From 1094e24abaa8390e3862fc2aa512fccc40f6dc02 Mon Sep 17 00:00:00 2001 From: Sean Christopherson Date: Fri, 18 Nov 2022 11:19:44 +0800 Subject: [PATCH] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4() stable inclusion from stable-v5.10.137 commit da7f731f2ed5b4a082567967ce74be274aab2daf category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I60PLB Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=da7f731f2ed5b4a082567967ce74be274aab2daf -------------------------------- [ Upstream commit a447e38a7fadb2e554c3942dda183e55cccd5df0 ] Drop vmx_set_cr4()'s explicit check on the 'nested' module param now that common x86 handles the check by incorporating VMXE into the CR4 reserved bits, via kvm_cpu_caps. X86_FEATURE_VMX is set in kvm_cpu_caps (by vmx_set_cpu_caps()), if and only if 'nested' is true. No functional change intended. Signed-off-by: Sean Christopherson Message-Id: <20201007014417.29276-3-sean.j.christopherson@intel.com> Signed-off-by: Paolo Bonzini Signed-off-by: Sasha Levin Signed-off-by: Zheng Zengkai Reviewed-by: Wei Li --- arch/x86/kvm/vmx/vmx.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 52d88e4f76f8..e862d393535f 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -3259,18 +3259,13 @@ int vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) } } - if (cr4 & X86_CR4_VMXE) { - /* - * To use VMXON (and later other VMX instructions), a guest - * must first be able to turn on cr4.VMXE (see handle_vmon()). - * So basically the check on whether to allow nested VMX - * is here. We operate under the default treatment of SMM, - * so VMX cannot be enabled under SMM. Note, guest CPUID is - * intentionally ignored, it's handled by cr4_guest_rsvd_bits. - */ - if (!nested || is_smm(vcpu)) - return 1; - } + /* + * We operate under the default treatment of SMM, so VMX cannot be + * enabled under SMM. Note, whether or not VMXE is allowed at all is + * handled by kvm_valid_cr4(). + */ + if ((cr4 & X86_CR4_VMXE) && is_smm(vcpu)) + return 1; if (vmx->nested.vmxon && !nested_cr4_valid(vcpu, cr4)) return 1; -- GitLab