Re: [PATCH v5 09/26] KVM: nSVM: Call enter_guest_mode() before switching to VMCB02

Next message: Kairui Song: "Re: [PATCH RFC 00/15] mm, swap: swap table phase IV with dynamic ghost swapfile"
Previous message: Gabor Juhos: "[PATCH v2] usb: ehci-orion: remove optional PHY handling code remnants"
In reply to: Jim Mattson: "Re: [PATCH v5 09/26] KVM: nSVM: Call enter_guest_mode() before switching to VMCB02"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yosry Ahmed

Date: Sat Feb 21 2026 - 04:06:52 EST

[..]
> LOL, guess what! Today end's in 'y', which means there's a nSVM bug! It's a
> super minor one though, especially in the broader context, I just happened to
> see it when looking at this patch.

LOL.

>
> As per 3f6821aa147b ("KVM: x86: Forcibly leave nested if RSM to L2 hits shutdown"),
> shutdown on RSM is suppose to hit L1, not L2. But if enter_svm_guest_mode() fails,
> svm_leave_smm() bails without leaving guest code. Syzkaller probably hasn't found
> the bug because nested_run_pending doesn't get set, but it's still technically
> wrong.
>
> Of course, as the comment in emulator_leave_smm() says, the *entire* RSM flow is
> wrong, because it's not a VM-Enter/VMRUN, it's somethign else entirely.
>
> Anyways, I don't think there's anything to do in this series, but at some point
> we should probably do:

I would send a patch, but I have never tested (or did anything with) SMM
before, and I am trying to keep it that way :P