KVM: x86: Harden is_64_bit_hypercall() against bugs on 32-bit kernels

Unconditionally return %false for is_64_bit_hypercall() on 32-bit kernels
to guard against incorrectly setting guest_state_protected, and because
in a (very) hypothetical world where 32-bit KVM supports protected guests,
assuming a hypercall was made in 64-bit mode is flat out wrong.

Reviewed-by: Kai Huang <kai.huang@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Link: https://patch.msgid.link/20260529222223.870923-13-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/regs.h b/arch/x86/kvm/regs.h
index f22b3a8cd483d05e3ae7be002067625d20764d4a..a57ba26279edf8713ef20033209a627e89e60913 100644 (file)
--- a/arch/x86/kvm/regs.h
+++ b/arch/x86/kvm/regs.h
@@ -39,12 +39,16 @@ static inline bool is_64_bit_mode(struct kvm_vcpu *vcpu)
 
 static inline bool is_64_bit_hypercall(struct kvm_vcpu *vcpu)
 {
+#ifdef CONFIG_X86_64
        /*
         * If running with protected guest state, the CS register is not
         * accessible. The hypercall register values will have had to been
         * provided in 64-bit mode, so assume the guest is in 64-bit.
         */
        return vcpu->arch.guest_state_protected || is_64_bit_mode(vcpu);
+#else
+       return false;
+#endif
 }
 
 static __always_inline unsigned long kvm_reg_mode_mask(struct kvm_vcpu *vcpu)