[PATCH 4/4] nvmx: check for shadow vmcs check on entry

From: Bandan Das
Date: Wed Jul 20 2016 - 18:26:11 EST

Next message: Vivien Didelot: "[PATCH net-next] net: dsa: b53: use module_mdio_driver"
Previous message: Bandan Das: "[PATCH 1/4] nvmx: use warn_on for buggy cases when emulating invept/invvpid"
In reply to: Bandan Das: "Re: [PATCH 1/4] nvmx: use warn_on for buggy cases when emulating invept/invvpid"
Next in thread: Paolo Bonzini: "Re: [PATCH 4/4] nvmx: check for shadow vmcs check on entry"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

vmentry should check whether the vmcs provided by
the guest hypervisor is a shadow vmcs and fail.
Also, vmptrld should check whether a shadow vmcs
is being loaded by the guest without support being present
but this check happens as part of checking the revision_id.

Signed-off-by: Bandan Das <bsd@xxxxxxxxxx>
---
arch/x86/kvm/vmx.c | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 6291143..1b6f624 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -9924,6 +9924,10 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)

skip_emulated_instruction(vcpu);
vmcs12 = get_vmcs12(vcpu);
+ if ((vmcs12->revision_id >> 31) & 1u) {
+ nested_vmx_failInvalid(vcpu);
+ return 1;
+ }

if (enable_shadow_vmcs)
copy_shadow_to_vmcs12(vmx);
--
2.5.5

Next message: Vivien Didelot: "[PATCH net-next] net: dsa: b53: use module_mdio_driver"
Previous message: Bandan Das: "[PATCH 1/4] nvmx: use warn_on for buggy cases when emulating invept/invvpid"
In reply to: Bandan Das: "Re: [PATCH 1/4] nvmx: use warn_on for buggy cases when emulating invept/invvpid"
Next in thread: Paolo Bonzini: "Re: [PATCH 4/4] nvmx: check for shadow vmcs check on entry"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]