On Wed, Apr 15, 2020 at 02:30:46PM -0400, Krish Sadhukhan wrote: > Currently, prepare_vmcs02_early() does not check if the "unrestricted guest" > VM-execution control in vmcs12 is turned off and leaves the corresponding > bit on in vmcs02. Due to this setting, vmentry checks which are supposed to > render the nested guest state as invalid when this VM-execution control is > not set, are passing in hardware. > > This patch turns off the "unrestricted guest" VM-execution control in vmcs02 > if vmcs12 has turned it off. > > Suggested-by: Jim Mattson <jmattson@xxxxxxxxxx> > Signed-off-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> > --- > arch/x86/kvm/vmx/nested.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > index cbc9ea2de28f..4fa5f8b51c82 100644 > --- a/arch/x86/kvm/vmx/nested.c > +++ b/arch/x86/kvm/vmx/nested.c > @@ -2224,6 +2224,9 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vmx, struct vmcs12 *vmcs12) > vmcs_write16(GUEST_INTR_STATUS, > vmcs12->guest_intr_status); > > + if (!nested_cpu_has2(vmcs12, SECONDARY_EXEC_UNRESTRICTED_GUEST)) > + exec_control &= ~SECONDARY_EXEC_UNRESTRICTED_GUEST; Has anyone worked through all the flows to verify this won't break any assumptions with respect to enable_unrestricted_guest? I would be (pleasantly) surprised if this was sufficient to run L2 without unrestricted guest when it's enabled for L1, e.g. vmx_set_cr0() looks suspect. > + > secondary_exec_controls_set(vmx, exec_control); > } > > -- > 2.20.1 >
