Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

kvm: nVMX: Don't validate disabled secondary controls

According to the SDM, if the "activate secondary controls" primary
processor-based VM-execution control is 0, no checks are performed on
the secondary processor-based VM-execution controls.

Signed-off-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jim Mattson 8 years ago
parent
0266c894b5
commit
2e5b0bd9cc
1 changed files with 4 additions and 3 deletions
Split View Show Diff Stats
  1. 4 3
      arch/x86/kvm/vmx.c

+ 4 - 3
arch/x86/kvm/vmx.c
View File 

@@ -10240,9 +10240,10 @@ static int check_vmentry_prereqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
 
 	if (!vmx_control_verify(vmcs12->cpu_based_vm_exec_control,
 
 				vmx->nested.nested_vmx_procbased_ctls_low,
 
 				vmx->nested.nested_vmx_procbased_ctls_high) ||
 
-	    !vmx_control_verify(vmcs12->secondary_vm_exec_control,
 
-				vmx->nested.nested_vmx_secondary_ctls_low,
 
-				vmx->nested.nested_vmx_secondary_ctls_high) ||
 
+	    (nested_cpu_has(vmcs12, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
 
+	     !vmx_control_verify(vmcs12->secondary_vm_exec_control,
 
+				 vmx->nested.nested_vmx_secondary_ctls_low,
 
+				 vmx->nested.nested_vmx_secondary_ctls_high)) ||
 
 	    !vmx_control_verify(vmcs12->pin_based_vm_exec_control,
 
 				vmx->nested.nested_vmx_pinbased_ctls_low,
 
 				vmx->nested.nested_vmx_pinbased_ctls_high) ||