| Message ID | 20180824000304.19070-2-krish.sadhukhan@oracle.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/2] nVMX x86: check posted-interrupt descriptor addresss on vmentry of L2 | expand |
On 24/08/2018 02:03, Krish Sadhukhan wrote: > According to section "Checks on VMX Controls" in Intel SDM vol 3C, > the following check needs to be enforced on vmentry of L2 guests: > > - Bits 5:0 of the posted-interrupt descriptor address are all 0. > - The posted-interrupt descriptor address does not set any bits > beyond the processor's physical-address width. > > Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com> > Reviewed-by: Mark Kanda <mark.kanda@oracle.com> > Reviewed-by: Liran Alon <liran.alon@oracle.com> > Reviewed-by: Darren Kenny <darren.kenny@oracle.com> > Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> > --- > arch/x86/kvm/vmx.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 40aa292..d179bd6 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -10641,11 +10641,15 @@ static int nested_vmx_check_apicv_controls(struct kvm_vcpu *vcpu, > * bits 15:8 should be zero in posted_intr_nv, > * the descriptor address has been already checked > * in nested_get_vmcs12_pages. > + * > + * bits 5:0 of posted_intr_desc_addr should be zero. > */ > if (nested_cpu_has_posted_intr(vmcs12) && > (!nested_cpu_has_vid(vmcs12) || > !nested_exit_intr_ack_set(vcpu) || > - vmcs12->posted_intr_nv & 0xff00)) > + (vmcs12->posted_intr_nv & 0xff00) || > + (vmcs12->posted_intr_desc_addr & 0x3f) || > + (!page_address_valid(vcpu, vmcs12->posted_intr_desc_addr)))) > return -EINVAL; > > /* tpr shadow is needed by all apicv features. */ > Queued, thanks. Paolo
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 40aa292..d179bd6 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -10641,11 +10641,15 @@ static int nested_vmx_check_apicv_controls(struct kvm_vcpu *vcpu, * bits 15:8 should be zero in posted_intr_nv, * the descriptor address has been already checked * in nested_get_vmcs12_pages. + * + * bits 5:0 of posted_intr_desc_addr should be zero. */ if (nested_cpu_has_posted_intr(vmcs12) && (!nested_cpu_has_vid(vmcs12) || !nested_exit_intr_ack_set(vcpu) || - vmcs12->posted_intr_nv & 0xff00)) + (vmcs12->posted_intr_nv & 0xff00) || + (vmcs12->posted_intr_desc_addr & 0x3f) || + (!page_address_valid(vcpu, vmcs12->posted_intr_desc_addr)))) return -EINVAL; /* tpr shadow is needed by all apicv features. */
According to section "Checks on VMX Controls" in Intel SDM vol 3C, the following check needs to be enforced on vmentry of L2 guests: - Bits 5:0 of the posted-interrupt descriptor address are all 0. - The posted-interrupt descriptor address does not set any bits beyond the processor's physical-address width. Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com> Reviewed-by: Mark Kanda <mark.kanda@oracle.com> Reviewed-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com> --- arch/x86/kvm/vmx.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)