Commit fc3a9157 authored Nov 29, 2010 by Joerg Roedel Committed by Avi Kivity Jan 12, 2011

KVM: X86: Don't report L2 emulation failures to user-space



This patch prevents that emulation failures which result
from emulating an instruction for an L2-Guest results in
being reported to userspace.
Without this patch a malicious L2-Guest would be able to
kill the L1 by triggering a race-condition between an vmexit
and the instruction emulator.
With this patch the L2 will most likely only kill itself in
this situation.

Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

parent 2030753d

arch/x86/kvm/x86.c

+10 −4

Original line number	Diff line number	Diff line
		@@ -4314,13 +4314,19 @@ EXPORT_SYMBOL_GPL(kvm_inject_realmode_interrupt);

		static int handle_emulation_failure(struct kvm_vcpu *vcpu)
		{
		int r = EMULATE_DONE;

		++vcpu->stat.insn_emulation_fail;
		trace_kvm_emulate_insn_failed(vcpu);
		if (!is_guest_mode(vcpu)) {
		vcpu->run->exit_reason = KVM_EXIT_INTERNAL_ERROR;
		vcpu->run->internal.suberror = KVM_INTERNAL_ERROR_EMULATION;
		vcpu->run->internal.ndata = 0;
		r = EMULATE_FAIL;
		}
		kvm_queue_exception(vcpu, UD_VECTOR);
		return EMULATE_FAIL;

		return r;
		}

		static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t gva)