executor: sys/linux: SYZOS: add support for AMD INVLPGA instruction

Implement the SYZOS_API_NESTED_AMD_INVLPGA primitive to execute the INVLPGA instruction in the L1 guest. This allows the fuzzer to target KVM's Shadow MMU and Nested Paging (NPT) logic by invalidating TLB entries for specific ASIDs. Also add a simple syzlang seed/regression test.
author: Alexander Potapenko <glider@google.com> 2026-01-13 15:21:18 +0100
committer: Alexander Potapenko <glider@google.com> 2026-01-14 07:29:47 +0000
commit: 90f60a482c87f6baf11d087b0fbf141df123bc0c (patch)
tree: 13166e8c371c13e4cce8eee5cbc55d95fdfa4dc8 /sys/linux/dev_kvm_amd64.txt
parent: ff8156b958fbf280f429d32adec18ecc3863cde0 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/linux/dev_kvm_amd64.txt b/sys/linux/dev_kvm_amd64.txt
index c68528e34..abdde5644 100644
--- a/sys/linux/dev_kvm_amd64.txt
+++ b/sys/linux/dev_kvm_amd64.txt
@@ -147,6 +147,11 @@ syzos_api_nested_amd_vmcb_write_mask {
 	flip_mask	int64
 }
 
+syzos_api_nested_amd_invlpga {
+	addr	flags[kvm_guest_addrs, int64]
+	asid	int64[0:65535]
+}
+
 # IDs here must match those in executor/common_kvm_amd64_syzos.h.
 syzos_api_call$x86 [
 	uexit				syzos_api$x86[0, intptr]
@@ -166,6 +171,7 @@ syzos_api_call$x86 [
 	nested_vmresume			syzos_api$x86[304, syzos_api_vm_id]
 	nested_intel_vmwrite_mask	syzos_api$x86[340, syzos_api_nested_intel_vmwrite_mask]
 	nested_amd_vmcb_write_mask	syzos_api$x86[380, syzos_api_nested_amd_vmcb_write_mask]
+	nested_amd_invlpga		syzos_api$x86[381, syzos_api_nested_amd_invlpga]
 ] [varlen]
 
 kvm_text_x86 [
author	Alexander Potapenko <glider@google.com>	2026-01-13 15:21:18 +0100
committer	Alexander Potapenko <glider@google.com>	2026-01-14 07:29:47 +0000
commit	90f60a482c87f6baf11d087b0fbf141df123bc0c (patch)
tree	13166e8c371c13e4cce8eee5cbc55d95fdfa4dc8 /sys/linux/dev_kvm_amd64.txt
parent	ff8156b958fbf280f429d32adec18ecc3863cde0 (diff)