On 29/02/20 20:30, Oliver Upton wrote:
> KVM emulates UMIP on hardware that doesn't support it by setting the
> 'descriptor table exiting' VM-execution control and performing
> instruction emulation. When running nested, this emulation is broken as
> KVM refuses to emulate L2 instructions by default.
>
> Correct this regression by allowing the emulation of descriptor table
> instructions if L1 hasn't requested 'descriptor table exiting'.
>
> Fixes: 07721feee46b ("KVM: nVMX: Don't emulate instructions in guest mode")
> Reported-by: Jan Kiszka <jan.kiszka@xxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Cc: Jim Mattson <jmattson@xxxxxxxxxx>
> Signed-off-by: Oliver Upton <oupton@xxxxxxxxxx>
> ---
> arch/x86/kvm/vmx/vmx.c | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index 63aaf44edd1f..e718b4c9455f 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -7204,6 +7204,17 @@ static int vmx_check_intercept(struct kvm_vcpu *vcpu,
> case x86_intercept_outs:
> return vmx_check_intercept_io(vcpu, info);
>
> + case x86_intercept_lgdt:
> + case x86_intercept_lidt:
> + case x86_intercept_lldt:
> + case x86_intercept_ltr:
> + case x86_intercept_sgdt:
> + case x86_intercept_sidt:
> + case x86_intercept_sldt:
> + case x86_intercept_str:
> + if (!nested_cpu_has2(vmcs12, SECONDARY_EXEC_DESC))
> + return X86EMUL_CONTINUE;
> +
> /* TODO: check more intercepts... */
> default:
> break;
>
Queued, thanks.
Paolo
