| Message ID | 20180727204445.46571-1-jmattson@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | kvm: nVMX: Fix fault priority for VMX operations | expand |
On 27.07.2018 22:44, Jim Mattson wrote: > When checking emulated VMX instructions for faults, the #UD for "IF > (not in VMX operation)" should take precedence over the #GP for "ELSIF > CPL > 0." > > Suggested-by: Eric Northup <digitaleric@google.com> > Signed-off-by: Jim Mattson <jmattson@google.com> > --- > arch/x86/kvm/vmx.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index cb51808c73206..6568ddf9e7e3b 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -8004,15 +8004,16 @@ static int handle_vmon(struct kvm_vcpu *vcpu) > */ > static int nested_vmx_check_permission(struct kvm_vcpu *vcpu) > { > - if (vmx_get_cpl(vcpu)) { > - kvm_inject_gp(vcpu, 0); > + if (!to_vmx(vcpu)->nested.vmxon) { > + kvm_queue_exception(vcpu, UD_VECTOR); > return 0; > } > > - if (!to_vmx(vcpu)->nested.vmxon) { > - kvm_queue_exception(vcpu, UD_VECTOR); > + if (vmx_get_cpl(vcpu)) { > + kvm_inject_gp(vcpu, 0); > return 0; > } > + > return 1; > } > > Reviewed-by: David Hildenbrand <david@redhat.com>
On 27/07/2018 22:44, Jim Mattson wrote: > When checking emulated VMX instructions for faults, the #UD for "IF > (not in VMX operation)" should take precedence over the #GP for "ELSIF > CPL > 0." > > Suggested-by: Eric Northup <digitaleric@google.com> > Signed-off-by: Jim Mattson <jmattson@google.com> > --- > arch/x86/kvm/vmx.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index cb51808c73206..6568ddf9e7e3b 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -8004,15 +8004,16 @@ static int handle_vmon(struct kvm_vcpu *vcpu) > */ > static int nested_vmx_check_permission(struct kvm_vcpu *vcpu) > { > - if (vmx_get_cpl(vcpu)) { > - kvm_inject_gp(vcpu, 0); > + if (!to_vmx(vcpu)->nested.vmxon) { > + kvm_queue_exception(vcpu, UD_VECTOR); > return 0; > } > > - if (!to_vmx(vcpu)->nested.vmxon) { > - kvm_queue_exception(vcpu, UD_VECTOR); > + if (vmx_get_cpl(vcpu)) { > + kvm_inject_gp(vcpu, 0); > return 0; > } > + > return 1; > } > > Queued both, thanks. Paolo
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index cb51808c73206..6568ddf9e7e3b 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -8004,15 +8004,16 @@ static int handle_vmon(struct kvm_vcpu *vcpu) */ static int nested_vmx_check_permission(struct kvm_vcpu *vcpu) { - if (vmx_get_cpl(vcpu)) { - kvm_inject_gp(vcpu, 0); + if (!to_vmx(vcpu)->nested.vmxon) { + kvm_queue_exception(vcpu, UD_VECTOR); return 0; } - if (!to_vmx(vcpu)->nested.vmxon) { - kvm_queue_exception(vcpu, UD_VECTOR); + if (vmx_get_cpl(vcpu)) { + kvm_inject_gp(vcpu, 0); return 0; } + return 1; }
When checking emulated VMX instructions for faults, the #UD for "IF (not in VMX operation)" should take precedence over the #GP for "ELSIF CPL > 0." Suggested-by: Eric Northup <digitaleric@google.com> Signed-off-by: Jim Mattson <jmattson@google.com> --- arch/x86/kvm/vmx.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)