| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260110004821.3411245-5-yosry.ahmed@linux.dev> Date: Sat, 10 Jan 2026 00:48:21 +0000 From: Yosry Ahmed <yosry.ahmed@...ux.dev> To: Sean Christopherson <seanjc@...gle.com> Cc: Paolo Bonzini <pbonzini@...hat.com>, Jim Mattson <jmattson@...gle.com>, Kevin Cheng <chengkev@...gle.com>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org, Yosry Ahmed <yosry.ahmed@...ux.dev> Subject: [PATCH 4/4] RFC: KVM: SVM: WARN if VMSAVE/VMLOAD are not intercepted or virtualized Signed-off-by: Yosry Ahmed <yosry.ahmed@...ux.dev> --- arch/x86/kvm/svm/svm.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f1b032114406..983ae98133e9 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1387,6 +1387,14 @@ static void svm_prepare_switch_to_guest(struct kvm_vcpu *vcpu) if (svm->guest_state_loaded) return; + /* + * Without virtual VMSAVE/VMLOAD, the instruction would directly access + * host physical addresses, so make sure they are intercepted. + */ + if (!(svm->vmcb->control.virt_ext & VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK)) + WARN_ON_ONCE(!svm_is_intercept(svm, INTERCEPT_VMSAVE) || + !svm_is_intercept(svm, INTERCEPT_VMLOAD)); + /* * Save additional host state that will be restored on VMEXIT (sev-es) * or subsequent vmload of host save area. -- 2.52.0.457.g6b5491de43-goog
Powered by blists - more mailing lists