Re: [PATCH v3 3/4] KVM: x86: Virtualize AMD CPUID faulting

From: Jim Mattson

Date: Wed May 27 2026 - 09:41:15 EST

On Tue, May 26, 2026 at 2:30 PM Kaplan, David <David.Kaplan@xxxxxxx> wrote:
>
> AMD General
>
> > -----Original Message-----
> > From: Jim Mattson <jmattson@xxxxxxxxxx>
> > Sent: Tuesday, May 26, 2026 1:39 PM
> > To: Kaplan, David <David.Kaplan@xxxxxxx>
> > Cc: Sean Christopherson <seanjc@xxxxxxxxxx>; pbonzini@xxxxxxxxxx;
> > tglx@xxxxxxxxxx; mingo@xxxxxxxxxx; bp@xxxxxxxxx;
> > dave.hansen@xxxxxxxxxxxxxxx; x86@xxxxxxxxxx; hpa@xxxxxxxxx;
> > shuah@xxxxxxxxxx; kvm@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; linux-
> > kselftest@xxxxxxxxxxxxxxx; ctpence@xxxxxxxxxx
> > Subject: Re: [PATCH v3 3/4] KVM: x86: Virtualize AMD CPUID faulting
> >
> > Caution: This message originated from an External Source. Use proper caution
> > when opening attachments, clicking links, or responding.
> >
> >
> > On Thu, May 14, 2026 at 11:17 AM Kaplan, David <David.Kaplan@xxxxxxx>
> > wrote:
> > >
> > > This appears to be a bug, as most other instructions (e.g. INVPCID) that have
> > CPL checks do the CPL checks before the VMEXIT checks. I'm following up on
> > this internally...
> >
> > Did you learn anything from the internal follow-up? The ellipsis
> > suggests, "stay tuned..." :)
>
> It appears it was a deliberate decision, due in part to the fact that the traditional flow of checking CPL exceptions before intercepts typically applies to using instructions in an illegal way, but the user is not doing anything illegal here by executing CPUID which is normally a legal instruction at CPL3.
>
> That said, clearly the behavior is different now between the vendors, however at this point the feedback I got is that our architects want to stick with the existing behavior unless there is a strong reason that it is a problem for SW.

No problem from the standpoint of nested SVM emulation.

The APM does say, "**Generally** [emphasis mine], instruction
intercepts are checked after simple exceptions (such as #GP—when CPL
is incorrect—or #UD) have been checked, but before exceptions related
to memory accesses (such as page faults) and exceptions based on
specific operand values," but it would be nice to have exceptions such
as this enumerated.