From: Sean Christopherson Date: Fri, 29 May 2026 18:35:46 +0000 (+0200) Subject: KVM: SEV: Return INVALID_INPUT, not MISSING_INPUT, for bad GUEST_REQUEST input(s) X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5eb5d5d123a8bd29204147a0cdd712f6d6d339e4;p=thirdparty%2Fkernel%2Flinux.git KVM: SEV: Return INVALID_INPUT, not MISSING_INPUT, for bad GUEST_REQUEST input(s) Return INVALID_INPUT, not MISSING_INPUT, if the guest provides an unaligned address for a GUEST_REQUEST, and/or attempts to use the same page for the source and destination. The inputs are obviously invalid, not missing. Opportunistically move the checks out of sev_es_validate_vmgexit(), to continue the march towards reducing the scope of the helper, and to help guide future changes into correctly handling bad input. Fixes: 88caf544c930 ("KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event") Fixes: 74458e4859d8 ("KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event") Reviewed-by: Tom Lendacky Reviewed-by: Michael Roth Signed-off-by: Sean Christopherson Message-ID: <20260501202250.2115252-22-seanjc@google.com> Signed-off-by: Paolo Bonzini Message-ID: <20260529183549.1104619-22-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini --- diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b59adddfdbcc..84421d9a116b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3508,10 +3508,6 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) break; case SVM_VMGEXIT_GUEST_REQUEST: case SVM_VMGEXIT_EXT_GUEST_REQUEST: - if (!PAGE_ALIGNED(control->exit_info_1) || - !PAGE_ALIGNED(control->exit_info_2) || - control->exit_info_1 == control->exit_info_2) - goto vmgexit_err; break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -4631,10 +4627,20 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; case SVM_VMGEXIT_GUEST_REQUEST: - ret = snp_handle_guest_req(svm, control->exit_info_1, control->exit_info_2); - break; case SVM_VMGEXIT_EXT_GUEST_REQUEST: - ret = snp_handle_ext_guest_req(svm, control->exit_info_1, control->exit_info_2); + if (!PAGE_ALIGNED(control->exit_info_1) || + !PAGE_ALIGNED(control->exit_info_2) || + control->exit_info_1 == control->exit_info_2) { + svm_vmgexit_bad_input(svm, GHCB_ERR_INVALID_INPUT); + return 1; + } + + if (control->exit_code == SVM_VMGEXIT_GUEST_REQUEST) + ret = snp_handle_guest_req(svm, control->exit_info_1, + control->exit_info_2); + else + ret = snp_handle_ext_guest_req(svm, control->exit_info_1, + control->exit_info_2); break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu,