diff mbox series

[2/2] KVM: x86: Inject #GP if guest attempts to set unsupported EFER bits

Message ID 20190402151916.30109-3-sean.j.christopherson@intel.com (mailing list archive)
State New, archived
Headers show
Series KVM: x86: Enforce EFER bits according to CPUID | expand

Commit Message

Sean Christopherson April 2, 2019, 3:19 p.m. UTC 
EFER.LME and EFER.NX are considered reserved if their respective feature
bits are not advertised to the guest.

Fixes: 6aa8b732ca01c ("[PATCH] kvm: userspace interface")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/kvm/x86.c | 7 +++++++
 1 file changed, 7 insertions(+)
diff mbox series

Patch

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 4e76bcac6ae6..105d74a3786a 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1264,6 +1264,13 @@  static bool __kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer)
 	if (efer & EFER_SVME && !guest_cpuid_has(vcpu, X86_FEATURE_SVM))
 		return false;
 
+	if (efer & (EFER_LME | EFER_LMA) &&
+	    !guest_cpuid_has(vcpu, X86_FEATURE_LM))
+		return false;
+
+	if (efer & EFER_NX && !guest_cpuid_has(vcpu, X86_FEATURE_NX))
+		return false;
+
 	return true;
 
 }