Re: [PATCH v6 21/31] KVM: nSVM: Add missing consistency check for EFER, CR0, CR4, and CS

Next message: Saeed Mirzamohammadi: "[PATCH] crypto: tcrypt: stop ahash speed tests when setkey fails"
Previous message: Bjorn Helgaas: "Re: [PATCH v2 RESEND 1/1] PCI: pcie_bus_config can be set at build time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yosry Ahmed

Date: Mon Mar 02 2026 - 19:04:11 EST

On Tue, Feb 24, 2026 at 2:34 PM Yosry Ahmed <yosry@xxxxxxxxxx> wrote:
>
> According to the APM Volume #2, 15.5, Canonicalization and Consistency
> Checks (24593—Rev. 3.42—March 2024), the following condition (among
> others) results in a #VMEXIT with VMEXIT_INVALID (aka SVM_EXIT_ERR):
>
> EFER.LME, CR0.PG, CR4.PAE, CS.L, and CS.D are all non-zero.
>
> Add the missing consistency check. This is functionally a nop because
> the nested VMRUN results in SVM_EXIT_ERR in HW, which is forwarded to
> L1, but KVM makes all consistency checks before a VMRUN is actually
> attempted.
>
> Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Yosry Ahmed <yosry@xxxxxxxxxx>
> ---
> arch/x86/kvm/svm/nested.c | 7 +++++++
> arch/x86/kvm/svm/svm.h | 1 +
> 2 files changed, 8 insertions(+)
>
> diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
> index 6fffb6ae6b88b..2c852e94a9ad9 100644
> --- a/arch/x86/kvm/svm/nested.c
> +++ b/arch/x86/kvm/svm/nested.c
> @@ -397,6 +397,11 @@ static bool nested_vmcb_check_save(struct kvm_vcpu *vcpu,
> CC(!(save->cr0 & X86_CR0_PE)) ||
> CC(!kvm_vcpu_is_legal_cr3(vcpu, save->cr3)))
> return false;
> +
> + if (CC((save->cr4 & X86_CR4_PAE) &&

No need to check X86_CR4_PAE here, as it's checked right above the
context lines.

> + (save->cs.attrib & SVM_SELECTOR_L_MASK) &&
> + (save->cs.attrib & SVM_SELECTOR_DB_MASK)))
> + return false;
> }
>
> /* Note, SVM doesn't have any additional restrictions on CR4. */