* [PATCH] kvm: nVMX: check vmcs12 for valid activity state
@ 2013-04-15 12:46 Paolo Bonzini
2013-04-15 12:54 ` Jan Kiszka
0 siblings, 1 reply; 2+ messages in thread
From: Paolo Bonzini @ 2013-04-15 12:46 UTC (permalink / raw)
To: linux-kernel; +Cc: gnatapov, jan.kiszka, kvm
KVM does not use the activity state VMCS field, and does not support
it in nested VMX either (the corresponding bits in the misc VMX feature
MSR are zero). Fail entry if the activity state is set to anything but
"active".
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
arch/x86/kvm/vmx.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index c75c25d..589e79a 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -7223,6 +7223,11 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
return 1;
}
+ if (vmcs12->guest_activity_state != 0) {
+ nested_vmx_failValid(vcpu, VMXERR_ENTRY_INVALID_CONTROL_FIELD);
+ return 1;
+ }
+
if ((vmcs12->cpu_based_vm_exec_control & CPU_BASED_USE_MSR_BITMAPS) &&
!IS_ALIGNED(vmcs12->msr_bitmap, PAGE_SIZE)) {
/*TODO: Also verify bits beyond physical address width are 0*/
--
1.8.1.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] kvm: nVMX: check vmcs12 for valid activity state
2013-04-15 12:46 [PATCH] kvm: nVMX: check vmcs12 for valid activity state Paolo Bonzini
@ 2013-04-15 12:54 ` Jan Kiszka
0 siblings, 0 replies; 2+ messages in thread
From: Jan Kiszka @ 2013-04-15 12:54 UTC (permalink / raw)
To: Paolo Bonzini
Cc: linux-kernel@vger.kernel.org, gnatapov@redhat.com,
kvm@vger.kernel.org
On 2013-04-15 14:46, Paolo Bonzini wrote:
> KVM does not use the activity state VMCS field, and does not support
> it in nested VMX either (the corresponding bits in the misc VMX feature
> MSR are zero). Fail entry if the activity state is set to anything but
> "active".
Ah, that indeed simplifies the issue.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> arch/x86/kvm/vmx.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index c75c25d..589e79a 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -7223,6 +7223,11 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
> return 1;
> }
>
> + if (vmcs12->guest_activity_state != 0) {
GUEST_ACTIVITY_ACTIVE, please.
> + nested_vmx_failValid(vcpu, VMXERR_ENTRY_INVALID_CONTROL_FIELD);
> + return 1;
> + }
> +
> if ((vmcs12->cpu_based_vm_exec_control & CPU_BASED_USE_MSR_BITMAPS) &&
> !IS_ALIGNED(vmcs12->msr_bitmap, PAGE_SIZE)) {
> /*TODO: Also verify bits beyond physical address width are 0*/
>
That means we also do not need to read and write the corresponding VMCS
field on L1/L2 transitions - avoids any risk of setting it to an
unsupported value. So I would fold it into this change.
Jan
--
Siemens AG, Corporate Technology, CT RTC ITP SDP-DE
Corporate Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-04-15 12:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-15 12:46 [PATCH] kvm: nVMX: check vmcs12 for valid activity state Paolo Bonzini
2013-04-15 12:54 ` Jan Kiszka
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox