> On Fri, Nov 11, 2016 at 12:54 PM, Nadav Amit <nadav.amit@xxxxxxxxx> wrote:
> >
> >> On Nov 10, 2016, at 3:40 PM, Kyle Huey <me@xxxxxxxxxxxx> wrote:
> >>
> >> Hardware support for faulting on the cpuid instruction is not required to
> >> emulate it, because cpuid triggers a VM exit anyways. KVM handles the
> >> relevant
> >> MSRs (MSR_PLATFORM_INFO and MSR_MISC_FEATURES_ENABLE) and upon a
> >> cpuid-induced VM exit checks the cpuid faulting state and the CPL.
> >> kvm_require_cpl is even kind enough to inject the GP fault for us.
> >
> > I think that for consistency you should also revise em_cpuid() of KVM
> > instruction emulator. Otherwise it may be a potential security
> > hazard (as far fetched as it currently seems).
>
> Hmm, ok. Do you know how I can test this code path?
Try this patch (untested!)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 5382b82462fc..06d940a7c9fa 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -5868,8 +5868,7 @@ static void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val)
static int handle_cpuid(struct kvm_vcpu *vcpu)
{
- kvm_emulate_cpuid(vcpu);
- return 1;
+ return emulate_instruction(vcpu, 0) == EMULATE_DONE;
}
static int handle_rdmsr(struct kvm_vcpu *vcpu)
Paolo
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
