On Thu, Nov 13, 2025 at 02:56:20PM -0800, Sean Christopherson wrote: > Limit KVM's incorrect check for VMXEXIT_INVALID, a.k.a. SVM_EXIT_ERR, to > running as a VM, as detected by X86_FEATURE_HYPERVISOR. The exit_code and > all failure codes, e.g. VMXEXIT_INVALID, are 64-bit values, and so checking > only bits 31:0 could result in false positives when running on non-broken > hardware, e.g. in the extremely unlikely scenario exit code 0xffffffffull > is ever generated by hardware. > > Keep the 32-bit check to play nice with running on broken KVM (for years, > KVM has not set bits 63:32 when synthesizing nested SVM VM-Exits). > > Signed-off-by: Sean Christopherson <[email protected]>
Reviewed-by: Yosry Ahmed <[email protected]> > --- > arch/x86/kvm/svm/svm.h | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h > index 31ee4f65dcc2..801dcfc64d0b 100644 > --- a/arch/x86/kvm/svm/svm.h > +++ b/arch/x86/kvm/svm/svm.h > @@ -427,7 +427,10 @@ static __always_inline struct vcpu_svm *to_svm(struct > kvm_vcpu *vcpu) > > static inline bool svm_is_vmrun_failure(u64 exit_code) > { > - return (u32)exit_code == (u32)SVM_EXIT_ERR; > + if (cpu_feature_enabled(X86_FEATURE_HYPERVISOR)) > + return (u32)exit_code == (u32)SVM_EXIT_ERR; > + > + return exit_code == SVM_EXIT_ERR; > } > > /* > -- > 2.52.0.rc1.455.g30608eb744-goog >
