Fix some tests

ludfjig · ludfjig · commit 65f6fc6f3e2a · 2026-02-13T11:39:17.000-08:00
Signed-off-by: Ludvig Liljenberg &lt;4257730+ludfjig@users.noreply.github.com&gt;
diff --git a/src/hyperlight_host/src/hypervisor/virtual_machine/mod.rs b/src/hyperlight_host/src/hypervisor/virtual_machine/mod.rs
@@ -173,6 +173,39 @@ pub(crate) const VIRTUALIZED_MSRS: &[(u32, u64, bool)] = &[
     (0x26D, 0, true),                        // MTRRfix4K_E8000
     (0x26E, 0, true),                        // MTRRfix4K_F0000
     (0x26F, 0, true),                        // MTRRfix4K_F8000
+
+    // ── MSHV/WHP additional virtualizations ─────────────────────────
+    // These MSRs are handled internally by the Microsoft Hypervisor
+    // without generating VM exits, even when MSR intercepts are enabled.
+    // On KVM, the deny-all MSR filter traps them instead.
+
+    // Read-only MSRs (no reset needed)
+    (0x17,          0,               false), // IA32_PLATFORM_ID (read-only)
+    (0x8B,          0,               false), // IA32_BIOS_SIGN_ID (read-only)
+    (0x10A,         0,               false), // IA32_ARCH_CAPABILITIES (read-only)
+    (0x179,         0,               false), // IA32_MCG_CAP (read-only)
+    (0x17A,         0,               false), // IA32_MCG_STATUS (read-only in guest)
+    (0x4D0,         0,               false), // Platform-specific (read-only in guest)
+
+    // Speculative execution control
+    (0x48,          0,               true),  // IA32_SPEC_CTRL
+
+    // CET (Control-flow Enforcement Technology) MSRs
+    (0x6A0,         0,               true),  // IA32_U_CET
+    (0x6A2,         0,               true),  // IA32_S_CET
+    (0x6A4,         0,               true),  // IA32_PL0_SSP
+    (0x6A5,         0,               true),  // IA32_PL1_SSP
+    (0x6A6,         0,               true),  // IA32_PL2_SSP
+    (0x6A7,         0,               true),  // IA32_PL3_SSP
+    (0x6A8,         0,               true),  // IA32_INTERRUPT_SSP_TABLE_ADDR
+
+    // Extended supervisor state
+    (0xDA0,         0,               true),  // IA32_XSS
+
+    // AMD-specific MSRs (read-only in guest context under MSHV)
+    (0xC001_0010,   0,               false), // AMD SYSCFG
+    (0xC001_0114,   0,               false), // AMD VM_CR
+    (0xC001_0131,   0,               false), // AMD (platform-specific)
 ];
 
 /// Returns `true` if the given MSR index is in [`VIRTUALIZED_MSRS`].
diff --git a/src/hyperlight_host/src/hypervisor/virtual_machine/mshv.rs b/src/hyperlight_host/src/hypervisor/virtual_machine/mshv.rs
@@ -30,7 +30,7 @@ use mshv_bindings::{
     hv_partition_property_code_HV_PARTITION_PROPERTY_SYNTHETIC_PROC_FEATURES,
     hv_partition_synthetic_processor_features, hv_register_assoc,
     hv_register_name_HV_X64_REGISTER_RIP, hv_register_value, mshv_install_intercept,
-    msr_to_hv_reg_name, mshv_user_mem_region,
+    mshv_user_mem_region, msr_to_hv_reg_name,
 };
 use mshv_ioctls::{Mshv, VcpuFd, VmFd};
 use tracing::{Span, instrument};
@@ -390,13 +390,27 @@ impl VirtualMachine for MshvVm {
     }
 
     fn reset_msrs(&self) -> std::result::Result<(), RegisterError> {
+        use mshv_bindings::{hv_register_name, hv_register_name_HV_X64_REGISTER_U_XSS};
+
         use super::MSRS_TO_RESET;
 
+        /// Extends `msr_to_hv_reg_name` with mappings missing from
+        /// mshv-bindings (e.g. IA32_XSS 0xDA0, whose constant is
+        /// incorrectly set to the HV register name value 0x8008B).
+        fn msr_to_hv_reg(msr_index: u32) -> hv_register_name {
+            msr_to_hv_reg_name(msr_index).unwrap_or_else(|_| match msr_index {
+                0xDA0 => hv_register_name_HV_X64_REGISTER_U_XSS,
+                _ => panic!(
+                    "MSR 0x{:X} in MSRS_TO_RESET has no HV register mapping",
+                    msr_index
+                ),
+            })
+        }
+
         let regs: Vec<hv_register_assoc> = MSRS_TO_RESET
             .iter()
             .map(|&(msr_index, value)| hv_register_assoc {
-                name: msr_to_hv_reg_name(msr_index)
-                    .expect("all MSR indices in MSRS_TO_RESET must have valid HV register mappings"),
+                name: msr_to_hv_reg(msr_index),
                 value: hv_register_value { reg64: value },
                 ..Default::default()
             })
diff --git a/src/hyperlight_host/src/hypervisor/virtual_machine/whp.rs b/src/hyperlight_host/src/hypervisor/virtual_machine/whp.rs
@@ -688,7 +688,9 @@ impl VirtualMachine for WhpVm {
             while i < MSRS_TO_RESET.len() {
                 result[i] = (
                     msr_index_to_whv_name(MSRS_TO_RESET[i].0),
-                    Align16(WHV_REGISTER_VALUE { Reg64: MSRS_TO_RESET[i].1 }),
+                    Align16(WHV_REGISTER_VALUE {
+                        Reg64: MSRS_TO_RESET[i].1,
+                    }),
                 );
                 i += 1;
             }
diff --git a/src/hyperlight_host/src/sandbox/initialized_multi_use.rs b/src/hyperlight_host/src/sandbox/initialized_multi_use.rs
@@ -1438,8 +1438,7 @@ mod tests {
     fn test_read_write_msr() {
         use rand::seq::IteratorRandom;
 
-        use crate::hypervisor::virtual_machine::is_virtualized_msr;
-        use crate::hypervisor::virtual_machine::MSR_TEST_RANGES;
+        use crate::hypervisor::virtual_machine::{MSR_TEST_RANGES, is_virtualized_msr};
 
         let value: u64 = 0x0;
         const N: usize = 100;
@@ -1523,8 +1522,7 @@ mod tests {
     /// will cause a deterministic failure.
     #[test]
     fn test_all_msr_indices_trapped_or_virtualized() {
-        use crate::hypervisor::virtual_machine::is_virtualized_msr;
-        use crate::hypervisor::virtual_machine::MSR_TEST_RANGES;
+        use crate::hypervisor::virtual_machine::{MSR_TEST_RANGES, is_virtualized_msr};
 
         let mut sbox = UninitializedSandbox::new(
             GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),
@@ -1535,9 +1533,7 @@ mod tests {
         .unwrap();
         let snapshot = sbox.snapshot().unwrap();
 
-        let all_msr_indices = MSR_TEST_RANGES
-            .iter()
-            .flat_map(|&(start, end)| start..end);
+        let all_msr_indices = MSR_TEST_RANGES.iter().flat_map(|&(start, end)| start..end);
 
         let mut untapped_not_in_list = Vec::new();
 
@@ -1554,9 +1550,10 @@ mod tests {
                 Err(err) => {
                     // Expected: the MSR was trapped. Verify it's the right error.
                     assert!(
-                        matches!(err,
-                            HyperlightError::MsrReadViolation(_) |
-                            HyperlightError::GuestAborted(_, _)
+                        matches!(
+                            err,
+                            HyperlightError::MsrReadViolation(_)
+                                | HyperlightError::GuestAborted(_, _)
                         ),
                         "MSR 0x{:X}: unexpected error variant: {:?}",
                         msr_index,
