On 02/04/19 17:19, Sean Christopherson wrote: > KVM currently doesn't prevent the guest from setting EFER bits that > should be reserved based on the guest's CPUID model. For example, a > 64-bit guest kernel can set EFER.LME and enter long mode even if userspace > reports X86_FEATURE_LM=0 for its guest. > > Sean Christopherson (2): > KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes > KVM: x86: Inject #GP if guest attempts to set unsupported EFER bits > > arch/x86/kvm/x86.c | 44 +++++++++++++++++++++++++++++++------------- > 1 file changed, 31 insertions(+), 13 deletions(-) > Queued, thanks. Paolo
