mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 21:57:43 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86/kvm/svm
History
Sean Christopherson 4cdf351d36 KVM: SVM: Update EFER software model on CR0 trap for SEV-ES 
In general, activating long mode involves setting the EFER_LME bit in
the EFER register and then enabling the X86_CR0_PG bit in the CR0
register. At this point, the EFER_LMA bit will be set automatically by
hardware.

In the case of SVM/SEV guests where writes to CR0 are intercepted, it's
necessary for the host to set EFER_LMA on behalf of the guest since
hardware does not see the actual CR0 write.

In the case of SEV-ES guests where writes to CR0 are trapped instead of
intercepted, the hardware *does* see/record the write to CR0 before
exiting and passing the value on to the host, so as part of enabling
SEV-ES support commit f1c6366e30 ("KVM: SVM: Add required changes to
support intercepts under SEV-ES") dropped special handling of the
EFER_LMA bit with the understanding that it would be set automatically.

However, since the guest never explicitly sets the EFER_LMA bit, the
host never becomes aware that it has been set. This becomes problematic
when userspace tries to get/set the EFER values via
KVM_GET_SREGS/KVM_SET_SREGS, since the EFER contents tracked by the host
will be missing the EFER_LMA bit, and when userspace attempts to pass
the EFER value back via KVM_SET_SREGS it will fail a sanity check that
asserts that EFER_LMA should always be set when X86_CR0_PG and EFER_LME
are set.

Fix this by always inferring the value of EFER_LMA based on X86_CR0_PG
and EFER_LME, regardless of whether or not SEV-ES is enabled.

Fixes: f1c6366e30 ("KVM: SVM: Add required changes to support intercepts under SEV-ES")
Reported-by: Peter Gonda <pgonda@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20210507165947.2502412-2-seanjc@google.com>
[A two year old patch that was revived after we noticed the failure in
 KVM_SET_SREGS and a similar patch was posted by Michael Roth.  This is
 Sean's patch, but with Michael's more complete commit message. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2023-12-08 13:37:05 -05:00
..
avic.c x86: KVM: SVM: add support for Invalid IPI Vector interception 2023-10-12 11:08:59 -04:00
hyperv.c KVM: nSVM: hyper-v: Enable L2 TLB flush 2022-11-18 12:59:18 -05:00
hyperv.h KVM: nSVM: hyper-v: Enable L2 TLB flush 2022-11-18 12:59:18 -05:00
nested.c x86: KVM: SVM: refresh AVIC inhibition in svm_leave_nested() 2023-10-12 11:09:00 -04:00
pmu.c KVM: x86/pmu: Truncate counter value to allowed width on write 2023-09-25 14:30:44 -07:00
sev.c KVM: SVM: Fix TSC_AUX virtualization setup 2023-09-23 05:35:49 -04:00
svm.c KVM: SVM: Update EFER software model on CR0 trap for SEV-ES 2023-12-08 13:37:05 -05:00
svm.h KVM: SVM: Fix TSC_AUX virtualization setup 2023-09-23 05:35:49 -04:00
svm_onhyperv.c KVM: x86: Unify pr_fmt to use module name for all KVM modules 2022-12-29 15:47:35 -05:00
svm_onhyperv.h s390: 2023-05-01 12:06:20 -07:00
svm_ops.h KVM: SVM: restore host save area from assembly 2022-11-09 12:25:33 -05:00
vmenter.S x86/cpu/kvm: Provide UNTRAIN_RET_VM 2023-08-16 21:58:59 +02:00