The PSC code has a variety of bugs, several of which have to do with
not following the spec.  It took a while to disentagle and root cause
everything (the GHCB ain't exactly the easiest spec to decipher), but
here it is.  The first 10 patches have just been sent to Linus.

For the rest we decided to handle it on-list for 7.2, but it is possible
that a clever guest could abuse the bugs to cause the host to leak a
pile of pages (limited by how fast the VM can get recreated).

This can also be found in a sev-for-7.2 branch of kvm.git

Thanks,

Paolo, Sean, Mike, Tom

Michael Roth (1):
  KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use

Sean Christopherson (23):
  KVM: SEV: Ignore MMIO requests of length '0'
  KVM: SEV: Reject MMIO requests larger than 8 bytes with GHCB v2+
  KVM: SEV: Ignore Port I/O requests of length '0'
  KVM: SEV: Use the size of the PSC header as the minimum size for PSC
    requests
  KVM: SEV: Compute the correct max length of the in-GHCB scratch area
  KVM: SEV: WARN if KVM attempts to setup scratch area with min_len==0
  KVM: SEV: Don't explicitly pass PSC buffer to snp_begin_psc()
  KVM: SEV: Check PSC request indices against the actual size of the
    buffer
  KVM: SEV: Use READ_ONCE() when reading entries/indices from PSC buffer
  KVM: SEV: Make it more obvious when KVM is writing back the current
    PSC index
  KVM: SEV: Add an anonymous "psc" struct to track current PSC metadata
  KVM: SEV: Read start/end indices of PSC requests exactly once per
    #VMGEXIT
  KVM: Don't WARN if memory is dirtied without a vCPU when the VM is
    dying
  KVM: SEV: Move sev_free_vcpu() down below sev_es_unmap_ghcb()
  KVM: SEV: Decouple the need to sync the GHCB SA from the need to free
    the SA
  KVM: SEV: Unmap and unpin the GHCB as needed on vCPU free
  KVM: SEV: Don't terminate SNP VMs on #VMGEXIT without a registered
    GHCB
  KVM: SEV: Move GHCB "usage" check out of sev_es_validate_vmgexit()
  KVM: SEV: Return INVALID_EVENT for SNP-only #VMGEXIT from non-SNP
    guest
  KVM: SEV: Return INVALID_INPUT, not MISSING_INPUT, for bad
    GUEST_REQUEST input(s)
  KVM: SEV: Handle unknown #VMGEXIT reasons in sev_handle_vmgexit()
  KVM: SEV: Turn sev_es_validate_vmgexit() into a dedicated predicate
  KVM: SEV: Remove sometimes-used function-scoped "ret" from #VMGEXIT
    handler

 arch/x86/kvm/svm/sev.c | 554 ++++++++++++++++++++++-------------------
 arch/x86/kvm/svm/svm.h |   9 +-
 virt/kvm/kvm_main.c    |   3 +-
 3 files changed, 302 insertions(+), 264 deletions(-)

-- 
2.54.0

I think patches 11-13 should also be included in 7.1.  Any other opinions?

Paolo

On Fri, May 29, 2026 at 8:35 PM Paolo Bonzini <pbonzini@redhat.com> wrote:
>
> The PSC code has a variety of bugs, several of which have to do with
> not following the spec.  It took a while to disentagle and root cause
> everything (the GHCB ain't exactly the easiest spec to decipher), but
> here it is.  The first 10 patches have just been sent to Linus.
>
> For the rest we decided to handle it on-list for 7.2, but it is possible
> that a clever guest could abuse the bugs to cause the host to leak a
> pile of pages (limited by how fast the VM can get recreated).
>
> This can also be found in a sev-for-7.2 branch of kvm.git
>
> Thanks,
>
> Paolo, Sean, Mike, Tom
>
> Michael Roth (1):
>   KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use
>
> Sean Christopherson (23):
>   KVM: SEV: Ignore MMIO requests of length '0'
>   KVM: SEV: Reject MMIO requests larger than 8 bytes with GHCB v2+
>   KVM: SEV: Ignore Port I/O requests of length '0'
>   KVM: SEV: Use the size of the PSC header as the minimum size for PSC
>     requests
>   KVM: SEV: Compute the correct max length of the in-GHCB scratch area
>   KVM: SEV: WARN if KVM attempts to setup scratch area with min_len==0
>   KVM: SEV: Don't explicitly pass PSC buffer to snp_begin_psc()
>   KVM: SEV: Check PSC request indices against the actual size of the
>     buffer
>   KVM: SEV: Use READ_ONCE() when reading entries/indices from PSC buffer
>   KVM: SEV: Make it more obvious when KVM is writing back the current
>     PSC index
>   KVM: SEV: Add an anonymous "psc" struct to track current PSC metadata
>   KVM: SEV: Read start/end indices of PSC requests exactly once per
>     #VMGEXIT
>   KVM: Don't WARN if memory is dirtied without a vCPU when the VM is
>     dying
>   KVM: SEV: Move sev_free_vcpu() down below sev_es_unmap_ghcb()
>   KVM: SEV: Decouple the need to sync the GHCB SA from the need to free
>     the SA
>   KVM: SEV: Unmap and unpin the GHCB as needed on vCPU free
>   KVM: SEV: Don't terminate SNP VMs on #VMGEXIT without a registered
>     GHCB
>   KVM: SEV: Move GHCB "usage" check out of sev_es_validate_vmgexit()
>   KVM: SEV: Return INVALID_EVENT for SNP-only #VMGEXIT from non-SNP
>     guest
>   KVM: SEV: Return INVALID_INPUT, not MISSING_INPUT, for bad
>     GUEST_REQUEST input(s)
>   KVM: SEV: Handle unknown #VMGEXIT reasons in sev_handle_vmgexit()
>   KVM: SEV: Turn sev_es_validate_vmgexit() into a dedicated predicate
>   KVM: SEV: Remove sometimes-used function-scoped "ret" from #VMGEXIT
>     handler
>
>  arch/x86/kvm/svm/sev.c | 554 ++++++++++++++++++++++-------------------
>  arch/x86/kvm/svm/svm.h |   9 +-
>  virt/kvm/kvm_main.c    |   3 +-
>  3 files changed, 302 insertions(+), 264 deletions(-)
>
> --
> 2.54.0

On Sat, May 30, 2026, Paolo Bonzini wrote:
> I think patches 11-13 should also be included in 7.1.

+1.

On 6/3/26 14:52, Sean Christopherson wrote:
> On Sat, May 30, 2026, Paolo Bonzini wrote:
>> I think patches 11-13 should also be included in 7.1.
> 
> +1.

Thanks for confirming; pushed 11-17 to master and the whole series to next.

Paolo