KVM: nVMX: preserve SECONDARY_EXEC_DESC without UMIP

L1 might want to use SECONDARY_EXEC_DESC, so we must not clear the VMCS bit if UMIP is not being emulated. We must still set the bit when emulating UMIP as the feature can be passed to L2 where L0 will do the emulation and because L2 can change CR4 without a VM exit, we should clear the bit if UMIP is disabled. Fixes: 0367f205 ("KVM: vmx: add support for emulating UMIP") Reviewed-by: N Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: N Radim Krčmář <rkrcmar@redhat.com>

KVM: nVMX: preserve SECONDARY_EXEC_DESC without UMIP
L1 might want to use SECONDARY_EXEC_DESC, so we must not clear the VMCS bit if UMIP is not being emulated. We must still set the bit when emulating UMIP as the feature can be passed to L2 where L0 will do the emulation and because L2 can change CR4 without a VM exit, we should clear the bit if UMIP is disabled. Fixes: 0367f205 ("KVM: vmx: add support for emulating UMIP") Reviewed-by: N Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: N Radim Krčmář <rkrcmar@redhat.com>
99158246 · Radim Krčmář · Paolo Bonzini · 0b2e9904 · 99158246
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

arch/x86/kvm/vmx.c arch/x86/kvm/vmx.c +2 -1

未找到文件。
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -4485,7 +4485,8 @@ static int vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 		vmcs_set_bits(SECONDARY_VM_EXEC_CONTROL,
 			      SECONDARY_EXEC_DESC);
 		hw_cr4 &= ~X86_CR4_UMIP;
-	} else
+	} else if (!is_guest_mode(vcpu) ||
+	           !nested_cpu_has2(get_vmcs12(vcpu), SECONDARY_EXEC_DESC))
 		vmcs_clear_bits(SECONDARY_VM_EXEC_CONTROL,
 				SECONDARY_EXEC_DESC);