[PATCH 11/11] KVM: x86: Harden is_64_bit_hypercall() against bugs on 32-bit kernels

Next message: Grzegorz Nitka: "[PATCH v6 net-next 7/8] ice: add Tx reference clock index handling to AN restart command"
Previous message: Sean Christopherson: "[PATCH 10/11] Revert &quot;KVM: VMX: Read 32-bit GPR values for ENCLS instructions outside of 64-bit mode&quot;"
In reply to: Huang, Kai: "Re: [PATCH 10/11] Revert &quot;KVM: VMX: Read 32-bit GPR values for ENCLS instructions outside of 64-bit mode&quot;"
Next in thread: Huang, Kai: "Re: [PATCH 11/11] KVM: x86: Harden is_64_bit_hypercall() against bugs on 32-bit kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Christopherson

Date: Thu Apr 09 2026 - 19:59:58 EST

Unconditionally return %false for is_64_bit_hypercall() on 32-bit kernels
to guard against incorrectly setting guest_state_protected, and because
in a (very) hypothetical world where 32-bit KVM supports protected guests,
assuming a hypercall was made in 64-bit mode is flat out wrong.

Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/x86.h | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index cebea89b296c..5a79ec5f5bad 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -271,12 +271,16 @@ static inline bool is_64_bit_mode(struct kvm_vcpu *vcpu)

static inline bool is_64_bit_hypercall(struct kvm_vcpu *vcpu)
{
+#ifdef CONFIG_X86_64
/*
* If running with protected guest state, the CS register is not
* accessible. The hypercall register values will have had to been
* provided in 64-bit mode, so assume the guest is in 64-bit.
*/
return vcpu->arch.guest_state_protected || is_64_bit_mode(vcpu);
+#else
+ return false;
+#endif
}

static inline bool x86_exception_has_error_code(unsigned int vector)
--
2.53.0.1213.gd9a14994de-goog