Commit 5b8ba41d authored by Sean Christopherson's avatar Sean Christopherson Committed by Paolo Bonzini

KVM: nVMX: move vmcs12 EPTP consistency check to check_vmentry_prereqs()

An invalid EPTP causes a VMFail(VMXERR_ENTRY_INVALID_CONTROL_FIELD),
not a VMExit.
Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
Reviewed-by: default avatarJim Mattson <jmattson@google.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 64a919f7
...@@ -11327,11 +11327,9 @@ static unsigned long nested_ept_get_cr3(struct kvm_vcpu *vcpu) ...@@ -11327,11 +11327,9 @@ static unsigned long nested_ept_get_cr3(struct kvm_vcpu *vcpu)
return get_vmcs12(vcpu)->ept_pointer; return get_vmcs12(vcpu)->ept_pointer;
} }
static int nested_ept_init_mmu_context(struct kvm_vcpu *vcpu) static void nested_ept_init_mmu_context(struct kvm_vcpu *vcpu)
{ {
WARN_ON(mmu_is_nested(vcpu)); WARN_ON(mmu_is_nested(vcpu));
if (!valid_ept_address(vcpu, nested_ept_get_cr3(vcpu)))
return 1;
kvm_init_shadow_ept_mmu(vcpu, kvm_init_shadow_ept_mmu(vcpu,
to_vmx(vcpu)->nested.msrs.ept_caps & to_vmx(vcpu)->nested.msrs.ept_caps &
...@@ -11343,7 +11341,6 @@ static int nested_ept_init_mmu_context(struct kvm_vcpu *vcpu) ...@@ -11343,7 +11341,6 @@ static int nested_ept_init_mmu_context(struct kvm_vcpu *vcpu)
vcpu->arch.mmu.inject_page_fault = nested_ept_inject_page_fault; vcpu->arch.mmu.inject_page_fault = nested_ept_inject_page_fault;
vcpu->arch.walk_mmu = &vcpu->arch.nested_mmu; vcpu->arch.walk_mmu = &vcpu->arch.nested_mmu;
return 0;
} }
static void nested_ept_uninit_mmu_context(struct kvm_vcpu *vcpu) static void nested_ept_uninit_mmu_context(struct kvm_vcpu *vcpu)
...@@ -12327,15 +12324,11 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12, ...@@ -12327,15 +12324,11 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12,
vmcs_write16(GUEST_PML_INDEX, PML_ENTITY_NUM - 1); vmcs_write16(GUEST_PML_INDEX, PML_ENTITY_NUM - 1);
} }
if (nested_cpu_has_ept(vmcs12)) { if (nested_cpu_has_ept(vmcs12))
if (nested_ept_init_mmu_context(vcpu)) { nested_ept_init_mmu_context(vcpu);
*entry_failure_code = ENTRY_FAIL_DEFAULT; else if (nested_cpu_has2(vmcs12,
return 1; SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES))
}
} else if (nested_cpu_has2(vmcs12,
SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) {
vmx_flush_tlb(vcpu, true); vmx_flush_tlb(vcpu, true);
}
/* /*
* This sets GUEST_CR0 to vmcs12->guest_cr0, possibly modifying those * This sets GUEST_CR0 to vmcs12->guest_cr0, possibly modifying those
...@@ -12545,6 +12538,10 @@ static int check_vmentry_prereqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12) ...@@ -12545,6 +12538,10 @@ static int check_vmentry_prereqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
} }
} }
if (nested_cpu_has_ept(vmcs12) &&
!valid_ept_address(vcpu, vmcs12->ept_pointer))
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
return 0; return 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment