diff options
| author | Sean Christopherson <seanjc@google.com> | 2022-08-30 15:37:18 +0200 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2022-09-26 12:02:47 -0400 |
| commit | 3ff8a13d41b283932ec6ac692c6def22a157269b (patch) | |
| tree | 1cdba85ae6b602dcfff5cd7e666d2bec889980a4 /arch/x86 | |
| parent | 8174193163095238e70e0decd121feb4b9ef8cc0 (diff) | |
| download | linux-3ff8a13d41b283932ec6ac692c6def22a157269b.tar.gz | |
KVM: nVMX: WARN once and fail VM-Enter if eVMCS sees VMFUNC[63:32] != 0
WARN and reject nested VM-Enter if KVM is using eVMCS and manages to
allow a non-zero value in the upper 32 bits of VM-function controls. The
eVMCS code assumes all inputs are 32-bit values and subtly drops the
upper bits. WARN instead of adding proper "support", it's unlikely the
upper bits will be defined/used in the next decade.
Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220830133737.1539624-15-vkuznets@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'arch/x86')
| -rw-r--r-- | arch/x86/kvm/vmx/evmcs.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index c3a5309f6e82..b64e29f1359f 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -469,6 +469,14 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) vmcs12->vm_entry_controls))) return -EINVAL; + /* + * VM-Func controls are 64-bit, but KVM currently doesn't support any + * controls in bits 63:32, i.e. dropping those bits on the consistency + * check is intentional. + */ + if (WARN_ON_ONCE(vmcs12->vm_function_control >> 32)) + return -EINVAL; + if (CC(!nested_evmcs_is_valid_controls(EVMCS_VMFUNC, vmcs12->vm_function_control))) return -EINVAL; |