Re: [PATCH v2 0/2] KVM: x86: Syzkaller nested_run_pending defense

Next message: Sean Christopherson: "Re: [PATCH 0/5] KVM: SEV: Drop user-triggerable WARN clean up REG_REGION"
Previous message: Marc Harvey: "Re: [PATCH net-next v5 00/10] Decouple receive and transmit enablement in team driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Christopherson

Date: Tue Apr 07 2026 - 20:15:15 EST

On Thu, 12 Mar 2026 16:48:21 -0700, Sean Christopherson wrote:
> Stop playing a losing game of whack-a-mole with syzkaller over
> nested_run_pending, and simply treat the flag as "untrusted" if userspace gains
> control of the vCPU. I.e. don't WARN if userspace _may_ have stuffed vCPU
> state to force an impossible VM-Exit.
>
> The signal:noise ratio for nested_run_pending WARNs when syzkaller is fuzzing
> nVMX/nSVM is awful, and playing whack-a-mole with syzkaller is doing more harm
> that good at this point. While it's possible syzkaller could find an actual
> KVM bug by stuffing vCPU state, if the _only_ symptom is the nested_run_pending
> WARN, then in theory the bug should also be hittable by stuffing L2 state prior
> to nested VM-Enter.
>
> [...]

Applied to kvm-x86 nested.

[1/2] KVM: x86: Move nested_run_pending to kvm_vcpu_arch
https://github.com/kvm-x86/linux/commit/3d4470d71fbf
[2/2] KVM: x86: Suppress WARNs on nested_run_pending after userspace exit
https://github.com/kvm-x86/linux/commit/7212094baef5

--
https://github.com/kvm-x86/linux/tree/next