Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f1b026a3 authored by Wanpeng Li's avatar Wanpeng Li Committed by Paolo Bonzini
Browse files

KVM: nVMX: Validate the IA32_BNDCFGS on nested VM-entry 



According to the SDM, if the "load IA32_BNDCFGS" VM-entry controls is 1, the
following checks are performed on the field for the IA32_BNDCFGS MSR:
 - Bits reserved in the IA32_BNDCFGS MSR must be 0.
 - The linear address in bits 63:12 must be canonical.

Reviewed-by: default avatarKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Jim Mattson <jmattson@google.com>
Signed-off-by: default avatarWanpeng Li <wanpeng.li@hotmail.com>
Reviewed-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: default avatarRadim Krčmář <rkrcmar@redhat.com>
parent 3853be26

arch/x86/kvm/vmx.c

+5 −0
Original line number Diff line number Diff line
@@ -10876,6 +10876,11 @@ static int check_vmentry_postreqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12, 
			return 1;

	}



	if ((vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS) &&

		(is_noncanonical_address(vmcs12->guest_bndcfgs & PAGE_MASK, vcpu) ||

		(vmcs12->guest_bndcfgs & MSR_IA32_BNDCFGS_RSVD)))

			return 1;



	return 0;

}