Commit ca46d739 authored by Paolo Bonzini's avatar Paolo Bonzini

KVM: nSVM: split nested_vmcb_check_controls

The authoritative state does not come from the VMCB once in guest mode,
but KVM_SET_NESTED_STATE can still perform checks on L1's provided SVM
controls because we get them from userspace.

Therefore, split out a function to do them.
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 08245e6d
...@@ -203,26 +203,31 @@ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm) ...@@ -203,26 +203,31 @@ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm)
return true; return true;
} }
static bool nested_vmcb_checks(struct vmcb *vmcb) static bool nested_vmcb_check_controls(struct vmcb_control_area *control)
{ {
if ((vmcb->save.efer & EFER_SVME) == 0) if ((control->intercept & (1ULL << INTERCEPT_VMRUN)) == 0)
return false; return false;
if (((vmcb->save.cr0 & X86_CR0_CD) == 0) && if (control->asid == 0)
(vmcb->save.cr0 & X86_CR0_NW))
return false; return false;
if ((vmcb->control.intercept & (1ULL << INTERCEPT_VMRUN)) == 0) if ((control->nested_ctl & SVM_NESTED_CTL_NP_ENABLE) &&
!npt_enabled)
return false; return false;
if (vmcb->control.asid == 0) return true;
}
static bool nested_vmcb_checks(struct vmcb *vmcb)
{
if ((vmcb->save.efer & EFER_SVME) == 0)
return false; return false;
if ((vmcb->control.nested_ctl & SVM_NESTED_CTL_NP_ENABLE) && if (((vmcb->save.cr0 & X86_CR0_CD) == 0) &&
!npt_enabled) (vmcb->save.cr0 & X86_CR0_NW))
return false; return false;
return true; return nested_vmcb_check_controls(&vmcb->control);
} }
static void load_nested_vmcb_control(struct vcpu_svm *svm, static void load_nested_vmcb_control(struct vcpu_svm *svm,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment