[PATCH v3 0/8] KVM: x86: Fix emulated MOV DR{4,5} #GP bugs

From: Sean Christopherson

Date: Fri Jun 12 2026 - 19:01:33 EST


Carlos' fix for a bug where KVM fails to signal #GP on emulated MOV DR to
DR4 or DR5, plus a pile of follow-up fixes priority goofs (#UD versus #GP,
#GP vs #DB, and #GP versus #VMEXIT on SVM). The rest are opportunistic
cleanups.

v3:
- Fix a #UD vs #GP due to CPL>0 bug.
- Prioritize DR7.GD=1 #DB over CPL>0 #GP on Intel.

v2: https://lore.kernel.org/all/20260603230718.1733483-1-seanjc@xxxxxxxxxx

v1: https://lore.kernel.org/all/20260601133320.91479-2-clopez@xxxxxxx

Carlos López (1):
KVM: x86: Treat any non-zero return from set_dr() as a faulting
condition

Sean Christopherson (7):
KVM: x86: Prioritize DR7.GD #DB over #GP due to illegal DR6/7 value
KVM: x86: Manually check DR4/5 write values to fix SVM intercept
priority
KVM: x86: Prioritize #UD on MOV DR over #GP due to non-zero CPL
KVM: VMX: Prioritize DR7.GD=1 #DB over CPL>0 #GP on Intel
KVM: x86: Use kvm_dr{6,7}_valid() to check DR{4,5,6,7} write values in
emulator
KVM: x86: WARN if MOV DR emulation hits a "too late" #GP
KVM: x86: Read CR4.DE in emulator if and only if accessing DR4 or DR5

arch/x86/kvm/emulate.c | 49 +++++++++++++++++++++++++++++++-----------
arch/x86/kvm/vmx/vmx.c | 6 +++---
2 files changed, 40 insertions(+), 15 deletions(-)


base-commit: c1f7303302927f9cbf4efedf70f0512cde168c65
--
2.54.0.1136.gdb2ca164c4-goog