Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 26539bd0 authored by Paolo Bonzini's avatar Paolo Bonzini Committed by Marcelo Tosatti
Browse files

KVM: nVMX: check vmcs12 for valid activity state 



KVM does not use the activity state VMCS field, and does not support
it in nested VMX either (the corresponding bits in the misc VMX feature
MSR are zero).  Fail entry if the activity state is set to anything but
"active".

Since the value will always be the same for L1 and L2, we do not need
to read and write the corresponding VMCS field on L1/L2 transitions,
either.

Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
Reviewed-by: default avatarGleb Natapov <gleb@redhat.com>
Reviewed-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: default avatarMarcelo Tosatti <mtosatti@redhat.com>
parent 79558f11

arch/x86/kvm/vmx.c

+5 −2
Original line number Diff line number Diff line
@@ -7106,7 +7106,6 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12) 
		vmcs12->vm_entry_instruction_len);

	vmcs_write32(GUEST_INTERRUPTIBILITY_INFO,

		vmcs12->guest_interruptibility_info);

	vmcs_write32(GUEST_ACTIVITY_STATE, vmcs12->guest_activity_state);

	vmcs_write32(GUEST_SYSENTER_CS, vmcs12->guest_sysenter_cs);

	kvm_set_dr(vcpu, 7, vmcs12->guest_dr7);

	vmcs_writel(GUEST_RFLAGS, vmcs12->guest_rflags);
@@ -7325,6 +7324,11 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch) 
		return 1;

	}



	if (vmcs12->guest_activity_state != GUEST_ACTIVITY_ACTIVE) {

		nested_vmx_failValid(vcpu, VMXERR_ENTRY_INVALID_CONTROL_FIELD);

		return 1;

	}



	if ((vmcs12->cpu_based_vm_exec_control & CPU_BASED_USE_MSR_BITMAPS) &&

			!IS_ALIGNED(vmcs12->msr_bitmap, PAGE_SIZE)) {

		/*TODO: Also verify bits beyond physical address width are 0*/
@@ -7555,7 +7559,6 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12) 
	vmcs12->guest_gdtr_base = vmcs_readl(GUEST_GDTR_BASE);

	vmcs12->guest_idtr_base = vmcs_readl(GUEST_IDTR_BASE);



	vmcs12->guest_activity_state = vmcs_read32(GUEST_ACTIVITY_STATE);

	vmcs12->guest_interruptibility_info =

		vmcs_read32(GUEST_INTERRUPTIBILITY_INFO);

	vmcs12->guest_pending_dbg_exceptions =