• S
    KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) · 20ba1423
    Singh, Brijesh 提交于
    commit 05d5a48635259e621ea26d01e8316c6feeb34190 upstream.
    
    Errata#1096:
    
    On a nested data page fault when CR.SMAP=1 and the guest data read
    generates a SMAP violation, GuestInstrBytes field of the VMCB on a
    VMEXIT will incorrectly return 0h instead the correct guest
    instruction bytes .
    
    Recommend Workaround:
    
    To determine what instruction the guest was executing the hypervisor
    will have to decode the instruction at the instruction pointer.
    
    The recommended workaround can not be implemented for the SEV
    guest because guest memory is encrypted with the guest specific key,
    and instruction decoder will not be able to decode the instruction
    bytes. If we hit this errata in the SEV guest then log the message
    and request a guest shutdown.
    Reported-by: NVenkatesh Srinivas <venkateshs@google.com>
    Cc: Jim Mattson <jmattson@google.com>
    Cc: Tom Lendacky <thomas.lendacky@amd.com>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Joerg Roedel <joro@8bytes.org>
    Cc: "Radim Krčmář" <rkrcmar@redhat.com>
    Cc: Paolo Bonzini <pbonzini@redhat.com>
    Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
    Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
    Signed-off-by: NWANG Siyuan <Siyuan.Wang@amd.com>
    Acked-by: NCaspar Zhang <caspar@linux.alibaba.com>
    20ba1423
vmx.c 410.2 KB