• Jan Kiszka's avatar
    KVM: nVMX: Fix setting of CR0 and CR4 in guest mode · 1a0d74e6
    Jan Kiszka authored
    The logic for calculating the value with which we call kvm_set_cr0/4 was
    broken (will definitely be visible with nested unrestricted guest mode
    support). Also, we performed the check regarding CR0_ALWAYSON too early
    when in guest mode.
    
    What really needs to be done on both CR0 and CR4 is to mask out L1-owned
    bits and merge them in from L1's guest_cr0/4. In contrast, arch.cr0/4
    and arch.cr0/4_guest_owned_bits contain the mangled L0+L1 state and,
    thus, are not suited as input.
    
    For both CRs, we can then apply the check against VMXON_CRx_ALWAYSON and
    refuse the update if it fails. To be fully consistent, we implement this
    check now also for CR4. For CR4, we move the check into vmx_set_cr4
    while we keep it in handle_set_cr0. This is because the CR0 checks for
    vmxon vs. guest mode will diverge soon when adding unrestricted guest
    mode support.
    
    Finally, we have to set the shadow to the value L2 wanted to write
    originally.
    Reviewed-by: default avatarGleb Natapov <gleb@redhat.com>
    Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
    Signed-off-by: default avatarMarcelo Tosatti <mtosatti@redhat.com>
    1a0d74e6
vmx.c 221 KB