Before this commit, userspace could disable the GUEST_ACTIVITY_HLT bit in VMX_MISC yet KVM would happily accept GUEST_ACTIVITY_HLT activity state in VMCS12. We can fix it by either failing VM entries with HLT activity state when it's not supported or by disallowing clearing this bit. The latter is preferable. If we go with the former, to disable GUEST_ACTIVITY_HLT userspace also has to make CPU_BASED_HLT_EXITING a "must be 1" control, otherwise KVM will be presenting a bogus model to L1. Don't fail writes that disable GUEST_ACTIVITY_HLT to maintain backwards compatibility. Reviewed-by: Liran Alon <liran.alon@xxxxxxxxxx> Reviewed-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> Signed-off-by: Nikita Leshenko <nikita.leshchenko@xxxxxxxxxx> --- arch/x86/kvm/vmx/nested.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 46af3a5e9209..24734946ec75 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1102,6 +1102,14 @@ static int vmx_restore_vmx_misc(struct vcpu_vmx *vmx, u64 data) if (vmx_misc_mseg_revid(data) != vmx_misc_mseg_revid(vmx_misc)) return -EINVAL; + /* + * We always support HLT activity state. In the past it was possible to + * turn HLT bit off (without actually turning off HLT activity state + * support) so we don't fail vmx_restore_vmx_misc if this bit is turned + * off. + */ + data |= VMX_MISC_ACTIVITY_HLT; + vmx->nested.msrs.misc_low = data; vmx->nested.msrs.misc_high = data >> 32; -- 2.20.1
