On 07/07/19 09:11, Krish Sadhukhan wrote:
> + struct vmcs12 *vmcs12)
> +{
> + struct vcpu_vmx *vmx = to_vmx(vcpu);
> +
> + if ((vmx->nested.dirty_vmcs12) &&
> + nested_vmx_check_host_state_full(vcpu, vmcs12))
> + return -EINVAL;
> +
> + if (!nested_host_cr0_valid(vcpu, vmcs12->host_cr0))
> + return -EINVAL;
> +
> + if (is_noncanonical_address(vmcs12->host_ia32_sysenter_esp, vcpu))
> + return -EINVAL;
These two are not part of the shadowed state, so they can be done only
in the "rare" case.
> + if (vmcs12->host_fs_selector & (SEGMENT_RPL_MASK | SEGMENT_TI_MASK) ||
> + vmcs12->host_gs_selector & (SEGMENT_RPL_MASK | SEGMENT_TI_MASK))
> + return -EINVAL;
> +
> +#ifdef CONFIG_X86_64
> + if (is_noncanonical_address(vmcs12->host_fs_base, vcpu) ||
> + is_noncanonical_address(vmcs12->host_gs_base, vcpu) ||
> + is_noncanonical_address(vmcs12->host_gdtr_base, vcpu) ||
> + is_noncanonical_address(vmcs12->host_tr_base, vcpu))
> + return -EINVAL;
> +#endif
Same for host GDTR and TR base.
Paolo
