Re: [PATCH v7 8/9] KVM: x86: nSVM: Save/restore gPAT with KVM_{GET,SET}_NESTED_STATE

[Sean Christopherson]

On Fri, Mar 27, 2026, Jim Mattson wrote:
> @@ -1918,6 +1921,7 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu,
>  	struct vmcb_save_area_cached save_cached;
>  	struct vmcb_ctrl_area_cached ctl_cached;
>  	unsigned long cr0;
> +	bool use_separate_l2_pat;

Land this above "cr0" to preserve the inverted fir tree.

>  	int ret;
>  
>  	BUILD_BUG_ON(sizeof(struct vmcb_control_area) + sizeof(struct vmcb_save_area) >
> @@ -1993,6 +1997,18 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu,
>  	    !nested_vmcb_check_save(vcpu, &save_cached, false))
>  		goto out_free;
>  
> +	/*
> +	 * Validate gPAT when the shared PAT quirk is disabled (i.e. L2
> +	 * has its own gPAT). This is done separately from the
> +	 * vmcb_save_area_cached validation above, because gPAT is L2
> +	 * state, but the vmcb_save_area_cached is populated with L1 state.
> +	 */
> +	use_separate_l2_pat =
> +		(ctl_cached.misc_ctl & SVM_MISC_ENABLE_NP) &&
> +		!kvm_check_has_quirk(vcpu->kvm,
> +				     KVM_X86_QUIRK_NESTED_SVM_SHARED_PAT);

I vote for either:

	use_separate_l2_pat = (ctl_cached.misc_ctl & SVM_MISC_ENABLE_NP) &&
			      !kvm_check_has_quirk(vcpu->kvm,
						   KVM_X86_QUIRK_NESTED_SVM_SHARED_PAT);

or

	use_separate_l2_pat = (ctl_cached.misc_ctl & SVM_MISC_ENABLE_NP);
	if (kvm_check_has_quirk(vcpu->kvm, KVM_X86_QUIRK_NESTED_SVM_SHARED_PAT))
		use_separate_l2_pat = false;


> +	if (use_separate_l2_pat && !kvm_pat_valid(kvm_state->hdr.svm.gpat))
> +		goto out_free;
>  
>  	/*
>  	 * All checks done, we can enter guest mode. Userspace provides
> @@ -2017,6 +2033,10 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu,
>  	nested_copy_vmcb_control_to_cache(svm, ctl);
>  
>  	svm_switch_vmcb(svm, &svm->nested.vmcb02);
> +
> +	if (use_separate_l2_pat)
> +		vmcb_set_gpat(svm->vmcb, kvm_state->hdr.svm.gpat);
> +
>  	nested_vmcb02_prepare_control(svm);
>  
>  	/*
> -- 
> 2.53.0.1018.g2bb0e51243-goog
>