Re: [PATCH v4 1/9] KVM: SVM: Properly check RAX in the emulator for SVM instructions

Next message: Florian Fainelli: "Re: [PATCH 3/6] arm64: dts: broadcom: bcm2712: add camera backend node pispbe"
Previous message: Florian Fainelli: "Re: [PATCH 6/6] arm64: dts: broadcom: bcm2712-d-rpi-5-b: update uart10 interrupt"
In reply to: Yosry Ahmed: "[PATCH v4 1/9] KVM: SVM: Properly check RAX in the emulator for SVM instructions"
Next in thread: Yosry Ahmed: "[PATCH v4 4/9] KVM: SVM: Move RAX legality check to SVM insn interception handlers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yosry Ahmed

Date: Mon Mar 16 2026 - 16:57:15 EST

On Mon, Mar 16, 2026 at 1:27 PM Yosry Ahmed <yosry@xxxxxxxxxx> wrote:
>
> Architecturally, VMRUN/VMLOAD/VMSAVE should generate a #GP if the
> physical address in RAX is not supported. check_svme_pa() hardcodes this
> to checking that bits 63-48 are not set. This is incorrect on HW
> supporting 52 bits of physical address space. Additionally, the emulator
> does not check if the address is not aligned, which should also result
> in #GP.
>
> Use page_address_valid() which properly checks alignment and the address
> legality based on the guest's MAXPHYADDR. Plumb it through
> x86_emulate_ops, similar to is_canonical_addr(), to avoid directly
> accessing the vCPU object in emulator code.
>
> Fixes: 01de8b09e606 ("KVM: SVM: Add intercept checks for SVM instructions")
> Suggested-by: Sean Christopherson <seanjc@xxxxxxxxxx>

I should have dropped this Suggested-by tag.