On Tue, Aug 20, 2019 at 12:46:49AM +0300, Nikita Leshenko wrote: > Before this commit, userspace could disable the GUEST_ACTIVITY_HLT bit in > VMX_MISC yet KVM would happily accept GUEST_ACTIVITY_HLT activity state in > VMCS12. We can fix it by either failing VM entries with HLT activity state when > it's not supported or by disallowing clearing this bit. > > The latter is preferable. If we go with the former, to disable > GUEST_ACTIVITY_HLT userspace also has to make CPU_BASED_HLT_EXITING a "must be > 1" control, otherwise KVM will be presenting a bogus model to L1. > > Don't fail writes that disable GUEST_ACTIVITY_HLT to maintain backwards > compatibility. Paolo, do we actually need to maintain backwards compatibility in this case? This seems like a good candidate for "fix the bug and see who yells". > Reviewed-by: Liran Alon <liran.alon@xxxxxxxxxx> > Reviewed-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> > Signed-off-by: Nikita Leshenko <nikita.leshchenko@xxxxxxxxxx> > --- > arch/x86/kvm/vmx/nested.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > index 46af3a5e9209..24734946ec75 100644 > --- a/arch/x86/kvm/vmx/nested.c > +++ b/arch/x86/kvm/vmx/nested.c > @@ -1102,6 +1102,14 @@ static int vmx_restore_vmx_misc(struct vcpu_vmx *vmx, u64 data) > if (vmx_misc_mseg_revid(data) != vmx_misc_mseg_revid(vmx_misc)) > return -EINVAL; > > + /* > + * We always support HLT activity state. In the past it was possible to > + * turn HLT bit off (without actually turning off HLT activity state > + * support) so we don't fail vmx_restore_vmx_misc if this bit is turned > + * off. > + */ > + data |= VMX_MISC_ACTIVITY_HLT; > + > vmx->nested.msrs.misc_low = data; > vmx->nested.msrs.misc_high = data >> 32; > > -- > 2.20.1 >
