Patch Series

Subject	Nested SVM fixes, cleanups, and hardening
Author	yosry.ahmed@linux.dev
Date	2026-02-06 19:08:26 +0000 UTC
Version	Version 1 Version 2 Version 4 Version 5
Cc	jmattson@google.com kvm@vger.kernel.org linux-kernel@vger.kernel.org pbonzini@redhat.com seanjc@google.com stable@vger.kernel.org yosry.ahmed@linux.dev

Patches (26)

Name	Content [All]
[PATCH v5 01/26] KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12	[Body]
[PATCH v5 02/26] KVM: SVM: Switch svm_copy_lbrs() to a macro	[Body]
[PATCH v5 03/26] KVM: SVM: Add missing save/restore handling of LBR MSRs	[Body]
[PATCH v5 04/26] KVM: selftests: Add a test for LBR save/restore (ft. nested)	[Body]
[PATCH v5 05/26] KVM: nSVM: Always inject a #GP if mapping VMCB12 fails on nested VMRUN	[Body]
[PATCH v5 06/26] KVM: nSVM: Triple fault if mapping VMCB12 fails on nested #VMEXIT	[Body]
[PATCH v5 07/26] KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT	[Body]
[PATCH v5 08/26] KVM: nSVM: Drop nested_vmcb_check_{save/control}() wrappers	[Body]
[PATCH v5 09/26] KVM: nSVM: Call enter_guest_mode() before switching to VMCB02	[Body]
[PATCH v5 10/26] KVM: nSVM: Make nested_svm_merge_msrpm() return an errno	[Body]
[PATCH v5 11/26] KVM: nSVM: Call nested_svm_merge_msrpm() from enter_svm_guest_mode()	[Body]
[PATCH v5 12/26] KVM: nSVM: Call nested_svm_init_mmu_context() before switching to VMCB02	[Body]
[PATCH v5 13/26] KVM: nSVM: Refactor minimal #VMEXIT handling out of nested_svm_vmexit()	[Body]
[PATCH v5 14/26] KVM: nSVM: Unify handling of VMRUN failures with proper cleanup	[Body]
[PATCH v5 15/26] KVM: nSVM: Clear EVENTINJ field in VMCB12 on nested #VMEXIT	[Body]
[PATCH v5 16/26] KVM: nSVM: Drop the non-architectural consistency check for NP_ENABLE	[Body]
[PATCH v5 17/26] KVM: nSVM: Add missing consistency check for nCR3 validity	[Body]
[PATCH v5 18/26] KVM: nSVM: Add missing consistency check for hCR0.PG and NP_ENABLE	[Body]
[PATCH v5 19/26] KVM: nSVM: Add missing consistency check for EFER, CR0, CR4, and CS	[Body]
[PATCH v5 20/26] KVM: nSVM: Add missing consistency check for event_inj	[Body]
[PATCH v5 21/26] KVM: SVM: Rename vmcb->nested_ctl to vmcb->misc_ctl	[Body]
[PATCH v5 22/26] KVM: SVM: Rename vmcb->virt_ext to vmcb->misc_ctl2	[Body]
[PATCH v5 23/26] KVM: nSVM: Cache all used fields from VMCB12	[Body]
[PATCH v5 24/26] KVM: nSVM: Restrict mapping VMCB12 on nested VMRUN	[Body]
[PATCH v5 25/26] KVM: nSVM: Sanitize control fields copied from VMCB12	[Body]
[PATCH v5 26/26] KVM: nSVM: Only copy SVM_MISC_ENABLE_NP from VMCB01's misc_ctl	[Body]

Session 2026-02-06

ID (for dev)	7df16dfb-a86f-4084-a0fe-d287d5e4cd52
Status	finished
Triaged	OK [Log]
Execution Log	[Link]

Test	Base	Patched	Verdict
[KASAN] Build Base	9845cf73f7db6094c0d8419d6adb848028f4a921 [Config]		passed [Log]
[KASAN] Boot test: Base	9845cf73f7db6094c0d8419d6adb848028f4a921 [Config]		passed [Log]
[KASAN] Build Patched		9845cf73f7db6094c0d8419d6adb848028f4a921 [Config] [patched]	passed [Log]
[KASAN] Boot test: Patched		9845cf73f7db6094c0d8419d6adb848028f4a921 [Config] [patched]	passed [Log]
[KASAN] Fuzzing	9845cf73f7db6094c0d8419d6adb848028f4a921 [Config]	9845cf73f7db6094c0d8419d6adb848028f4a921 [Config] [patched]	passed [Log] [Artifacts]