBrUl0doydc6L78hYRp/jKr4OeeFsbt5cXqGSVF3kJD8W9ifIC+2BNeOMgJwbeLcLCVaDwzmZYlxDnsSWDuHL51TjDAlsuLsBbgswJUFAHtrTl6EmL1o=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Xm7iCqsK; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Xm7iCqsK"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c769b25315eso1836698a12.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775779001; x=1776383801;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=pJ2ir7cB0iDTrk12lQCbzg/x/kA+2peyLgF9XpnbgiY=;
        b=Xm7iCqsKdwjd+PHo7NC3IYAysablRoWRBjYwTmKL/dDsVKiUZBPC5OgragbGMMcItO
         9PHtrXudRsH4V8+uefsDltQZIIAiKIWVp5OtePx6PlBMUN44IozOyTp+dzyZRuU+XGcx
         tqB7EcYfm5uczGtb0OcdDb4saeGnDj0BQlji5bIerM/J8keFzobOdbvnAyVq8YliughV
         f1NSfcFoG6xzrHtUeAdT6nwIinGKN6Vd9xdasFyUQAtujkjTOMZX4uVneqxQlS3bDiBV
         Gri/24vcU+NQbCPf1FSFPZJgbDNSDXJWDiL4KaQld+dry+Sc8i+RqADCIaRVYpF0rcWz
         EXSQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775779001; x=1776383801;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=pJ2ir7cB0iDTrk12lQCbzg/x/kA+2peyLgF9XpnbgiY=;
        b=NKD9yABm45CYRT/Ypp22lUIN/Gg/Ostr2G9yxFq8lU2A4x6L6ZfGAEKmB1yzLw6mnW
         erzyoVTgGFJj62MHW1UY8vWLb5UU++9+K8NrzMI9ZeipAQT8juOll7eVrG2XcdkFXq0t
         qssU0ZKqxtVEI96+DgsAa8GArTHjeP/uSJgxCZ0v3SmxAU6EsZ0NNTsKncMbqVzemMTl
         6996tJd6eVfwK3uN7gbB7g8gWycG6oRLMr1rK3OjGPSjvCofsvmK4ppQ5tegX7UZAUMI
         rzgftvJcbYQ4DqlvwxeYcrP6Q5xcSompw4KVDWMbB/ZUx8CdWc20BqWXTfvGiDOb9JUr
         RIyw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWbAycrf95kQubrVc2HTzWVGPWtiGq6wJCffAkUWrb6TlqRI8h05tthXdRFoU6Eok2o3x3Dd1ovQyQqE0I=@vger.kernel.org
X-Gm-Message-State: AOJu0YytuTELFOj4u2rYHQI/vxA3VfTWKFSMSaH2q7c43fZA3rXC6aQy
	aki3L0nXX9wN4QLBdtLkH31Um3qaAxuV/T/gW8tuDMkxpEUhyQ2d6J4OL2vjN7KiWwWTnKWkHcT
	SsYi4tA==
X-Received: from pfbic2.prod.google.com
 ([2002:a05:6a00:8a02:b0:82c:efb6:4087])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:bd02:b0:82c:2647:eeea
 with SMTP id d2e1a72fcca58-82f0c33fd65mr1145614b3a.38.1775779001063; Thu, 09
 Apr 2026 16:56:41 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:18 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-8-seanjc@google.com>
Subject: [PATCH 07/11] KVM: x86: Add mode-aware versions of
 kvm_<reg>_{read,write}() helpers
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Make kvm_<reg>_{read,write}() mode-aware (where the value is truncated to
32 bits if the vCPU isn't in 64-bit mode), and convert all the intentional
"raw" accesses to kvm_<reg>_{read,write}_raw() versions.  To avoid
confusion and bikeshedding over whether or not explicit 32-bit accesses
should use the "raw" or mode-aware variants, add and use "e" versions, e.g.
for things like RDMSR, WRMSR, and CPUID, where the instruction uses only
only bits 31:0, regardless of mode.

No functional change intended (all use of "e" versions is for cases where
the value is already truncated due to bouncing through a u32).

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/cpuid.c      |  12 ++--
 arch/x86/kvm/hyperv.c     |  24 ++++----
 arch/x86/kvm/hyperv.h     |   4 +-
 arch/x86/kvm/svm/nested.c |   6 +-
 arch/x86/kvm/svm/svm.c    |  13 ++--
 arch/x86/kvm/vmx/nested.c |   8 +--
 arch/x86/kvm/vmx/sgx.c    |   4 +-
 arch/x86/kvm/vmx/tdx.c    |  18 +++---
 arch/x86/kvm/x86.c        | 121 +++++++++++++++++++-------------------
 arch/x86/kvm/x86.h        |  88 +++++++++++++++++----------
 arch/x86/kvm/xen.c        |  30 +++++-----
 11 files changed, 175 insertions(+), 153 deletions(-)

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index e69156b54cff..fe765f1c3b15 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -2165,13 +2165,13 @@ int kvm_emulate_cpuid(struct kvm_vcpu *vcpu)
 	    !kvm_require_cpl(vcpu, 0))
 		return 1;
=20
-	eax =3D kvm_rax_read(vcpu);
-	ecx =3D kvm_rcx_read(vcpu);
+	eax =3D kvm_eax_read(vcpu);
+	ecx =3D kvm_ecx_read(vcpu);
 	kvm_cpuid(vcpu, &eax, &ebx, &ecx, &edx, false);
-	kvm_rax_write(vcpu, eax);
-	kvm_rbx_write(vcpu, ebx);
-	kvm_rcx_write(vcpu, ecx);
-	kvm_rdx_write(vcpu, edx);
+	kvm_eax_write(vcpu, eax);
+	kvm_ebx_write(vcpu, ebx);
+	kvm_ecx_write(vcpu, ecx);
+	kvm_edx_write(vcpu, edx);
 	return kvm_skip_emulated_instruction(vcpu);
 }
 EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_emulate_cpuid);
diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index 9b140bbdc1d8..14e2fcf19def 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -2375,10 +2375,10 @@ static void kvm_hv_hypercall_set_result(struct kvm_=
vcpu *vcpu, u64 result)
=20
 	longmode =3D is_64_bit_hypercall(vcpu);
 	if (longmode)
-		kvm_rax_write(vcpu, result);
+		kvm_rax_write_raw(vcpu, result);
 	else {
-		kvm_rdx_write(vcpu, result >> 32);
-		kvm_rax_write(vcpu, result & 0xffffffff);
+		kvm_edx_write(vcpu, result >> 32);
+		kvm_eax_write(vcpu, result & 0xffffffff);
 	}
 }
=20
@@ -2542,18 +2542,18 @@ int kvm_hv_hypercall(struct kvm_vcpu *vcpu)
=20
 #ifdef CONFIG_X86_64
 	if (is_64_bit_hypercall(vcpu)) {
-		hc.param =3D kvm_rcx_read(vcpu);
-		hc.ingpa =3D kvm_rdx_read(vcpu);
-		hc.outgpa =3D kvm_r8_read(vcpu);
+		hc.param =3D kvm_rcx_read_raw(vcpu);
+		hc.ingpa =3D kvm_rdx_read_raw(vcpu);
+		hc.outgpa =3D kvm_r8_read_raw(vcpu);
 	} else
 #endif
 	{
-		hc.param =3D ((u64)kvm_rdx_read(vcpu) << 32) |
-			    (kvm_rax_read(vcpu) & 0xffffffff);
-		hc.ingpa =3D ((u64)kvm_rbx_read(vcpu) << 32) |
-			    (kvm_rcx_read(vcpu) & 0xffffffff);
-		hc.outgpa =3D ((u64)kvm_rdi_read(vcpu) << 32) |
-			     (kvm_rsi_read(vcpu) & 0xffffffff);
+		hc.param =3D ((u64)kvm_rdx_read_raw(vcpu) << 32) |
+			    (kvm_rdx_read_raw(vcpu) & 0xffffffff);
+		hc.ingpa =3D ((u64)kvm_rdx_read_raw(vcpu) << 32) |
+			    (kvm_rdx_read_raw(vcpu) & 0xffffffff);
+		hc.outgpa =3D ((u64)kvm_rdx_read_raw(vcpu) << 32) |
+			     (kvm_rdx_read_raw(vcpu) & 0xffffffff);
 	}
=20
 	hc.code =3D hc.param & 0xffff;
diff --git a/arch/x86/kvm/hyperv.h b/arch/x86/kvm/hyperv.h
index 6301f79fcbae..65e89ed65349 100644
--- a/arch/x86/kvm/hyperv.h
+++ b/arch/x86/kvm/hyperv.h
@@ -232,8 +232,8 @@ static inline bool kvm_hv_is_tlb_flush_hcall(struct kvm=
_vcpu *vcpu)
 	if (!hv_vcpu)
 		return false;
=20
-	code =3D is_64_bit_hypercall(vcpu) ? kvm_rcx_read(vcpu) :
-					   kvm_rax_read(vcpu);
+	code =3D is_64_bit_hypercall(vcpu) ? kvm_rcx_read_raw(vcpu) :
+					   kvm_eax_read(vcpu);
=20
 	return (code =3D=3D HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE ||
 		code =3D=3D HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST ||
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 961804df5f45..00de9375c836 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -757,7 +757,7 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm =
*svm)
=20
 	svm->vcpu.arch.cr2 =3D save->cr2;
=20
-	kvm_rax_write(vcpu, save->rax);
+	kvm_rax_write_raw(vcpu, save->rax);
 	kvm_rsp_write(vcpu, save->rsp);
 	kvm_rip_write(vcpu, save->rip);
=20
@@ -1238,7 +1238,7 @@ static int nested_svm_vmexit_update_vmcb12(struct kvm=
_vcpu *vcpu)
 	vmcb12->save.rflags =3D kvm_get_rflags(vcpu);
 	vmcb12->save.rip    =3D kvm_rip_read(vcpu);
 	vmcb12->save.rsp    =3D kvm_rsp_read(vcpu);
-	vmcb12->save.rax    =3D kvm_rax_read(vcpu);
+	vmcb12->save.rax    =3D kvm_rax_read_raw(vcpu);
 	vmcb12->save.dr7    =3D vmcb02->save.dr7;
 	vmcb12->save.dr6    =3D svm->vcpu.arch.dr6;
 	vmcb12->save.cpl    =3D vmcb02->save.cpl;
@@ -1391,7 +1391,7 @@ void nested_svm_vmexit(struct vcpu_svm *svm)
 	svm_set_efer(vcpu, vmcb01->save.efer);
 	svm_set_cr0(vcpu, vmcb01->save.cr0 | X86_CR0_PE);
 	svm_set_cr4(vcpu, vmcb01->save.cr4);
-	kvm_rax_write(vcpu, vmcb01->save.rax);
+	kvm_rax_write_raw(vcpu, vmcb01->save.rax);
 	kvm_rsp_write(vcpu, vmcb01->save.rsp);
 	kvm_rip_write(vcpu, vmcb01->save.rip);
=20
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index a1b2e4152afe..0e2e7a803d64 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2378,15 +2378,12 @@ static int clgi_interception(struct kvm_vcpu *vcpu)
=20
 static int invlpga_interception(struct kvm_vcpu *vcpu)
 {
-	gva_t gva =3D kvm_rax_read(vcpu);
-	u32 asid =3D kvm_rcx_read(vcpu);
-
-	if (nested_svm_check_permissions(vcpu))
-		return 1;
-
 	/* FIXME: Handle an address size prefix. */
-	if (!is_64_bit_mode(vcpu))
-		gva =3D (u32)gva;
+	gva_t gva =3D kvm_rax_read(vcpu);
+	u32 asid =3D kvm_ecx_read(vcpu);
+
+	if (nested_svm_check_permissions(vcpu))
+		return 1;
=20
 	trace_kvm_invlpga(to_svm(vcpu)->vmcb->save.rip, asid, gva);
=20
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 3fe88f29be7a..9a1bf35fe7cd 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -6135,7 +6135,7 @@ static int handle_invvpid(struct kvm_vcpu *vcpu)
 static int nested_vmx_eptp_switching(struct kvm_vcpu *vcpu,
 				     struct vmcs12 *vmcs12)
 {
-	u32 index =3D kvm_rcx_read(vcpu);
+	u32 index =3D kvm_ecx_read(vcpu);
 	u64 new_eptp;
=20
 	if (WARN_ON_ONCE(!nested_cpu_has_ept(vmcs12)))
@@ -6169,7 +6169,7 @@ static int handle_vmfunc(struct kvm_vcpu *vcpu)
 {
 	struct vcpu_vmx *vmx =3D to_vmx(vcpu);
 	struct vmcs12 *vmcs12;
-	u32 function =3D kvm_rax_read(vcpu);
+	u32 function =3D kvm_eax_read(vcpu);
=20
 	/*
 	 * VMFUNC should never execute cleanly while L1 is active; KVM supports
@@ -6291,7 +6291,7 @@ static bool nested_vmx_exit_handled_msr(struct kvm_vc=
pu *vcpu,
 	    exit_reason.basic =3D=3D EXIT_REASON_MSR_WRITE_IMM)
 		msr_index =3D vmx_get_exit_qual(vcpu);
 	else
-		msr_index =3D kvm_rcx_read(vcpu);
+		msr_index =3D kvm_ecx_read(vcpu);
=20
 	/*
 	 * The MSR_BITMAP page is divided into four 1024-byte bitmaps,
@@ -6401,7 +6401,7 @@ static bool nested_vmx_exit_handled_encls(struct kvm_=
vcpu *vcpu,
 	    !nested_cpu_has2(vmcs12, SECONDARY_EXEC_ENCLS_EXITING))
 		return false;
=20
-	encls_leaf =3D kvm_rax_read(vcpu);
+	encls_leaf =3D kvm_eax_read(vcpu);
 	if (encls_leaf > 62)
 		encls_leaf =3D 63;
 	return vmcs12->encls_exiting_bitmap & BIT_ULL(encls_leaf);
diff --git a/arch/x86/kvm/vmx/sgx.c b/arch/x86/kvm/vmx/sgx.c
index 4c61fc33f764..4ca11e5ff4eb 100644
--- a/arch/x86/kvm/vmx/sgx.c
+++ b/arch/x86/kvm/vmx/sgx.c
@@ -352,7 +352,7 @@ static int handle_encls_einit(struct kvm_vcpu *vcpu)
 		rflags &=3D ~X86_EFLAGS_ZF;
 	vmx_set_rflags(vcpu, rflags);
=20
-	kvm_rax_write(vcpu, ret);
+	kvm_eax_write(vcpu, ret);
 	return kvm_skip_emulated_instruction(vcpu);
 }
=20
@@ -380,7 +380,7 @@ static inline bool sgx_enabled_in_guest_bios(struct kvm=
_vcpu *vcpu)
=20
 int handle_encls(struct kvm_vcpu *vcpu)
 {
-	u32 leaf =3D (u32)kvm_rax_read(vcpu);
+	u32 leaf =3D kvm_eax_read(vcpu);
=20
 	if (!enable_sgx || !guest_cpu_cap_has(vcpu, X86_FEATURE_SGX) ||
 	    !guest_cpu_cap_has(vcpu, X86_FEATURE_SGX1)) {
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index 1e47c194af53..9f6885d035a2 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -1163,11 +1163,11 @@ static int complete_hypercall_exit(struct kvm_vcpu =
*vcpu)
=20
 static int tdx_emulate_vmcall(struct kvm_vcpu *vcpu)
 {
-	kvm_rax_write(vcpu, to_tdx(vcpu)->vp_enter_args.r10);
-	kvm_rbx_write(vcpu, to_tdx(vcpu)->vp_enter_args.r11);
-	kvm_rcx_write(vcpu, to_tdx(vcpu)->vp_enter_args.r12);
-	kvm_rdx_write(vcpu, to_tdx(vcpu)->vp_enter_args.r13);
-	kvm_rsi_write(vcpu, to_tdx(vcpu)->vp_enter_args.r14);
+	kvm_rax_write_raw(vcpu, to_tdx(vcpu)->vp_enter_args.r10);
+	kvm_rbx_write_raw(vcpu, to_tdx(vcpu)->vp_enter_args.r11);
+	kvm_rcx_write_raw(vcpu, to_tdx(vcpu)->vp_enter_args.r12);
+	kvm_rdx_write_raw(vcpu, to_tdx(vcpu)->vp_enter_args.r13);
+	kvm_rsi_write_raw(vcpu, to_tdx(vcpu)->vp_enter_args.r14);
=20
 	return __kvm_emulate_hypercall(vcpu, 0, complete_hypercall_exit);
 }
@@ -2031,12 +2031,12 @@ int tdx_handle_exit(struct kvm_vcpu *vcpu, fastpath=
_t fastpath)
 	case EXIT_REASON_IO_INSTRUCTION:
 		return tdx_emulate_io(vcpu);
 	case EXIT_REASON_MSR_READ:
-		kvm_rcx_write(vcpu, tdx->vp_enter_args.r12);
+		kvm_ecx_write(vcpu, tdx->vp_enter_args.r12);
 		return kvm_emulate_rdmsr(vcpu);
 	case EXIT_REASON_MSR_WRITE:
-		kvm_rcx_write(vcpu, tdx->vp_enter_args.r12);
-		kvm_rax_write(vcpu, tdx->vp_enter_args.r13 & -1u);
-		kvm_rdx_write(vcpu, tdx->vp_enter_args.r13 >> 32);
+		kvm_ecx_write(vcpu, tdx->vp_enter_args.r12);
+		kvm_eax_write(vcpu, tdx->vp_enter_args.r13 & -1u);
+		kvm_edx_write(vcpu, tdx->vp_enter_args.r13 >> 32);
 		return kvm_emulate_wrmsr(vcpu);
 	case EXIT_REASON_EPT_MISCONFIG:
 		return tdx_emulate_mmio(vcpu);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 34ee79c1cbf3..e5d073763fc1 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1313,7 +1313,7 @@ int kvm_emulate_xsetbv(struct kvm_vcpu *vcpu)
 {
 	/* Note, #UD due to CR4.OSXSAVE=3D0 has priority over the intercept. */
 	if (kvm_x86_call(get_cpl)(vcpu) !=3D 0 ||
-	    __kvm_set_xcr(vcpu, kvm_rcx_read(vcpu), kvm_read_edx_eax(vcpu))) {
+	    __kvm_set_xcr(vcpu, kvm_ecx_read(vcpu), kvm_read_edx_eax(vcpu))) {
 		kvm_inject_gp(vcpu, 0);
 		return 1;
 	}
@@ -1602,7 +1602,7 @@ EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_get_dr);
=20
 int kvm_emulate_rdpmc(struct kvm_vcpu *vcpu)
 {
-	u32 pmc =3D kvm_rcx_read(vcpu);
+	u32 pmc =3D kvm_ecx_read(vcpu);
 	u64 data;
=20
 	if (kvm_pmu_rdpmc(vcpu, pmc, &data)) {
@@ -1610,8 +1610,8 @@ int kvm_emulate_rdpmc(struct kvm_vcpu *vcpu)
 		return 1;
 	}
=20
-	kvm_rax_write(vcpu, (u32)data);
-	kvm_rdx_write(vcpu, data >> 32);
+	kvm_eax_write(vcpu, (u32)data);
+	kvm_edx_write(vcpu, data >> 32);
 	return kvm_skip_emulated_instruction(vcpu);
 }
 EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_emulate_rdpmc);
@@ -2058,8 +2058,8 @@ EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_emulate_msr_write);
 static void complete_userspace_rdmsr(struct kvm_vcpu *vcpu)
 {
 	if (!vcpu->run->msr.error) {
-		kvm_rax_write(vcpu, (u32)vcpu->run->msr.data);
-		kvm_rdx_write(vcpu, vcpu->run->msr.data >> 32);
+		kvm_eax_write(vcpu, (u32)vcpu->run->msr.data);
+		kvm_edx_write(vcpu, vcpu->run->msr.data >> 32);
 	}
 }
=20
@@ -2140,8 +2140,8 @@ static int __kvm_emulate_rdmsr(struct kvm_vcpu *vcpu,=
 u32 msr, int reg,
 		trace_kvm_msr_read(msr, data);
=20
 		if (reg < 0) {
-			kvm_rax_write(vcpu, data & -1u);
-			kvm_rdx_write(vcpu, (data >> 32) & -1u);
+			kvm_eax_write(vcpu, data & -1u);
+			kvm_edx_write(vcpu, (data >> 32) & -1u);
 		} else {
 			kvm_register_write(vcpu, reg, data);
 		}
@@ -2158,7 +2158,7 @@ static int __kvm_emulate_rdmsr(struct kvm_vcpu *vcpu,=
 u32 msr, int reg,
=20
 int kvm_emulate_rdmsr(struct kvm_vcpu *vcpu)
 {
-	return __kvm_emulate_rdmsr(vcpu, kvm_rcx_read(vcpu), -1,
+	return __kvm_emulate_rdmsr(vcpu, kvm_ecx_read(vcpu), -1,
 				   complete_fast_rdmsr);
 }
 EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_emulate_rdmsr);
@@ -2194,7 +2194,7 @@ static int __kvm_emulate_wrmsr(struct kvm_vcpu *vcpu,=
 u32 msr, u64 data)
=20
 int kvm_emulate_wrmsr(struct kvm_vcpu *vcpu)
 {
-	return __kvm_emulate_wrmsr(vcpu, kvm_rcx_read(vcpu),
+	return __kvm_emulate_wrmsr(vcpu, kvm_ecx_read(vcpu),
 				   kvm_read_edx_eax(vcpu));
 }
 EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_emulate_wrmsr);
@@ -2304,7 +2304,7 @@ static fastpath_t __handle_fastpath_wrmsr(struct kvm_=
vcpu *vcpu, u32 msr, u64 da
=20
 fastpath_t handle_fastpath_wrmsr(struct kvm_vcpu *vcpu)
 {
-	return __handle_fastpath_wrmsr(vcpu, kvm_rcx_read(vcpu),
+	return __handle_fastpath_wrmsr(vcpu, kvm_ecx_read(vcpu),
 				       kvm_read_edx_eax(vcpu));
 }
 EXPORT_SYMBOL_FOR_KVM_INTERNAL(handle_fastpath_wrmsr);
@@ -9699,7 +9699,7 @@ static int complete_fast_pio_out(struct kvm_vcpu *vcp=
u)
 static int kvm_fast_pio_out(struct kvm_vcpu *vcpu, int size,
 			    unsigned short port)
 {
-	unsigned long val =3D kvm_rax_read(vcpu);
+	unsigned long val =3D kvm_rax_read_raw(vcpu);
 	int ret =3D emulator_pio_out(vcpu, size, port, &val, 1);
=20
 	if (ret)
@@ -9735,10 +9735,10 @@ static int complete_fast_pio_in(struct kvm_vcpu *vc=
pu)
 	}
=20
 	/* For size less than 4 we merge, else we zero extend */
-	val =3D (vcpu->arch.pio.size < 4) ? kvm_rax_read(vcpu) : 0;
+	val =3D (vcpu->arch.pio.size < 4) ? kvm_rax_read_raw(vcpu) : 0;
=20
 	complete_emulator_pio_in(vcpu, &val);
-	kvm_rax_write(vcpu, val);
+	kvm_rax_write_raw(vcpu, val);
=20
 	return kvm_skip_emulated_instruction(vcpu);
 }
@@ -9750,11 +9750,11 @@ static int kvm_fast_pio_in(struct kvm_vcpu *vcpu, i=
nt size,
 	int ret;
=20
 	/* For size less than 4 we merge, else we zero extend */
-	val =3D (size < 4) ? kvm_rax_read(vcpu) : 0;
+	val =3D (size < 4) ? kvm_rax_read_raw(vcpu) : 0;
=20
 	ret =3D emulator_pio_in(vcpu, size, port, &val, 1);
 	if (ret) {
-		kvm_rax_write(vcpu, val);
+		kvm_rax_write_raw(vcpu, val);
 		return ret;
 	}
=20
@@ -10421,29 +10421,30 @@ static int complete_hypercall_exit(struct kvm_vcp=
u *vcpu)
=20
 	if (!is_64_bit_hypercall(vcpu))
 		ret =3D (u32)ret;
-	kvm_rax_write(vcpu, ret);
+	kvm_rax_write_raw(vcpu, ret);
 	return kvm_skip_emulated_instruction(vcpu);
 }
=20
 int ____kvm_emulate_hypercall(struct kvm_vcpu *vcpu, int cpl,
 			      int (*complete_hypercall)(struct kvm_vcpu *))
 {
-	unsigned long ret;
-	unsigned long nr =3D kvm_rax_read(vcpu);
-	unsigned long a0 =3D kvm_rbx_read(vcpu);
-	unsigned long a1 =3D kvm_rcx_read(vcpu);
-	unsigned long a2 =3D kvm_rdx_read(vcpu);
-	unsigned long a3 =3D kvm_rsi_read(vcpu);
 	int op_64_bit =3D is_64_bit_hypercall(vcpu);
+	unsigned long ret, nr, a0, a1, a2, a3;
=20
 	++vcpu->stat.hypercalls;
=20
-	if (!op_64_bit) {
-		nr &=3D 0xFFFFFFFF;
-		a0 &=3D 0xFFFFFFFF;
-		a1 &=3D 0xFFFFFFFF;
-		a2 &=3D 0xFFFFFFFF;
-		a3 &=3D 0xFFFFFFFF;
+	if (op_64_bit) {
+		nr =3D kvm_rax_read_raw(vcpu);
+		a0 =3D kvm_rbx_read_raw(vcpu);
+		a1 =3D kvm_rcx_read_raw(vcpu);
+		a2 =3D kvm_rdx_read_raw(vcpu);
+		a3 =3D kvm_rsi_read_raw(vcpu);
+	} else {
+		nr =3D kvm_eax_read(vcpu);
+		a0 =3D kvm_ebx_read(vcpu);
+		a1 =3D kvm_ecx_read(vcpu);
+		a2 =3D kvm_edx_read(vcpu);
+		a3 =3D kvm_esi_read(vcpu);
 	}
=20
 	trace_kvm_hypercall(nr, a0, a1, a2, a3);
@@ -12144,23 +12145,23 @@ static void __get_regs(struct kvm_vcpu *vcpu, str=
uct kvm_regs *regs)
 		emulator_writeback_register_cache(vcpu->arch.emulate_ctxt);
 		vcpu->arch.emulate_regs_need_sync_to_vcpu =3D false;
 	}
-	regs->rax =3D kvm_rax_read(vcpu);
-	regs->rbx =3D kvm_rbx_read(vcpu);
-	regs->rcx =3D kvm_rcx_read(vcpu);
-	regs->rdx =3D kvm_rdx_read(vcpu);
-	regs->rsi =3D kvm_rsi_read(vcpu);
-	regs->rdi =3D kvm_rdi_read(vcpu);
+	regs->rax =3D kvm_rax_read_raw(vcpu);
+	regs->rbx =3D kvm_rbx_read_raw(vcpu);
+	regs->rcx =3D kvm_rcx_read_raw(vcpu);
+	regs->rdx =3D kvm_rdx_read_raw(vcpu);
+	regs->rsi =3D kvm_rsi_read_raw(vcpu);
+	regs->rdi =3D kvm_rdi_read_raw(vcpu);
 	regs->rsp =3D kvm_rsp_read(vcpu);
-	regs->rbp =3D kvm_rbp_read(vcpu);
+	regs->rbp =3D kvm_rbp_read_raw(vcpu);
 #ifdef CONFIG_X86_64
-	regs->r8 =3D kvm_r8_read(vcpu);
-	regs->r9 =3D kvm_r9_read(vcpu);
-	regs->r10 =3D kvm_r10_read(vcpu);
-	regs->r11 =3D kvm_r11_read(vcpu);
-	regs->r12 =3D kvm_r12_read(vcpu);
-	regs->r13 =3D kvm_r13_read(vcpu);
-	regs->r14 =3D kvm_r14_read(vcpu);
-	regs->r15 =3D kvm_r15_read(vcpu);
+	regs->r8 =3D kvm_r8_read_raw(vcpu);
+	regs->r9 =3D kvm_r9_read_raw(vcpu);
+	regs->r10 =3D kvm_r10_read_raw(vcpu);
+	regs->r11 =3D kvm_r11_read_raw(vcpu);
+	regs->r12 =3D kvm_r12_read_raw(vcpu);
+	regs->r13 =3D kvm_r13_read_raw(vcpu);
+	regs->r14 =3D kvm_r14_read_raw(vcpu);
+	regs->r15 =3D kvm_r15_read_raw(vcpu);
 #endif
=20
 	regs->rip =3D kvm_rip_read(vcpu);
@@ -12184,23 +12185,23 @@ static void __set_regs(struct kvm_vcpu *vcpu, str=
uct kvm_regs *regs)
 	vcpu->arch.emulate_regs_need_sync_from_vcpu =3D true;
 	vcpu->arch.emulate_regs_need_sync_to_vcpu =3D false;
=20
-	kvm_rax_write(vcpu, regs->rax);
-	kvm_rbx_write(vcpu, regs->rbx);
-	kvm_rcx_write(vcpu, regs->rcx);
-	kvm_rdx_write(vcpu, regs->rdx);
-	kvm_rsi_write(vcpu, regs->rsi);
-	kvm_rdi_write(vcpu, regs->rdi);
+	kvm_rax_write_raw(vcpu, regs->rax);
+	kvm_rbx_write_raw(vcpu, regs->rbx);
+	kvm_rcx_write_raw(vcpu, regs->rcx);
+	kvm_rdx_write_raw(vcpu, regs->rdx);
+	kvm_rsi_write_raw(vcpu, regs->rsi);
+	kvm_rdi_write_raw(vcpu, regs->rdi);
 	kvm_rsp_write(vcpu, regs->rsp);
-	kvm_rbp_write(vcpu, regs->rbp);
+	kvm_rbp_write_raw(vcpu, regs->rbp);
 #ifdef CONFIG_X86_64
-	kvm_r8_write(vcpu, regs->r8);
-	kvm_r9_write(vcpu, regs->r9);
-	kvm_r10_write(vcpu, regs->r10);
-	kvm_r11_write(vcpu, regs->r11);
-	kvm_r12_write(vcpu, regs->r12);
-	kvm_r13_write(vcpu, regs->r13);
-	kvm_r14_write(vcpu, regs->r14);
-	kvm_r15_write(vcpu, regs->r15);
+	kvm_r8_write_raw(vcpu, regs->r8);
+	kvm_r9_write_raw(vcpu, regs->r9);
+	kvm_r10_write_raw(vcpu, regs->r10);
+	kvm_r11_write_raw(vcpu, regs->r11);
+	kvm_r12_write_raw(vcpu, regs->r12);
+	kvm_r13_write_raw(vcpu, regs->r13);
+	kvm_r14_write_raw(vcpu, regs->r14);
+	kvm_r15_write_raw(vcpu, regs->r15);
 #endif
=20
 	kvm_rip_write(vcpu, regs->rip);
@@ -13103,7 +13104,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool ini=
t_event)
 	 * on RESET.  But, go through the motions in case that's ever remedied.
 	 */
 	cpuid_0x1 =3D kvm_find_cpuid_entry(vcpu, 1);
-	kvm_rdx_write(vcpu, cpuid_0x1 ? cpuid_0x1->eax : 0x600);
+	kvm_edx_write(vcpu, cpuid_0x1 ? cpuid_0x1->eax : 0x600);
=20
 	kvm_x86_call(vcpu_reset)(vcpu, init_event);
=20
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index c44154ed3f26..2550380fa79e 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -421,53 +421,77 @@ static inline bool vcpu_match_mmio_gpa(struct kvm_vcp=
u *vcpu, gpa_t gpa)
 	return false;
 }
=20
-#define BUILD_KVM_GPR_ACCESSORS(lname, uname)				      \
-static __always_inline unsigned long kvm_##lname##_read(struct kvm_vcpu *v=
cpu)\
-{									      \
-	return vcpu->arch.regs[VCPU_REGS_##uname];			      \
-}									      \
-static __always_inline void kvm_##lname##_write(struct kvm_vcpu *vcpu,	   =
   \
-						unsigned long val)	      \
-{									      \
-	vcpu->arch.regs[VCPU_REGS_##uname] =3D val;			      \
+static __always_inline unsigned long kvm_reg_mode_mask(struct kvm_vcpu *vc=
pu)
+{
+#ifdef CONFIG_X86_64
+	return is_64_bit_mode(vcpu) ? GENMASK(63, 0) : GENMASK(31, 0);
+#else
+	return GENMASK(31, 0);
+#endif
+}
+
+#define __BUILD_KVM_GPR_ACCESSORS(lname, uname)						\
+static __always_inline unsigned long kvm_##lname##_read(struct kvm_vcpu *v=
cpu)		\
+{											\
+	return vcpu->arch.regs[VCPU_REGS_##uname] & kvm_reg_mode_mask(vcpu);		\
+}											\
+static __always_inline void kvm_##lname##_write(struct kvm_vcpu *vcpu,			\
+						unsigned long val)			\
+{											\
+	vcpu->arch.regs[VCPU_REGS_##uname] =3D val & kvm_reg_mode_mask(vcpu);		\
+}											\
+static __always_inline unsigned long kvm_##lname##_read_raw(struct kvm_vcp=
u *vcpu)	\
+{											\
+	return vcpu->arch.regs[VCPU_REGS_##uname];					\
+}											\
+static __always_inline void kvm_##lname##_write_raw(struct kvm_vcpu *vcpu,=
		\
+						    unsigned long val)			\
+{											\
+	vcpu->arch.regs[VCPU_REGS_##uname] =3D val;					\
 }
-BUILD_KVM_GPR_ACCESSORS(rax, RAX)
-BUILD_KVM_GPR_ACCESSORS(rbx, RBX)
-BUILD_KVM_GPR_ACCESSORS(rcx, RCX)
-BUILD_KVM_GPR_ACCESSORS(rdx, RDX)
-BUILD_KVM_GPR_ACCESSORS(rbp, RBP)
-BUILD_KVM_GPR_ACCESSORS(rsi, RSI)
-BUILD_KVM_GPR_ACCESSORS(rdi, RDI)
+#define BUILD_KVM_GPR_ACCESSORS(lname, uname)						\
+static __always_inline u32 kvm_e##lname##_read(struct kvm_vcpu *vcpu)			\
+{											\
+	return vcpu->arch.regs[VCPU_REGS_##uname];					\
+}											\
+static __always_inline void kvm_e##lname##_write(struct kvm_vcpu *vcpu,	u3=
2 val)	\
+{											\
+	vcpu->arch.regs[VCPU_REGS_##uname] =3D val;					\
+}											\
+__BUILD_KVM_GPR_ACCESSORS(r##lname, uname)
+
+BUILD_KVM_GPR_ACCESSORS(ax, RAX)
+BUILD_KVM_GPR_ACCESSORS(bx, RBX)
+BUILD_KVM_GPR_ACCESSORS(cx, RCX)
+BUILD_KVM_GPR_ACCESSORS(dx, RDX)
+BUILD_KVM_GPR_ACCESSORS(bp, RBP)
+BUILD_KVM_GPR_ACCESSORS(si, RSI)
+BUILD_KVM_GPR_ACCESSORS(di, RDI)
 #ifdef CONFIG_X86_64
-BUILD_KVM_GPR_ACCESSORS(r8,  R8)
-BUILD_KVM_GPR_ACCESSORS(r9,  R9)
-BUILD_KVM_GPR_ACCESSORS(r10, R10)
-BUILD_KVM_GPR_ACCESSORS(r11, R11)
-BUILD_KVM_GPR_ACCESSORS(r12, R12)
-BUILD_KVM_GPR_ACCESSORS(r13, R13)
-BUILD_KVM_GPR_ACCESSORS(r14, R14)
-BUILD_KVM_GPR_ACCESSORS(r15, R15)
+__BUILD_KVM_GPR_ACCESSORS(r8,  R8)
+__BUILD_KVM_GPR_ACCESSORS(r9,  R9)
+__BUILD_KVM_GPR_ACCESSORS(r10, R10)
+__BUILD_KVM_GPR_ACCESSORS(r11, R11)
+__BUILD_KVM_GPR_ACCESSORS(r12, R12)
+__BUILD_KVM_GPR_ACCESSORS(r13, R13)
+__BUILD_KVM_GPR_ACCESSORS(r14, R14)
+__BUILD_KVM_GPR_ACCESSORS(r15, R15)
 #endif
=20
 static inline u64 kvm_read_edx_eax(struct kvm_vcpu *vcpu)
 {
-	return (kvm_rax_read(vcpu) & -1u)
-		| ((u64)(kvm_rdx_read(vcpu) & -1u) << 32);
+	return kvm_eax_read(vcpu) | (u64)(kvm_edx_read(vcpu)) << 32;
 }
=20
 static inline unsigned long kvm_register_read(struct kvm_vcpu *vcpu, int r=
eg)
 {
-	unsigned long val =3D kvm_register_read_raw(vcpu, reg);
-
-	return is_64_bit_mode(vcpu) ? val : (u32)val;
+	return kvm_register_read_raw(vcpu, reg) & kvm_reg_mode_mask(vcpu);
 }
=20
 static inline void kvm_register_write(struct kvm_vcpu *vcpu,
 				       int reg, unsigned long val)
 {
-	if (!is_64_bit_mode(vcpu))
-		val =3D (u32)val;
-	return kvm_register_write_raw(vcpu, reg, val);
+	return kvm_register_write_raw(vcpu, reg, val & kvm_reg_mode_mask(vcpu));
 }
=20
 static inline bool kvm_check_has_quirk(struct kvm *kvm, u64 quirk)
diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
index 895095dc684e..e98fa3544bdd 100644
--- a/arch/x86/kvm/xen.c
+++ b/arch/x86/kvm/xen.c
@@ -1408,7 +1408,7 @@ int kvm_xen_hvm_config(struct kvm *kvm, struct kvm_xe=
n_hvm_config *xhc)
=20
 static int kvm_xen_hypercall_set_result(struct kvm_vcpu *vcpu, u64 result)
 {
-	kvm_rax_write(vcpu, result);
+	kvm_rax_write_raw(vcpu, result);
 	return kvm_skip_emulated_instruction(vcpu);
 }
=20
@@ -1685,23 +1685,23 @@ int kvm_xen_hypercall(struct kvm_vcpu *vcpu)
=20
 	longmode =3D is_64_bit_hypercall(vcpu);
 	if (!longmode) {
-		input =3D (u32)kvm_rax_read(vcpu);
-		params[0] =3D (u32)kvm_rbx_read(vcpu);
-		params[1] =3D (u32)kvm_rcx_read(vcpu);
-		params[2] =3D (u32)kvm_rdx_read(vcpu);
-		params[3] =3D (u32)kvm_rsi_read(vcpu);
-		params[4] =3D (u32)kvm_rdi_read(vcpu);
-		params[5] =3D (u32)kvm_rbp_read(vcpu);
+		input =3D kvm_eax_read(vcpu);
+		params[0] =3D kvm_ebx_read(vcpu);
+		params[1] =3D kvm_ecx_read(vcpu);
+		params[2] =3D kvm_edx_read(vcpu);
+		params[3] =3D kvm_esi_read(vcpu);
+		params[4] =3D kvm_edi_read(vcpu);
+		params[5] =3D kvm_ebp_read(vcpu);
 	}
 	else {
 #ifdef CONFIG_X86_64
-		input =3D (u64)kvm_rax_read(vcpu);
-		params[0] =3D (u64)kvm_rdi_read(vcpu);
-		params[1] =3D (u64)kvm_rsi_read(vcpu);
-		params[2] =3D (u64)kvm_rdx_read(vcpu);
-		params[3] =3D (u64)kvm_r10_read(vcpu);
-		params[4] =3D (u64)kvm_r8_read(vcpu);
-		params[5] =3D (u64)kvm_r9_read(vcpu);
+		input =3D (u64)kvm_rax_read_raw(vcpu);
+		params[0] =3D (u64)kvm_rdi_read_raw(vcpu);
+		params[1] =3D (u64)kvm_rsi_read_raw(vcpu);
+		params[2] =3D (u64)kvm_rdx_read_raw(vcpu);
+		params[3] =3D (u64)kvm_r10_read_raw(vcpu);
+		params[4] =3D (u64)kvm_r8_read_raw(vcpu);
+		params[5] =3D (u64)kvm_r9_read_raw(vcpu);
 #else
 		KVM_BUG_ON(1, vcpu->kvm);
 		return -EIO;
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A63B3A7F5E
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:44 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775779005; cv=none;
 b=BdtBMFnNAZwjf2OJkVepM7E48dGtvHhOC9/4apN4Z4ANbQDY8rw9o04k2oPp15HdPjs4eYReADM+vBmXmgUFlr6DuOAcHA3qzrx+wkrwYlh1KuVDoHutHAg2IF0Dzzlb2Msk62+nATfrGEAkgeXKNL04SXOrGCw3EnDRksawsMg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775779005; c=relaxed/simple;
	bh=km6YOj5goX/XvbVUtkoW3Xk9iRiy++c/4OSOnwn/Er8=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=WcolCHMxfZ+9pyBuZL/wGCw/2vox5eDIeaaFO9gkO6X6NGZpUblPP/iRpwaddYQxxx4TCcVtgzlzRudEG70H8GCPEpxhaKQYbQzVFARx2OXxZwcPuFsGbd19kNg1FCgklRDOKL/zXmYXOCoePmpgkOkb0CbLE06uR7GyMBMntLY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=ZEwfkDMz; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="ZEwfkDMz"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-354bc535546so1431821a91.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775779003; x=1776383803;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=qgfsXecMrfEVfBnUgRnO6VRKUmU+TYegYj1eRe4Wi0Q=;
        b=ZEwfkDMzIG/BamCLeoN4mDzvvgPYpjaSyWSYzSSNgHiGKcN4FELOYd1ycrOK1//ons
         +Q38OErqyoEWYhIm/j85UMcZZzUKkZE7yqMYom0upLqM+jHx11y63qYW5bp4FSdFXSaQ
         HLh1S0ctElW1XDkFd6DWzfhHjNk6XgXtrl37+pZxEYqJrhx8w8TgzmpFTSSAHzklIucj
         3vHhKSdc8qrdi2W36txuKQmqae2Nmt9XU0u8NOSHebcZNFMyAF0+Y6YTuYBsGlI6qldr
         kT56QDMsaKXWeQcoU9xUyBQlcGBQbrne2hpzIapQP8qtFQ8OBeI9/STcCxmCtAy1Jl5a
         bGyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775779003; x=1776383803;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=qgfsXecMrfEVfBnUgRnO6VRKUmU+TYegYj1eRe4Wi0Q=;
        b=WycHKGh5CR9fEjYlObOebhC+ppEWjAQHM6yw4nLNCQPfZYTBcnf51h42plrTWBymJI
         OLLfKp47QDr5TdjS6dMDQTOqLR7u4xm8aqhyvz+AkDPfpSZdKB7y/9gnMH0q17I2Su1+
         FuqSHpWJOV55xkzIKq4jpOnouktf074PNJB05BKezLrCLYCZC+p3C9A1Z5xPKIfpsBjy
         nwk5bTADAFq9OmL8JZq3eWQ035W7TNvGahYQsB9G11rPzb76KdsD6i+6g/LD4ByG5aGY
         amADEPdxsO54bjzkIB3lrM//PhbnhDwyS02lVHzyFE+hZC21Fwh18IIm8u+pDYtOa8Ri
         78Wg==
X-Forwarded-Encrypted: i=1;
 AJvYcCUtUZvBxwF4UegDM8sYG0oQzR1HQx0miF0B8KIE3K21MgvKVAMoUgT3zunvsCrVbCuJJLKMbgWpeeQ6lyQ=@vger.kernel.org
X-Gm-Message-State: AOJu0YxM0M73oe8mWS8HLI6YA484qxrkua5jEFxamjdAZomzTC/w9A6b
	gXUQ1d19ZMKng7M34wEHaA1xsnsPCB3GixAvVVSZz4N4XdzQ5vVw5ySub9+vljDnc4o1wvDAUGo
	2abJ/9g==
X-Received: from pjbei2.prod.google.com ([2002:a17:90a:e542:b0:35c:251c:2305])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:4d83:b0:359:8a78:569c
 with SMTP id 98e67ed59e1d1-35e42827fd2mr992968a91.25.1775779003015; Thu, 09
 Apr 2026 16:56:43 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:19 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-9-seanjc@google.com>
Subject: [PATCH 08/11] KVM: x86: Drop non-raw kvm_<reg>_write() helpers
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Drop the non-raw, mode-aware kvm_<reg>_write() helpers as there is no
usage in KVM, and in all likelihood there will never be usage in KVM as
use of hardcoded registers in instructions is uncommon, and *modifying*
hardcoded registers is practically unheard of.  While there are a few
instructions that modify registers in mode-aware ways, e.g. REP string
and some ENCLS varieties, the odds of KVM needing to emulate such
instructions (outside of the fully emulator) are vanishingly small.

Drop kvm_<reg>_write() to prevent incorrect usage; _if_ a new instruction
comes along that needs to modify a hardcoded register, this can be
reverted.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/x86.h | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index 2550380fa79e..cebea89b296c 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -435,11 +435,6 @@ static __always_inline unsigned long kvm_##lname##_rea=
d(struct kvm_vcpu *vcpu)
 {											\
 	return vcpu->arch.regs[VCPU_REGS_##uname] & kvm_reg_mode_mask(vcpu);		\
 }											\
-static __always_inline void kvm_##lname##_write(struct kvm_vcpu *vcpu,			\
-						unsigned long val)			\
-{											\
-	vcpu->arch.regs[VCPU_REGS_##uname] =3D val & kvm_reg_mode_mask(vcpu);		\
-}											\
 static __always_inline unsigned long kvm_##lname##_read_raw(struct kvm_vcp=
u *vcpu)	\
 {											\
 	return vcpu->arch.regs[VCPU_REGS_##uname];					\
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com
 [209.85.210.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F13C73A9013
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:45 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775779007; cv=none;
 b=uRW3y8G0CWdF2PpB7+4Se20JZ9HVi6XKxB8vrobwz/gUv9EUhyeS6m2Eor+hnsp623PI2j9uACtq5dFdzNS2gi0hoWus++Tt8d6rpDgrXXuesIazsVQPtR5sRytf8XVOjavDPztVLsLlReus05hn7jLjjga9w84qVmsQ1Z5yHVc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775779007; c=relaxed/simple;
	bh=FzKu0OplO/x9QZxtsn2/t8O/sWHDPaNkNqVuS6SOMm8=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=fjEeUGpkYctGfUP0hHS72g/7FggIogD2rvgyxOazx4dv/VHuJxwyJ/CkYRgAl6GVhLWfQmOoz7cftE/u4d9GACNpig4uCAGu7oV0BHQ+WJ89qYUKguwYNzLLBYiRulP6hu3PChg6AhAsH84SpGRjjq91J4Fk/02M+1iwWHxxBpM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=NCWtRs7s; arc=none smtp.client-ip=209.85.210.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="NCWtRs7s"
Received: by mail-pf1-f202.google.com with SMTP id
 d2e1a72fcca58-82c4664f75fso1150523b3a.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775779005; x=1776383805;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=6pa7uOXW0iVK999jHvqL3WwweCQCgdlv9Jsr1DM564M=;
        b=NCWtRs7shMyEWDsWcnnSIaiJ9jZN/RkTmm2GzeS7ueFLURYjMR8r9m6k84EdqsUkeJ
         fgmxZT0Ou1CXGCk6H9C8bq5N/XeW+5rklo28lN81/+NfrLkkARNBV73uDdt7G2wa2Gwm
         hx7YVdVOM80qSRJ+rT79qzXwtJ/tGK6S9x4fljv8DyYgqh1mI7Li0Ek9jStbVP2Qbw6H
         ii7rifCu8kfZ99KKqE+DbjTKeMYuqI/37s3b4o7G4iS3if7OMUqZivp8qPE+nC1C3D/t
         oh/maTiw/uOHP4LQR2PtZ/JMtwg+I8dYLUzW9AUx7bs0wZrNjnZe81OUm4qtXZJp9FPU
         tPbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775779005; x=1776383805;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=6pa7uOXW0iVK999jHvqL3WwweCQCgdlv9Jsr1DM564M=;
        b=R+qjgc+pO9oRwvJqhv99Q9y79dIILYZSJE/V4VBbIm8zcqFN1iFxIDa4OzifWP2EgF
         zJvOz0sR4d4tKYtpY6+hwW8ZclgdgCnMdXckxNvGn7/unvrMeLvPXd4VRToVEDczJR4i
         YOA1oK5RGX4DjGAjkCZxilyD6ekoTMHxmTJgbKVYiihMAh4G+nW26sjgwQwbOaAYTO7P
         bYhp/JmhhSl74W90ILt0oMIf3Ae3UiHiUPmA9B9VN56NV17wYmlGnzSWV0BjYObuAy/J
         bXQDXT3pbHi3B3Wz5KByVkyAPFjf0Spc9Rv873J/grW3JIQwHB50c35wTtTTuw0Z6A2B
         adxg==
X-Forwarded-Encrypted: i=1;
 AJvYcCXwjAPOAsPfPIEYAgp30MECRZVbqMgH1yuUydlJJT11uuNYXkRpo/lkvfK5V3L/56Ae7Yl7UAl3ON4yBfI=@vger.kernel.org
X-Gm-Message-State: AOJu0YyPEjXIZhQsZ7PaDoSKakvwlb5Iq4j1KGtOt3G/399jaGDemPWq
	n+jXL1WiBABEMKtKSXom2fJei246MUrbz2XUc1slQMxO8DcUVy1gKuwb7dADJPKaIeK25ucZS3K
	CpeOEXg==
X-Received: from pfbhc13.prod.google.com
 ([2002:a05:6a00:650d:b0:82f:3b6:9332])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:2290:b0:827:4bca:f1a2
 with SMTP id d2e1a72fcca58-82f0c12f440mr1133195b3a.10.1775779005043; Thu, 09
 Apr 2026 16:56:45 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:20 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-10-seanjc@google.com>
Subject: [PATCH 09/11] KVM: nSVM: Use kvm_rax_read() now that it's mode-aware
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Now that kvm_rax_read() truncates the output value to 32 bits if the
vCPU isn't in 64-bit mode, use it instead of the more verbose (and very
technically slower) kvm_register_read().

Note!  VMLOAD, VMSAVE, and VMRUN emulation are still technically buggy,
as they can use EAX (versus RAX) in 64-bit mode via an operand size
prefix.  Don't bother trying to handle that case, as it would require
decoding the code stream, which would open an entirely different can of
worms, and in practice no sane guest would shove garbage into RAX[63:32]
and then execute VMLOAD/VMSAVE/VMRUN with just EAX.

No functional change intended.

Cc: Yosry Ahmed <yosry@kernel.org>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Yosry Ahmed <yosry@kernel.org>
---
 arch/x86/kvm/svm/nested.c | 2 +-
 arch/x86/kvm/svm/svm.c    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 00de9375c836..7bea5ad02805 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -1113,7 +1113,7 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu)
 	if (WARN_ON_ONCE(!svm->nested.initialized))
 		return -EINVAL;
=20
-	vmcb12_gpa =3D kvm_register_read(vcpu, VCPU_REGS_RAX);
+	vmcb12_gpa =3D kvm_rax_read(vcpu);
 	if (!page_address_valid(vcpu, vmcb12_gpa)) {
 		kvm_inject_gp(vcpu, 0);
 		return 1;
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 0e2e7a803d64..79d5982cf294 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2187,7 +2187,7 @@ static int intr_interception(struct kvm_vcpu *vcpu)
=20
 static int vmload_vmsave_interception(struct kvm_vcpu *vcpu, bool vmload)
 {
-	u64 vmcb12_gpa =3D kvm_register_read(vcpu, VCPU_REGS_RAX);
+	u64 vmcb12_gpa =3D kvm_rax_read(vcpu);
 	struct vcpu_svm *svm =3D to_svm(vcpu);
 	struct vmcb *vmcb12;
 	struct kvm_host_map map;
@@ -2295,7 +2295,7 @@ static int gp_interception(struct kvm_vcpu *vcpu)
 		if (nested_svm_check_permissions(vcpu))
 			return 1;
=20
-		if (!page_address_valid(vcpu, kvm_register_read(vcpu, VCPU_REGS_RAX)))
+		if (!page_address_valid(vcpu, kvm_rax_read(vcpu)))
 			goto reinject;
=20
 		/*
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6EF8B3AA1A4
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:47 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775779008; cv=none;
 b=p+8en81G1/FvlkvzcmKjBSHj4ykj9KJ7QrmIdtDERH1DlOK8lwzp2GTclCpzrQmgQXWp27lgk58mspd+JXfIFZldg14vNj4zYsfbRUfO6xTazdO8vCfck2P2StX3W28h4ge4AaBY3eqjHQ4kDRbZt8zdVnkRS/7SKJ9MHT2lblM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775779008; c=relaxed/simple;
	bh=4VSiwzk65MALSPIh6+qTgVvk/o5YZM/uQIkuW0RxpUA=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=JU2kJvl4vzfZJTngs4+9eRas7bc5P8dvXdIiMLudPCgCuVYPuyDV+IHyIVlJm6yip47qI2eGzgBjOJD97AmT1hMHrKru0V5ZdK29m7xpX0TL5Vj8aqXc0Zbeft55afqW2h+yLSpTn1Jh2ir8yMAULNp1qh70Zw6Ja/1zy623TJg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=LVESAgFO; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="LVESAgFO"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-3594620fe97so4118396a91.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775779007; x=1776383807;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=7CIhqJpO1II+dflKt7LF6AvVPHOYrkF3a/Du1JRh6EY=;
        b=LVESAgFOEdyAdkexc4diLa5a8DoZDkJxqODjhAj3n4eNqp2UXr2AV1cKx+rt0uGDbS
         KiCVCwbfHhGDAWEJTRG/lUtcu3D+6a2RFh64fCwFjcmQAy7IVflJBKQZDgU/EDU89eF/
         btRlN9+kC8F1zrYDgi7kCy7yL0Wz5FNf+dCf1m46zaQCyF+jMVsCtLq5JPoJKkVsaSh5
         YRQ6ZoXREClNsqRj6d0x9u6eearSLrDYDISXkauL7fI9UiFDmww/MzU997ALYzeKH27t
         o+8ns4UvmPjAL/ZnkFqnlOcBjGRWGxDWfsgl+FDKSbWxCzdfCzLgWTa5OhuxvgdV9rLY
         a+EA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775779007; x=1776383807;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=7CIhqJpO1II+dflKt7LF6AvVPHOYrkF3a/Du1JRh6EY=;
        b=UGhxHG5MzdHaDzUCIrkQaBdkm1hZYB3sbrOXxkpgjDI0CDubwYutL+bPts+F/vdKKj
         QyC5NYsRLCiU0Ge/kgol9JGknOJEkiq0AkWy1u/eNUGPbk0iMlWfxopOpuvdjzsmczHz
         tj95OBtaisq9/68bpQHfLJpuMPg9OZ70b5eeuTa6TsdXo9ldiHzE3AmRjliEm8mVvJwN
         2ZZd79lWb1U7wLnPdsgnWE3/OcQTgdIX6W5wzLvQQk35rvFe88sNgeMfeuAY4tHSSd8V
         OafBSKT/ZiQ+as2F7m+ZHnB1x3xwev9itCaGcUNCgbKQHTJBjRoR6rElPhUsq/296Pyw
         iucw==
X-Forwarded-Encrypted: i=1;
 AJvYcCUlDpKG9TQtRE/QEdWajQja2tLN6GzdtN42jPCWFpW8gW/+PlL31Pl+EFzNYiDZhxbB4Ro4mbODBTF/ltA=@vger.kernel.org
X-Gm-Message-State: AOJu0YwST4V09g4dR28t3zk+LTUiwE3R7IO11LE8Ylo0dKHC2yJ3QEC5
	LOIjw2pr3O1rUGN2LJJwL3CrU4AE4LJChA6H33+37PyVfyynZwD9ol/rkZTyNhU45wMkja4OPjr
	G8XhPag==
X-Received: from pjbmg17.prod.google.com
 ([2002:a17:90b:3711:b0:35d:a66b:b3eb])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:48c1:b0:356:1db4:8fe5
 with SMTP id 98e67ed59e1d1-35e42869741mr970386a91.29.1775779006701; Thu, 09
 Apr 2026 16:56:46 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:21 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-11-seanjc@google.com>
Subject: [PATCH 10/11] Revert "KVM: VMX: Read 32-bit GPR values for ENCLS
 instructions outside of 64-bit mode"
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Now that kvm_<reg>_read() are mode aware, i.e. are functionally equivalent
to kvm_register_read(), revert aback to the less verbose versions.

No functional change intended.

This reverts commit 60919eccf6764c71cef31a1afeaa1a36b8e5ab85.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Acked-by: Kai Huang <kai.huang@intel.com>
---
 arch/x86/kvm/vmx/sgx.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kvm/vmx/sgx.c b/arch/x86/kvm/vmx/sgx.c
index 4ca11e5ff4eb..5476743b66e7 100644
--- a/arch/x86/kvm/vmx/sgx.c
+++ b/arch/x86/kvm/vmx/sgx.c
@@ -225,8 +225,8 @@ static int handle_encls_ecreate(struct kvm_vcpu *vcpu)
 	struct x86_exception ex;
 	int r;
=20
-	if (sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RBX), 32, 3=
2, &pageinfo_gva) ||
-	    sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RCX), 4096,=
 4096, &secs_gva))
+	if (sgx_get_encls_gva(vcpu, kvm_rbx_read(vcpu), 32, 32, &pageinfo_gva) ||
+	    sgx_get_encls_gva(vcpu, kvm_rcx_read(vcpu), 4096, 4096, &secs_gva))
 		return 1;
=20
 	/*
@@ -302,9 +302,9 @@ static int handle_encls_einit(struct kvm_vcpu *vcpu)
 	gpa_t sig_gpa, secs_gpa, token_gpa;
 	int ret, trapnr;
=20
-	if (sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RBX), 1808,=
 4096, &sig_gva) ||
-	    sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RCX), 4096,=
 4096, &secs_gva) ||
-	    sgx_get_encls_gva(vcpu, kvm_register_read(vcpu, VCPU_REGS_RDX), 304, =
512, &token_gva))
+	if (sgx_get_encls_gva(vcpu, kvm_rbx_read(vcpu), 1808, 4096, &sig_gva) ||
+	    sgx_get_encls_gva(vcpu, kvm_rcx_read(vcpu), 4096, 4096, &secs_gva) ||
+	    sgx_get_encls_gva(vcpu, kvm_rdx_read(vcpu), 304, 512, &token_gva))
 		return 1;
=20
 	/*
--=20
2.53.0.1213.gd9a14994de-goog
From nobody Sat Jun 20 20:53:38 2026
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 620EA3ACA6C
	for <linux-kernel@vger.kernel.org>; Thu,  9 Apr 2026 23:56:49 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775779010; cv=none;
 b=Pwm33Rj2uVbkMHHH9wNeKpuRH6mBfJmpm0S4wkeEvAoJeB/S0WUHbPKJi1WlU3kDdoTYEWeoxU+DasMEqkEL8MgyW6OP/YXPtmRcg5n0s3Qz/HY6JpXqwERDs8bvRkcQB1vwW9R5b1ltCorsVsk3UrKYHgBbxd3vaXnytx8TP8o=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775779010; c=relaxed/simple;
	bh=g68osq6pRQSr3t5f6y6XMOyV1XhIP81oCEWoVk8XeoQ=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=rYcKcb+pVRshBlaMEPZIM7axD5pHHZhXZbu6LJ6ejuHC6IY0BF3SRwMNkl75pFLGvFEq8+4YKHCMSeWBFaGiKLKGp0ns4vT3ttWJmB5CSy87l9kChRjKCx0yKXo6H+Dp7vTd7yD2kRVzATVU+cY49lh0LzwqCE4Dp2SynbCBK5E=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=G/908ziU; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="G/908ziU"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-35c0cbe0f64so2928106a91.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 09 Apr 2026 16:56:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1775779009; x=1776383809;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=2vfHPkdjdDnWWqHGKQSHc5fvDOSsHtdwUfzBfHbNRVQ=;
        b=G/908ziUPS7ABcOfBdbJCCKDI9RGngkWHt6sF0KcR9tNmh47Sxr4YEZoymDk6u/LZp
         +oA4o6fbsO4cXL/iSLfOeZLkFP0aepatMfQS5I1rrt7o3TBfwjYiXKFRLxwHTQgxt9D4
         5M6/2N31+SG04WchjB0aieFU44QXtYDAjfDgeImILRfobTOwYf4NrX/ItdzJhN+Yg0JM
         Sbr8z2cJZX7Bu6zLmo9/ST0QhdtDGkIgf6+cPAMrBgmYFlDq0ajuFyOnxL26LzaShsrI
         jtINd259jBQEC0JABSjWubuMC+BzhbqgVEGkuy5solG8kXsUEk+wIEoQVLuP34YL3bOo
         SBBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775779009; x=1776383809;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=2vfHPkdjdDnWWqHGKQSHc5fvDOSsHtdwUfzBfHbNRVQ=;
        b=JhIuYhDBgoG1pCUWMCNltLmhJLwIbVc+iVO6/vHyEdQhFEqqGiUAVoHFLqy24gCyC7
         QZBKlGnO2Dwg0DY70+hFycUc4L41eBrmHrtXl+dcJt7PXkL+Pj5/wyyj6g+2Wlj+gYgg
         XmLPwzqSWkoBC6yxbM+bk3Hh3odrvayPbrZkSw5ATw1UXp1XemLEj/N64HZUwpSIksJS
         3qr8lpp9t0QSpjMCF8JlpSQJ2D4CS7Jt/6OSpXS2EIl3FwckcNtBDbtbDZjHYk+jzMPn
         mi06YgOhfVrXPuYcDEILZdFaGjDfagBZ7m6DTLi9TntonXJMOqY6MqDQKhx6Qp8uZYJ/
         2ubA==
X-Forwarded-Encrypted: i=1;
 AJvYcCXisJH6jsOeMYwQN3oS8RW77fpLxb0CyIcirf8ZW1qJyf+UMcZ5LkNo+k9NqRCEpuGO5rz908kMTnwtHRM=@vger.kernel.org
X-Gm-Message-State: AOJu0YwIyj/MzVUfIEtPs5QxQpxEzIZjpSM87ZTcd0KSXDw9w14ycjPh
	TszsGMWL5c9VMDSJArWKrOiM5F8JYV7MHNc7z3Jyc8tmSvHXVwZyqAniDqtJbzUoj1TqJnsgFUP
	SseLMwQ==
X-Received: from pjdx8.prod.google.com ([2002:a17:90a:bc8:b0:35d:a9eb:ff55])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:28d0:b0:35c:30a8:31f
 with SMTP id 98e67ed59e1d1-35e4276a26cmr986041a91.2.1775779008661; Thu, 09
 Apr 2026 16:56:48 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  9 Apr 2026 16:56:22 -0700
In-Reply-To: <20260409235622.2052730-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260409235622.2052730-1-seanjc@google.com>
X-Mailer: git-send-email 2.53.0.1213.gd9a14994de-goog
Message-ID: <20260409235622.2052730-12-seanjc@google.com>
Subject: [PATCH 11/11] KVM: x86: Harden is_64_bit_hypercall() against bugs on
 32-bit kernels
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
 David Woodhouse <dwmw2@infradead.org>, Paul Durrant <paul@xen.org>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Yosry Ahmed <yosry@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Unconditionally return %false for is_64_bit_hypercall() on 32-bit kernels
to guard against incorrectly setting guest_state_protected, and because
in a (very) hypothetical world where 32-bit KVM supports protected guests,
assuming a hypercall was made in 64-bit mode is flat out wrong.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
---
 arch/x86/kvm/x86.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index cebea89b296c..5a79ec5f5bad 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -271,12 +271,16 @@ static inline bool is_64_bit_mode(struct kvm_vcpu *vc=
pu)
=20
 static inline bool is_64_bit_hypercall(struct kvm_vcpu *vcpu)
 {
+#ifdef CONFIG_X86_64
 	/*
 	 * If running with protected guest state, the CS register is not
 	 * accessible. The hypercall register values will have had to been
 	 * provided in 64-bit mode, so assume the guest is in 64-bit.
 	 */
 	return vcpu->arch.guest_state_protected || is_64_bit_mode(vcpu);
+#else
+	return false;
+#endif
 }
=20
 static inline bool x86_exception_has_error_code(unsigned int vector)
--=20
2.53.0.1213.gd9a14994de-goog