[PATCH v4 04/11] KVM: x86/xen: Always route non-singleshot-timer vCPU hypercalls to userspace
From: Sean Christopherson
Date: Tue Jun 30 2026 - 18:58:56 EST
When handling Xen vCPU hypercalls, explicitly route non-singleshot-timer
commands to userspace, *before* checking if in-kernel emulation of the Xen
timer is enabled. Punting hypercalls that are never accelerated by KVM
because some other hypercall happens to be disabled is confusing and
actively dangerous, e.g. it's easy to miss that the only reason KVM can
bail early is because the timer-disabled case provides the same semantics
as the implicit "default" path in the switch-statement.
Opportunistically convert the switch-statement to an if-else-statement to
avoid having to carry code for an impossible "default" case.
For all intents and purposes, no functional change intended.
Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/xen.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
index 694b31c1fcc9..3ed6686e0a1a 100644
--- a/arch/x86/kvm/xen.c
+++ b/arch/x86/kvm/xen.c
@@ -1607,11 +1607,14 @@ static bool kvm_xen_hcall_vcpu_op(struct kvm_vcpu *vcpu, bool longmode, int cmd,
struct vcpu_set_singleshot_timer oneshot;
struct x86_exception e;
+ if (cmd != VCPUOP_set_singleshot_timer &&
+ cmd != VCPUOP_stop_singleshot_timer)
+ return false;
+
if (!kvm_xen_timer_enabled(vcpu))
return false;
- switch (cmd) {
- case VCPUOP_set_singleshot_timer:
+ if (cmd == VCPUOP_set_singleshot_timer) {
if (vcpu->arch.xen.vcpu_id != vcpu_id) {
*r = -EINVAL;
return true;
@@ -1640,20 +1643,16 @@ static bool kvm_xen_hcall_vcpu_op(struct kvm_vcpu *vcpu, bool longmode, int cmd,
}
kvm_xen_start_timer(vcpu, oneshot.timeout_abs_ns, false);
- *r = 0;
- return true;
-
- case VCPUOP_stop_singleshot_timer:
+ } else {
if (vcpu->arch.xen.vcpu_id != vcpu_id) {
*r = -EINVAL;
return true;
}
kvm_xen_stop_timer(vcpu);
- *r = 0;
- return true;
}
- return false;
+ *r = 0;
+ return true;
}
static bool kvm_xen_hcall_set_timer_op(struct kvm_vcpu *vcpu, uint64_t timeout,
--
2.55.0.rc0.799.gd6f94ed593-goog