On 31/01/2018 12:12, Radim Krčmář wrote:
> L1 might want to use SECONDARY_EXEC_DESC, so we must not clear the VMCS
> bit if UMIP is not being emulated.
>
> We must still set the bit when emulating UMIP as the feature can be
> passed to L2 where L0 will do the emulation and because L2 can change
> CR4 without a VM exit, we should clear the bit if UMIP is disabled.
>
> Fixes: 0367f205a3b7 ("KVM: vmx: add support for emulating UMIP")
> Signed-off-by: Radim Krčmář <rkrcmar@xxxxxxxxxx>
> ---
> I haven't tested emulated UMIP (yet) nor machines with UMIP, but at
> least kvm-unit-tests don't throw an error anymore.
>
> arch/x86/kvm/vmx.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 438802d0b01d..b1e554a74b34 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -4379,7 +4379,8 @@ static int vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
> vmcs_set_bits(SECONDARY_VM_EXEC_CONTROL,
> SECONDARY_EXEC_DESC);
> hw_cr4 &= ~X86_CR4_UMIP;
> - } else
> + } else if (!is_guest_mode(vcpu) ||
> + !nested_cpu_has2(get_vmcs12(vcpu), SECONDARY_EXEC_DESC))
> vmcs_clear_bits(SECONDARY_VM_EXEC_CONTROL,
> SECONDARY_EXEC_DESC);
>
>
Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
