2018-06-20 17:21-0700, Marc Orr:
> This patch extends the checks done prior to a nested VM entry.
> Specifically, it extends the check_vmentry_prereqs function with checks
> for fields relevant to the VM-entry event injection information, as
> described in the Intel SDM, volume 3.
>
> This patch is motivated by a syzkaller bug, where a bad VM-entry
> interruption information field is generated in the VMCS02, which causes
> the nested VM launch to fail. Then, KVM fails to resume L1.
>
> While KVM should be improved to correctly resume L1 execution after a
> failed nested launch, this change is justified because the existing code
> to resume L1 is flaky/ad-hoc and the test coverage for resuming L1 is
> sparse.
>
> Reported-by: syzbot <syzkaller@xxxxxxxxxxxxxxxx>
> Signed-off-by: Marc Orr <marcorr@xxxxxxxxxx>
> ---
> diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
> @@ -110,6 +110,19 @@ static inline bool is_la57_mode(struct kvm_vcpu *vcpu)
> #endif
> }
>
> +/*
> + * vector: x86 exception number; often called nr
> + * protected_mode: true if !unrestricted-guest || protected mode
> + */
The protected_mode is a leftover from v3 and I think that the meaning of
"vector" is obvious from "x86_exception..." function name, so I have
removed the whole comment while applying, thanks.
> +static inline bool x86_exception_has_error_code(unsigned int vector)
> +{
> + static u32 exception_has_error_code = BIT(DF_VECTOR) | BIT(TS_VECTOR) |
> + BIT(NP_VECTOR) | BIT(SS_VECTOR) | BIT(GP_VECTOR) |
> + BIT(PF_VECTOR) | BIT(AC_VECTOR);
> +
> + return (1U << vector) & exception_has_error_code;
> +}
> +
> static inline bool mmu_is_nested(struct kvm_vcpu *vcpu)
> {
> return vcpu->arch.walk_mmu == &vcpu->arch.nested_mmu;
> --
> 2.18.0.rc1.244.gcf134e6275-goog
>
